aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Drop optional commit hash when updatedNobuyoshi Nakada2021-07-211-1/+7
|
* Look up ruby_digit36_to_number_tableNobuyoshi Nakada2021-07-211-7/+4
| | | | Instead of scanning ruby_hexdigits.
* * 2021-07-21 [ci skip]git2021-07-211-1/+1
|
* Use typeprof supporting rbs 1.3Nobuyoshi Nakada2021-07-211-1/+1
|
* Remove meaningless IO#close_on_exec= spec [Feature #17745]Nobuyoshi Nakada2021-07-201-4/+0
|
* Use RB_INTEGER_TYPE_PNobuyoshi Nakada2021-07-201-2/+1
|
* [ruby/irb] Support non-English code page messageaycabta2021-07-201-1/+1
| | | | https://github.com/ruby/irb/commit/e7d71fea46
* * 2021-07-20 [ci skip]git2021-07-201-1/+1
|
* Use UNREACHABLE instead of fall throughKazuhiro NISHIYAMA2021-07-201-1/+1
|
* Add `fall through`Kazuhiro NISHIYAMA2021-07-191-0/+1
| | | | | | | | | Pointed out by Coverity Scan ``` ** CID 1487522: Control flow issues (MISSING_BREAK) /error.c: 1273 in exc_full_message() ```
* Remove unneeded quotes [ci skip]Nobuyoshi Nakada2021-07-191-1/+1
|
* [ruby/racc] Removed pre-setup from gemspecHiroshi SHIBATA2021-07-191-1/+1
| | | | https://github.com/ruby/racc/commit/2f6f02e5c1
* [ruby/racc] Removed needless files from gemspecHiroshi SHIBATA2021-07-191-7/+3
| | | | https://github.com/ruby/racc/commit/d044ae883f
* [ruby/racc] Move document from library directoryHiroshi SHIBATA2021-07-192-220/+2
| | | | https://github.com/ruby/racc/commit/2e8d7d286d
* [ruby/racc] Removed generate code from parser.rb. It's already migrated by ↵Hiroshi SHIBATA2021-07-191-13/+0
| | | | | | rake task https://github.com/ruby/racc/commit/ec7d01980a
* test/openssl/test_x509cert.rb: Prevent "unused variable" warningYusuke Endoh2021-07-191-1/+1
|
* [ruby/did_you_mean] Prevent "warning: ambiguity between regexp and two ↵Yusuke Endoh2021-07-191-1/+1
| | | | | | | | | | | divisions" ``` test/did_you_mean/spell_checking/test_uncorrectable_name_check.rb:13: warning: ambiguity between regexp and two divisions: wrap regexp in parentheses or add a space after `/' operator ``` http://rubyci.s3.amazonaws.com/ubuntu/ruby-master/log/20210630T033005Z.log.html.gz#test-all https://github.com/ruby/did_you_mean/commit/842ede4186
* * 2021-07-19 [ci skip]git2021-07-191-1/+1
|
* Doc guide for class/module (#4600)Burdette Lamar2021-07-182-211/+281
| | | Co-authored-by: Marivaldo Cavalheiro <marivaldo@gmail.com>
* Make boolean expected messages more consitentNobuyoshi Nakada2021-07-182-3/+2
|
* [ruby/racc] Add missing check for rb_block_call()Benoit Daloze2021-07-181-0/+1
| | | | | | | | * It used to be hardcoded since 0affbf9d2c7c5c618b8d3fe191e74d9ae8ad22fc but got removed in 23abf3d3fb82afcc26d35769f0dec59dd46de4bb * This means that since that second commit, rb_iterate() was used unintentionally. https://github.com/ruby/racc/commit/8816ced525
* [ruby/racc] Shrink gem sizeBruno Arueira2021-07-181-49/+2
| | | | https://github.com/ruby/racc/commit/27e2a64e13
* Constified a local tableNobuyoshi Nakada2021-07-181-1/+1
|
* Adjust styles [ci skip]Nobuyoshi Nakada2021-07-181-2/+4
| | | | * --procnames-start-lines
* Get rid of type aliasingNobuyoshi Nakada2021-07-181-5/+4
|
* [ruby/openssl] Strip trailing spacesKazuki Yamaguchi2021-07-183-3/+3
| | | | https://github.com/ruby/openssl/commit/68fa9c86f1
* [ruby/openssl] Deprecate and rework old (fd) centric functionsSamuel Williams2021-07-182-6/+28
| | | | | | | | [ky: fixed compatibility with older versions of Ruby] (cherry picked from commit ruby/ruby@45e65f302b663b2c6ab69df06d3b6f219c1797b2) https://github.com/ruby/openssl/commit/8d928e0fb9
* [ruby/openssl] Use rb_block_call() instead of the deprecated rb_iterate() in ↵Benoit Daloze2021-07-181-2/+3
| | | | | | | | | OpenSSL * See https://bugs.ruby-lang.org/issues/18025 and https://github.com/ruby/ruby/pull/4629 https://github.com/ruby/openssl/commit/b8e4852dcc
* [ruby/openssl] Add example to OpenSSL::KDF.hkdf method ↵Yusuke Nakamura2021-07-181-0/+8
| | | | | | | | | (https://github.com/ruby/openssl/pull/447) The values from RFC 5869 https://datatracker.ietf.org/doc/html/rfc5869#appendix-A.1 https://github.com/ruby/openssl/commit/ec14a87f4f
* [ruby/openssl] use Bundler for dependency management and Rake gem tasksKazuki Yamaguchi2021-07-181-5/+0
| | | | | | | | | | | | Back in 2016, we chose not to use Bundler in Ruby/OpenSSL development because Bundler depended on openssl and could not be used for testing openssl itself - "bundle exec rake test" would end up with loading two different versions of openssl at the same time. This has been resolved long time ago. We can now safely use it for development dependency management and for Rake tasks. https://github.com/ruby/openssl/commit/47283d9161
* [ruby/openssl] Include peer socket IP address in errorsVinicius Stock2021-07-182-4/+57
| | | | https://github.com/ruby/openssl/commit/8a1e3f5085
* [ruby/openssl] Add OpenSSL::BN#set_flags and #get_flagsYusuke Endoh2021-07-182-0/+76
| | | | | | | | | | | | | | | | Also, OpenSSL::BN::CONSTTIME is added. OpenSSL itself had a feature that was vulnerable against a side-channel attack. The OpenSSL authors determined that it was not a security issue, and they have already fixed the issue by using BN_set_flags. https://github.com/openssl/openssl/pull/13888 If a Ruby OpenSSL user was faced with a similar issue, they couldn't prevent the issue because Ruby OpenSSL lacks a wrapper to BN_set_flags. For the case, this change introduces the wrapper. https://github.com/ruby/openssl/commit/1e565eba89
* [ruby/openssl] pkey/dsa: refactor DSA#sys{sign,verify} with ↵Kazuki Yamaguchi2021-07-182-88/+54
| | | | | | | | | | PKey#{sign,verify}_raw With the newly added OpenSSL::PKey::PKey#{sign,verify}_raw, OpenSSL::PKey::DSA's low level signing operation methods can be implemented in Ruby. The definitions are now in lib/openssl/pkey.rb. https://github.com/ruby/openssl/commit/ce805adf0c
* [ruby/openssl] pkey/ec: refactor EC#dsa_{sign,verify}_asn1 with ↵Kazuki Yamaguchi2021-07-182-55/+22
| | | | | | | | | | PKey#{sign,verify}_raw With the newly added OpenSSL::PKey::PKey#{sign,verify}_raw, OpenSSL::PKey::EC's low level signing operation methods can be implemented in Ruby. The definitions are now in lib/openssl/pkey.rb. https://github.com/ruby/openssl/commit/1f9da0cd9d
* [ruby/openssl] pkey/rsa: port RSA#{private,public}_{encrypt,decrypt} to the ↵Kazuki Yamaguchi2021-07-182-141/+106
| | | | | | | | | | | EVP API Implement these methods using the new OpenSSL::PKey::PKey#{encrypt,sign} family. The definitions are now in lib/openssl/pkey.rb. Also, recommend using those generic methods in the documentation. https://github.com/ruby/openssl/commit/2dfc1779d3
* [ruby/openssl] pkey: implement PKey#sign_raw, #verify_raw, and #verify_recoverKazuki Yamaguchi2021-07-184-31/+325
| | | | | | | | | | | | | | | Add a variant of PKey#sign and #verify that do not hash the data automatically. Sometimes the caller has the hashed data only, but not the plaintext to be signed. In that case, users would have to use the low-level API such as RSA#private_encrypt or #public_decrypt directly. OpenSSL 1.0.0 and later supports EVP_PKEY_sign() and EVP_PKEY_verify() which provide the same functionality as part of the EVP API. This patch adds wrappers for them. https://github.com/ruby/openssl/commit/16cca4e0c4
* [ruby/openssl] pkey: update version reference in #sign and #verify documentationKazuki Yamaguchi2021-07-181-2/+2
| | | | | | The next release is decided to be 3.0 rather than 2.3. https://github.com/ruby/openssl/commit/b8a434e462
* [ruby/openssl] pkey: implement PKey#encrypt and #decryptKazuki Yamaguchi2021-07-182-0/+175
| | | | | | | Support public key encryption and decryption operations using the EVP API. https://github.com/ruby/openssl/commit/75326d4bbc
* [ruby/openssl] pkey: remove deprecated parameter settersKazuki Yamaguchi2021-07-181-52/+3
| | | | | | | | | | | | | | | Remove the following methods, which have been marked as deprecated and produced a warning since version 2.0, commit 7ea72f1f5084 ("adapt OpenSSL::PKey to OpenSSL 1.1.0 opaque structs", 2016-06-05). - OpenSSL::PKey::RSA#n=, #e=, #d=, #p=, #q=, #dmp1=, #dmq1=, #iqmp= - OpenSSL::PKey::DSA#p=, #q=, #g=, #priv_key=, #pub_key= - OpenSSL::PKey::DH#p=, #g=, #priv_key=, #pub_key= These methods could only work with OpenSSL 1.0.2 or older, which is now EOL. https://github.com/ruby/openssl/commit/2334862cc0
* [ruby/openssl] Implement `Certificate.load` to load certificate chain. ↵Samuel Williams2021-07-188-0/+246
| | | | | | | | | (https://github.com/ruby/openssl/pull/441) * Add feature for loading the chained certificate into Certificate array. https://github.com/ruby/openssl/commit/05e1c015d6 Co-authored-by: Sao I Kuan <saoikuan@gmail.com>
* [ruby/openssl] x509, ssl, pkcs7: try to parse as DER-encoding firstKazuki Yamaguchi2021-07-186-61/+75
| | | | | | | | | | | | | | | | | | | | | Methods that take both PEM-encoding and DER-encoding have not been consistent in the order in which encoding to attempt to parse. A DER-encoding may contain a valid PEM block ("\n-----BEGIN ..-----" to "-----END ...-----") embedded within it. Also, the PEM-encoding parser allows arbitrary data around the PEM block and silently skips it. As a result, attempting to parse data in DER-encoding as PEM-encoding first can incorrectly finds the embedded PEM block instead. This commit ensures that DER encoding will always be attempted before PEM encoding. OpenSSL::X509::Certificate is one of the updated classes. With this, the following will always be true: # obj is an OpenSSL::X509::Certificate obj == OpenSSL::X509::Certificate.new(obj.to_der) obj == OpenSSL::X509::Certificate.new(obj.to_pem) https://github.com/ruby/openssl/commit/b280eb1fd0
* [ruby/openssl] Fix some typos [ci skip]Ryuta Kamizono2021-07-183-3/+3
| | | | https://github.com/ruby/openssl/commit/51b3030b2b
* [ruby/openssl] Add SSLSocket#getbyteAaron Patterson2021-07-183-0/+36
| | | | | | | | Normal sockets respond to `getbyte`, so we should make SSLSocket respond to `getbyte` as well. This way we can substitute SSLSockets for regular sockets. https://github.com/ruby/openssl/commit/ac1490b7c9
* [ruby/openssl] pkey/dh, pkey/ec: use EVP_PKEY_check() familyKazuki Yamaguchi2021-07-184-8/+61
| | | | | | | | | | | Use EVP_PKEY_param_check() instead of DH_check() if available. Also, use EVP_PKEY_public_check() instead of EC_KEY_check_key(). EVP_PKEY_*check() is part of the EVP API and is meant to replace those low-level functions. They were added by OpenSSL 1.1.1. It is currently not provided by LibreSSL. https://github.com/ruby/openssl/commit/797e9f8e08
* [ruby/openssl] pkey: implement {DH,DSA,RSA}#public_key in RubyKazuki Yamaguchi2021-07-185-168/+87
| | | | | | | | | | | | | The low-level API that is used to implement #public_key is deprecated in OpenSSL 3.0. It is actually very simple to implement in another way, using existing methods only, in much shorter code. Let's do it. While we are at it, the documentation is updated to recommend against using #public_key. Now that OpenSSL::PKey::PKey implements public_to_der method, there is no real use case for #public_key in newly written Ruby programs. https://github.com/ruby/openssl/commit/48a6c391ef
* [ruby/openssl] pkey: implement #to_text using EVP APIKazuki Yamaguchi2021-07-186-116/+43
| | | | | | | | | | | | | | | | | | Use EVP_PKEY_print_private() instead of the low-level API *_print() functions, such as RSA_print(). EVP_PKEY_print_*() family was added in OpenSSL 1.0.0. Note that it falls back to EVP_PKEY_print_public() and EVP_PKEY_print_params() as necessary. This is required for EVP_PKEY_DH type for which _private() fails if the private component is not set in the pkey object. Since the new API works in the same way for all key types, we now implement #to_text in the base class OpenSSL::PKey::PKey rather than in each subclass. https://github.com/ruby/openssl/commit/e0b4c56956
* [ruby/openssl] pkey: remove unused ossl_generate_cb_2() helper functionKazuki Yamaguchi2021-07-184-81/+15
| | | | | | | | The previous series of commits re-implemented key generation with the low level API with the EVP API. The BN_GENCB-based callback function is no longer used. https://github.com/ruby/openssl/commit/81027b7463
* [ruby/openssl] pkey/dsa: use high level EVP interface to generate parameters ↵Kazuki Yamaguchi2021-07-183-129/+64
| | | | | | | | | | and keys Implement PKey::DSA.new(size) and PKey::DSA.generate using OpenSSL::PKey.generate_parameters and .generate_key instead of the low level DSA functions. https://github.com/ruby/openssl/commit/1800a8d5eb
* [ruby/openssl] pkey/rsa: use high level EVP interface to generate parameters ↵Kazuki Yamaguchi2021-07-182-116/+46
| | | | | | | | | and keys Implement PKey::RSA.new(size, exponent) and PKey::RSA.generate using OpenSSL::PKey.generate_key instead of the low level RSA functions. https://github.com/ruby/openssl/commit/363fd10713
* [ruby/openssl] pkey/dh: use high level EVP interface to generate parameters ↵Kazuki Yamaguchi2021-07-183-157/+101
| | | | | | | | | | | | | | and keys Implement PKey::DH.new(size, gen), PKey::DH.generate(size, gen), and PKey::DH#generate_key! using PKey.generate_parameters and .generate_key instead of the low level DH functions. Note that the EVP interface can enforce additional restrictions - for example, DH key shorter than 2048 bits is no longer accepted by default in OpenSSL 3.0. The test code is updated accordingly. https://github.com/ruby/openssl/commit/c2e9b16f0b
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-01 15:17:00 +0000