aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* test/open-uri: regenerate test certificatestopic/openssl-110Kazuki Yamaguchi2016-06-061-80/+76
| | | | | | The current CA certificate is created with basicConstraints=CA:FALSE but it is no longer allowed in OpenSSL 1.1.0. So recreate the CA (and server certificate).
* test/openssl: DSA256 is prohibited with security_level=1Kazuki Yamaguchi2016-06-061-1/+16
|
* ext/openssl: ENGINE.cleanup is no-op in OpenSSL 1.1.0Kazuki Yamaguchi2016-06-062-48/+68
| | | | | Add note to the documentation, and fix tests which rely on Engine.cleanup. Test cases are now run in separate process.
* ext/openssl: remove SHA, DSS, DSS1 if using OpenSSL 1.1.0Kazuki Yamaguchi2016-06-066-9/+13
|
* ext/openssl: add SSLContext#security_level, #security_level=Kazuki Yamaguchi2016-06-065-0/+88
| | | | | | | | OpenSSL 1.1.0 introduced "security level" and these methods deal with it. This patch includes many test changes: setting the level to 0. The default security level is 1 and this prohibits aNULL ciphers.
* openssl: adjust tests for changes in OpenSSLKazuki Yamaguchi2016-06-063-10/+7
| | | | | | | | | | | | | | | | | * test/openssl/test_x509name.rb: Don't register OID for 'emailAddress' and 'serialNumber'. A recent change in OpenSSL made OBJ_create() reject an already existing OID. They were necessary to run tests with OpenSSL 0.9.6 which is now unsupported. https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=52832e470f5fe8c222249ae5b539aeb3c74cdb25 [ruby-core:75225] [Feature #12324] * test/openssl/test_ssl_session.rb (test_server_session): Duplicate SSL::Session before re-adding to the SSL context's session store with SSL::SSLContext#session_add. https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=7c2d4fee2547650102cd16d23f8125b76112ae75 * test/openssl/test_pkey_ec.rb (setup): Remove X25519 from @keys. X25519 is for key agreement and not suitable for signing.
* openssl: avoid deprecated version specific SSL_METHODsKazuki Yamaguchi2016-06-062-35/+42
| | | | | | | | | | | * ext/openssl/extconf.rb: Check for SSL_CTX_set_min_proto_version() macro added in OpenSSL 1.1.0. Version specific methods, like TLSv1_method(), are now deprecated in OpenSSL 1.1.0. We need to use TLS_method() (is the new name of SSLv23_method()) and disable other protocol versions as necessary. * ext/openssl/ossl_ssl.c: Use SSL_CTX_set_{min,max}_proto_version(). By the way, it may be good to expose them to Ruby.
* openssl: fix compile on VCrhe2016-06-062-0/+7
| | | | | | | * ext/openssl/openssl_missing.h: Include ruby/config.h. r55285 added some inline functions but VC does not recognize 'inline' keyword. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55291 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Thread.report_on_exceptionnobu2016-06-066-1/+198
| | | | | | | * thread.c (thread_start_func_2): report raised exception if report_on_exception flag is set. [Feature #6647] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55290 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: use SSL_is_server()rhe2016-06-054-7/+29
| | | | | | | | | | | | | | | | | * ext/openssl/extconf.rb: Check existence of SSL_is_server(). This function was introduced in OpenSSL 1.0.2. [ruby-core:75225] [Feature #12324] * ext/openssl/openssl_missing.h: Implement SSL_is_server() if missing. * ext/openssl/ossl_ssl.c (ssl_info_cb): Use SSL_is_server() to see if the SSL is server. The state machine in OpenSSL was rewritten and SSL_get_state() no longer returns SSL_ST_ACCEPT. (ossl_ssl_cipher_to_ary, ossl_sslctx_session_get_cb): Add some `const`s to suppress warning. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55289 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: avoid d2i_ASN1_BOOLEAN()rhe2016-06-052-6/+14
| | | | | | | | | * ext/openssl/ossl_asn1.c (decode_bool): Do the same thing as d2i_ASN1_BOOLEAN() does by ourselves. This function is removed in OpenSSL 1.1.0. [ruby-core:75225] [Feature #12324] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55288 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: adapt to OpenSSL 1.1.0 opaque structsrhe2016-06-0523-170/+456
| | | | | | | | | | | | | | | * ext/openssl/extconf.rb: Check existence of accessor functions that don't exist in OpenSSL 0.9.8. OpenSSL 1.1.0 made most of its structures opaque and requires use of these accessor functions. [ruby-core:75225] [Feature #12324] * ext/openssl/openssl_missing.[ch]: Implement them if missing. * ext/openssl/ossl*.c: Use these accessor functions. * test/openssl/test_hmac.rb: Add missing test for HMAC#reset. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55287 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * 2016-06-06svn2016-06-051-1/+1
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55286 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: adapt OpenSSL::PKey to OpenSSL 1.1.0 opaque structsrhe2016-06-0514-233/+447
| | | | | | | | | | | | | | | | | | | | | | | | | | * ext/openssl/openssl_missing.[ch]: Implement EVP_PKEY_get0_*() and {RSA,DSA,EC_KEY,DH}_get0_*() functions. OpenSSL 1.1.0 makes EVP_PKEY/RSA/DSA/DH opaque. We used to provide setter methods for each parameter of each PKey type, for example PKey::RSA#e=, but this is no longer possible because the new API RSA_set0_key() requires the 'n' at the same time. This commit adds deprecation warning to them and adds PKey::*#set_* methods as direct wrapper for those new APIs. For example, 'rsa.e = 3' now needs to be rewritten as 'rsa.set_key(rsa.n, 3, rsa.d)'. [ruby-core:75225] [Feature #12324] * ext/openssl/ossl_pkey*.[ch]: Use the new accessor functions. Implement RSA#set_{key,factors,crt_params}, DSA#set_{key,pqg}, DH#set_{key,pqg}. Emit a warning with rb_warning() when old setter methods are used. * test/drb/ut_array_drbssl.rb, test/drb/ut_drb_drbssl.rb, test/rubygems/test_gem_remote_fetcher.rb: Don't set a priv_key for DH object that are used in tmp_dh_callback. Generating a new key pair every time should be fine - actually the private exponent is ignored in OpenSSL >= 1.0.2f/1.0.1r even if we explicitly set. https://www.openssl.org/news/secadv/20160128.txt git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55285 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* configure.in: Fix the timing to detect the appropriate C++ compiler in OS Xmrkn2016-06-052-10/+18
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55284 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: support OpenSSL 1.1.0's new multi-threading APIrhe2016-06-059-12/+73
| | | | | | | | | | | | | | | | | | | | | | | * ext/openssl/extconf.rb: Check absence of CRYPTO_lock() to see if the OpenSSL has the new threading API. In OpenSSL <= 1.0.2, an application had to set locking callbacks to use OpenSSL in a multi-threaded environment. OpenSSL 1.1.0 now finds pthreads or Windows threads so we don't need to do something special. [ruby-core:75225] [Feature #12324] Also check existence of *_up_ref(). Some structures in OpenSSL have a reference counter. We used to increment it with CRYPTO_add() which is a part of the old API. * ext/openssl/openssl_missing.h: Implement *_up_ref() if missing. * ext/openssl/ossl.c: Don't set locking callbacks if unneeded. * ext/openssl/ossl_pkey.c, ext/openssl/ossl_ssl.c, ext/openssl/ossl_x509cert.c, ext/openssl/ossl_x509crl.c, ext/openssl/ossl_x509store.c: Use *_up_ref() instead of CRYPTO_add(). git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55283 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: check existence of RAND_pseudo_bytes()rhe2016-06-054-1/+19
| | | | | | | | | | | | | | * ext/openssl/extconf.rb: Check if RAND_pseudo_bytes() is usable. It is marked as deprecated in OpenSSL 1.1.0. [ruby-core:75225] [Feature #12324] * ext/openssl/ossl_rand.c: Disable Random.pseudo_bytes if RAND_pseudo_bytes() is unavailable. * test/openssl/test_random.rb: Don't test Random.pseudo_bytes if not defined. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55282 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * NEWS: Add news about Unicode-wide case mapping forduerst2016-06-052-0/+22
| | | | | | | String/Symbol#upcase/downcase/swapcase/capitalize(!). git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55281 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* optparse.rb: fix quote [ci skip]nobu2016-06-051-1/+1
| | | | | | * lib/optparse.rb (getopts): [DOC] fix missing quote. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55280 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * test/ruby/enc/test_case_comprehensive.rb:duerst2016-06-052-3/+8
| | | | | | | Remove :lithuanian guard for Unicode case mapping. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55279 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * 2016-06-05svn2016-06-051-1/+1
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55278 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c: Remove :lithuanian guard for Unicode case mapping.duerst2016-06-052-17/+25
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55277 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* gmake.mk: update timestamp of des_tables.cnobu2016-06-041-1/+2
| | | | | | | * defs/gmake.mk (missing/des_tables.c): always update the timestamp unless make_des_table failed. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55276 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* gmake.mk: des_tables.c conditionnobu2016-06-041-3/+4
| | | | | | | * defs/gmake.mk (missing/des_tables.c): fix cross compiling condition. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55275 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* des_tables.c: generation rulenobu2016-06-044-12/+28
| | | | | | | | | | * defs/gmake.mk (missing/des_tables.c): move the recipe from common.mk. this is less common. * missing/crypt.c (init_des): if des_tables.c is empty, initialize DES tables at runtime. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55274 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: avoid deprecated BN_*prime* functionsrhe2016-06-041-9/+15
| | | | | | | | | | * ext/openssl/ossl_bn.c (ossl_bn_s_generate_prime, ossl_bn_is_prime, ossl_bn_is_prime_fasttest): Avoid deprecated BN_generate_prime(), BN_is_prime{,_fasttest}(). They are deprecated because they expect an old style callback function (we don't use it here). They can be simply replaced by _ex suffixed functions. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55273 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* crypt.h: remove initializednobu2016-06-046-16/+38
| | | | | | | | | | | | * missing/crypt.h (struct crypt_data): remove unnecessary member "initialized". * missing/crypt.c (des_setkey_r): nothing to be initialized in crypt_data. * configure.in (struct crypt_data): check for "initialized" in struct crypt_data, which may be only in glibc, and isn't on AIX at least. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55272 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * 2016-06-04svn2016-06-041-1/+1
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55271 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* win32.c: use PATH_MAXnobu2016-06-042-18/+28
| | | | | | | | * win32/win32.c: unify MAX_PATH, _MAX_PATH, and MAXPATHLEN to PATH_MAX, except for MAX_PATH in get_special_folder for an API limit. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55270 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* win32.c: fail before getting ITEMIDLISTnobu2016-06-031-1/+2
| | | | | | | | * win32/win32.c (get_special_folder): fail before getting ITEMIDLIST if the buffer is less than 260 word which SHGetPathFromIDListW requires. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55269 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ruby.c: refix r55260nobu2016-06-032-1/+10
| | | | | | | | | * ruby.c (process_options): rb_str_conv_enc() never set encoding of the source string, but returns the string itself if the conversion failed. then the instance variable does not need to be set again. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55268 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ruby.c (process_options): need to duplicate path before passing it tousa2016-06-032-1/+7
| | | | | | | | rb_str_conv_enc() because the function might call rb_enc_associate() internally. this fixes test failures on Windows introduced at r55260. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55267 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * win32/win32.c (get_special_folder): typo.usa2016-06-031-1/+1
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55266 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* mkmf.rb: sort lists of source and object filesnobu2016-06-032-3/+13
| | | | | | | | | | | | | | * lib/mkmf.rb (create_makefile): sort lists of source and object files in generated Makefile, unless given by extconf.rb. [Fix GH-1367] Without sorting the list of object files explicitely, its order is indeterministic, because readdir() is also not deterministic. When the list of object files varies between builds, they are linked in a different order, which results in an unreproducible build. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55265 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * 2016-06-03svn2016-06-021-1/+1
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55264 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* dln_find.c: MAXPATHLEN is not used alreadynobu2016-06-021-7/+0
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55263 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* etc.c: retry with allocated string buffernobu2016-06-021-0/+6
| | | | | | | * ext/etc/etc.c (etc_systmpdir): retry with allocated string buffer if static buffer size is not enough. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55262 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* win32.c: use SHGetPathFromIDListExnobu2016-06-022-6/+26
| | | | | | | | * win32/win32.c (get_special_folder): use SHGetPathFromIDListEx if available instead of old SHGetPathFromIDListW, to check the buffer size. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55261 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ruby.c: no MAXPATHLEN for loadpathnobu2016-06-022-6/+40
| | | | | | | * ruby.c (ruby_init_loadpath_safe): remove MAXPATHLEN restriction for Windows 10. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55260 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ruby-mode.el: squiggly heredocnobu2016-06-022-4/+10
| | | | | | | | * misc/ruby-mode.el (ruby-here-doc-beg-re), (ruby-here-doc-beg-match, ruby-parse-partial): Support for `squiggly heredoc' syntax in ruby-mode. [Fix GH-1372] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55259 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* common.mk: des_tables.cnobu2016-06-021-2/+10
| | | | | | * common.mk (missing-srcs): add rule for missing/des_tables.c. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55258 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* crypt.c: suppress warningsnobu2016-06-022-262/+262
| | | | | | | * missing/crypt.c (SPE): make unsigned so that literal integers do not exceed 32bit signed integer limit. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55257 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* crypt.c: fix syntax error on mswinnobu2016-06-021-1/+1
| | | | | | | * missing/crypt.c (constdatablock): fix error on mswin. Visual C does not accept an empty initializer. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55256 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * 2016-06-02svn2016-06-021-1/+1
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55255 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ruby.h: reduce repeated calcuationsnobu2016-06-021-3/+8
| | | | | | | | | * include/ruby/ruby.h (rb_scan_args_{hash,block}_idx): reduce repeated index calcuations. * include/ruby/ruby.h (rb_scan_args_end_idx): unused right now. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55254 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c: Raise ArgumentError when invalid string is detected induerst2016-06-025-9/+46
| | | | | | | | | | | case mapping methods. * enc/unicode.c: Check for invalid string and signal with negative length value. * test/ruby/enc/test_case_mapping.rb: Add tests for above. * test/ruby/test_m17n_comb.rb: Add a message to clarify test failure. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55253 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ossl_asn1.c: check overflownobu2016-06-011-2/+3
| | | | | | | * ext/openssl/ossl_asn1.c (ossl_time_split): check overflow and reorder for optimization. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55252 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* crypt.c: unused functionsnobu2016-06-011-1/+9
| | | | | | | * missing/crypt.c: suppress unused non-reentrant functions, by macro USE_NONREENTRANT_CRYPT. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55251 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* string.c: fallback to crypt_rnobu2016-06-011-2/+5
| | | | | | | * string.c: prefer crypt_r to crypt iff system crypt nor crypt_r are not provided. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55250 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: fix the Year 2038 problemrhe2016-06-019-27/+97
| | | | | | | | | | | | | | | | | | | | | | | | | | | r55219 didn't fix the entire issue. It only fixed the issue on environment with sizeof(time_t) == 8 && sizeof(long) == 4. * ext/openssl/extconf.rb: Check existence of ASN1_TIME_adj(). The old ASN1_TIME_set() is not Year 2038 ready on sizeof(time_t) == 4 environment. This function was added in OpenSSL 1.0.0. [ruby-core:45552] [Bug #6571] * ext/openssl/ossl_asn1.c (ossl_time_split): Added. Split the argument (Time) into the number of days elapsed since the epoch and the remainder seconds to conform to ASN1_TIME_adj(). (obj_to_asn1utime, obj_to_asn1gtime): Use ossl_time_split() and ASN1_*TIME_adj(). * ext/openssl/ossl_asn1.h: Add the function prototype for ossl_time_split(). * ext/openssl/ossl_x509.[ch]: Add ossl_x509_time_adjust(). Similarly to obj_to_asn1*time(), use X509_time_adj_ex() instead of X509_time_adj(). * ext/openssl/ossl_x509cert.c, ext/openssl/ossl_x509crl.c, ext/openssl/ossl_x509revoked.c: Use ossl_x509_time_adjust(). git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55249 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-25 16:50:49 +0000