aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* test/openssl: fix test_server_session to dup the sessionKazuki Yamaguchi2016-04-271-4/+4
| | | | | SSL_CTX_remove_session() sets not_resumable to the deleted session and OpenSSL 1.1.0 denies to resume a SSL_SESSION with not_resumable != 0.
* ext/openssl: avoid SEGV on Cipher.new("ChaCha20-Poly1305")Kazuki Yamaguchi2016-04-271-9/+13
| | | | | | | | A temporary workaround. EVP_CipherInit_ex() allows to specify NULL to key and/or iv, however when we use ChaCha20-Poly1305 and set only key (this case), it does memcpy(x, NULL, y) and this causes a segmentation fault.
* test/openssl: X25519 doesn't support signingKazuki Yamaguchi2016-04-271-1/+3
|
* test/openssl: DSA256 is prohibited with security_level=1Kazuki Yamaguchi2016-04-271-1/+16
|
* ext/openssl: remove SHA, DSS, DSS1 if using OpenSSL 1.1.0Kazuki Yamaguchi2016-04-277-9/+14
|
* ext/openssl: use SSL_is_server() to check if the SSL is server or notKazuki Yamaguchi2016-04-273-3/+7
| | | | | The state returned by SSL_get_state() doesn't become SSL_ST_ACCEPT anymore in OpenSSL 1.1.0.
* ext/openssl: add SSLContext#set_ecdh_curvesKazuki Yamaguchi2016-04-276-31/+172
| | | | | | | | | | And deprecate #tmp_ecdh_callback. Since SSL_CTX_set_tmp_ecdh_callback() was removed in OpenSSL 1.1.0, we can't provide SSLContext#tmp_ecdh_callback anymore. Instead, we should use SSL_CTX_set1_curves_list() to set the curves and SSL_CTX_set_ecdh_auto() to make OpenSSL select automatically from the list.
* ext/openssl: fix some compiler warnings on ossl_ssl.cKazuki Yamaguchi2016-04-271-5/+8
|
* ext/openssl: add SSLContext#security_level, #security_level=Kazuki Yamaguchi2016-04-275-0/+78
| | | | | | | | OpenSSL 1.1.0 introduced "security level" and these methods deal with it. This patch includes many test changes: setting the level to 0. The default security level is 1 and this prohibits aNULL ciphers.
* ext/openssl: make ENGINE.cleanup no-op if using OpenSSL 1.1.0Kazuki Yamaguchi2016-04-273-48/+72
|
* ext/openssl: use SSL_CTX_get_ciphers()Kazuki Yamaguchi2016-04-273-1/+6
|
* ext/openssl: avoid using deprecated protocol version specific methods.Kazuki Yamaguchi2016-04-272-35/+43
| | | | | They emit warnings with OpenSSL 1.1.0. Instead use SSL_CTX_set_{min,max}_proto_version().
* ext/openssl: EVP_PKEY, DH, DSA, RSA, EC_KEY are made opaqueKazuki Yamaguchi2016-04-2713-158/+400
| | | | | | | | | | | | | | | | | | | | Use EVP_PKEY_get0_* instead of pkey->pkey.* Use EVP_PKEY_base_id(pkey) instead of EVP_PKEY_type(pkey->type) Because of this, we can no longer set the parameters/keys directly, and the newly added functions as alternative require setting all relevant values at the same time. So this patch contains incompatibility: the following code no longer works (if using 1.1.0): dh = OpenSSL::PKey::DH.new(...) dh.priv_key = OpenSSL::BN.new(...) ...and we have to write like: dh = OpenSSL::PKey::DH.new(...) priv = OpenSSL::BN.new(...) pub = <calculate (dh.g ** priv) % dh.p> dh.set_key(pub, priv)
* ext/openssl: use EVP_MD_CTX_new() to allocate EVP_MD_CTXKazuki Yamaguchi2016-04-273-12/+25
|
* ext/openssl: use X509_STORE_CTX_get0_store() instead of store_ctx->ctxKazuki Yamaguchi2016-04-273-3/+8
|
* ext/openssl: fix (mainly) opaque related compilation of ossl_x509*.cKazuki Yamaguchi2016-04-2711-63/+173
| | | | | | | | | | | | | Fix following files: - ossl_x509attr.c - ossl_x509cert.c - ossl_x509store.c - ossl_x509name.c - ossl_x509req.c - ossl_x509crl.c - ossl_x509revoked.c - ossl_x509ext.c
* ext/openssl: use *_up_ref() functionsKazuki Yamaguchi2016-04-277-10/+45
|
* ext/openssl: support new threading API of OpenSSL 1.1.0Kazuki Yamaguchi2016-04-272-0/+5
| | | | Setting locking callbacks is no longer needed.
* ext/openssl: SSL_SESSION is made opaqueKazuki Yamaguchi2016-04-272-4/+14
|
* ext/openssl: the return type of HMAC_CTX_copy() is intKazuki Yamaguchi2016-04-272-3/+4
|
* ext/openssl: BIGNUM and BN_GENCB is made opaqueKazuki Yamaguchi2016-04-277-23/+47
|
* ext/openssl: OCSP_SINGLERESP and OCSP_CERTID are also made opaqueKazuki Yamaguchi2016-04-273-4/+11
|
* ext/openssl: use HMAC_CTX_{new,free,reset} to allocate HMAC_CTXKazuki Yamaguchi2016-04-274-52/+107
| | | | HMAC_CTX is made opaque in OpenSSL 1.1.0
* ext/openssl: use EVP_CIPHER_CTX_{new,free} to allocate EVP_CIPHER_CTXKazuki Yamaguchi2016-04-274-22/+51
| | | | EVP_CIPHER_CTX was made opaque in OpenSSL 1.1.0
* ext/openssl: d2i_ASN1_BOOLEAN is removedKazuki Yamaguchi2016-04-271-6/+7
|
* ext/openssl: disable OpenSSL::Random.pseudo_bytes if deprecatedKazuki Yamaguchi2016-04-272-0/+5
|
* ext/openssl: avoid deprecated BN primes functionsKazuki Yamaguchi2016-04-271-3/+3
| | | | | BN_generate_prime(), BN_is_prime(), BN_is_prime_fasttest() is deprecated and the replacements are available on all versions of OpenSSL >= 0.9.8.
* ext/openssl: simplify extconf.rbKazuki Yamaguchi2016-04-272-54/+34
|
* ext/openssl: include openssl/asn1.h instead of openssl/asn1_mac.hKazuki Yamaguchi2016-04-271-1/+1
|
* ext/openssl: drop support for OPENSSL_NO_HMACKazuki Yamaguchi2016-04-272-16/+1
| | | | | | It has not been actually supported: since ossl.h includes openssl/hmac.h without any guards, it wouldn't compile if OPENSSL_NO_HMAC is enabled.
* ext/openssl: drop support for OpenSSL 0.9.6/0.9.7Kazuki Yamaguchi2016-04-2725-810/+120
| | | | | | | | | The last release of OpenSSL 0.9.7 series was over 9 years ago (!) and even 0.9.8/1.0.0 are no longer supported (EOL was 2015-12-31). It actually doesn't compile since r40461 (ext/openssl/ossl_bn.c (ossl_bn_initialize): allow Fixnum and Bignum. [ruby-core:53986] [Feature #8217], 2013-04-25, 2.1.0) and it looks like nobody noticed it.
* ext/openssl: always use our implementation of SSL_SESSION_cmp()Kazuki Yamaguchi2016-04-274-5/+26
| | | | | | | | | Implement CRYPTO_memcmp() if it is not available. Always use our SSL_SESSION_cmp() (renamed to ossl_SSL_SESSION_cmp()). SSL_SESSION_cmp() was removed in OpenSSL 1.0.0 and we have used a reimplemented one. However our implementation is better than the original (it uses CRYPTO_memcmp() instead of plain memcmp).
* ext/openssl: check if SSL_CTX_clear_options() is availableKazuki Yamaguchi2016-04-272-0/+6
| | | | | | | Fix build with very very old versions of OpenSSL. SSL_CTX_clear_options() is new in OpenSSL 0.9.8m but some Linux distributions still uses 0.9.8e.
* [Doc] Add Document-method: directives.akr2016-04-271-0/+24
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54798 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Update rdoc of Integer#[] (fix -> int)kazu2016-04-271-2/+2
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54797 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* [DOC] move rdoc comments.akr2016-04-271-137/+151
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54796 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* {Fixnum,Bignum}#[] is unified into Integer.akr2016-04-274-40/+44
| | | | | | | | | | | | | * numeric.c (int_aref): {Fixnum,Bignum}#[] is unified into Integer. * bignum.c (rb_big_aref): Don't define Bignum#<<. * internal.h (rb_big_aref): Declared. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54795 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * tool/instruction.rb: fix to follow current implementation.naruse2016-04-272-10/+21
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54794 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* setdynamic is obsoletednaruse2016-04-271-2/+0
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54793 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* stringio.c: warn block for newnobu2016-04-273-0/+25
| | | | | | | * ext/stringio/stringio.c (strio_s_new): warn if a block is given, as well as IO.new. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54792 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* internal.h: ONLY_FOR_INTERNAL_USEnobu2016-04-276-9/+22
| | | | | | | | * error.c (ruby_only_for_internal_use): raise fatal error when deprecated function only for internal use is called, not just a warning. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54791 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* internal.h: adjust stylenobu2016-04-271-3/+6
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54790 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * 2016-04-27svn2016-04-261-1/+1
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54789 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* fix typos [ci skip]kazu2016-04-263-3/+3
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54788 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * tool/redmine-backporter.rb (rel): should not raise exceptions even ifusa2016-04-262-1/+6
| | | | | | | the user input is wrong. only reports the error and continue process. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54787 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Fix -e script encodingnobu2016-04-263-2/+53
| | | | | | | | * ruby.c (process_options): convert -e script to the encoding given by a command line option on Windows. assume it is the expected encoding. [ruby-dev:49461] [Bug #11900] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54785 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* [DOC] update Integer#<< doc.akr2016-04-262-9/+2
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54783 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* {Fixnum,Bignum}#<< is unified into Integer.akr2016-04-263-9/+29
| | | | | | | | | | | | | * numeric.c (rb_int_lshift): {Fixnum,Bignum}#<< is unified into Integer. * bignum.c (rb_big_lshift): Don't define Bignum#<<. * internal.h (rb_big_lshift): Declared. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54782 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* {Fixnum,Bignum}#>> is unified into Integer.akr2016-04-263-17/+29
| | | | | | | | | | | | | * numeric.c (rb_int_rshift): {Fixnum,Bignum}#>> is unified into Integer. * bignum.c (rb_big_rshift): Don't define Bignum#>>. * internal.h (rb_big_rshift): Declared. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54781 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* {Fixnum,Bignum}#size is unified into Integer.akr2016-04-264-18/+29
| | | | | | | | | | | | * numeric.c (int_size): {Fixnum,Bignum}#size is unified into Integer. * bignum.c (rb_big_size_m): Don't define Bignum#size. * internal.h (rb_big_size_m): Declared. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54780 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-02 14:05:17 +0000