| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
X509_STORE_get_ex_new_index() is required in addition to
X509_STORE_CTX_get_ex_new_index() because they are independent.
|
|
|
|
|
| |
The state returned by SSL_get_state() doesn't become SSL_ST_ACCEPT
anymore in OpenSSL 1.1.0.
|
|
|
|
|
|
|
|
|
|
| |
And deprecate #tmp_ecdh_callback.
Since SSL_CTX_set_tmp_ecdh_callback() was removed in OpenSSL 1.1.0, we
can't provide SSLContext#tmp_ecdh_callback anymore. Instead, we should
use SSL_CTX_set1_curves_list() to set the curves and
SSL_CTX_set_ecdh_auto() to make OpenSSL select automatically from the
list.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use EVP_PKEY_get0_* instead of pkey->pkey.*
Use EVP_PKEY_base_id(pkey) instead of EVP_PKEY_type(pkey->type)
Because of this, we can no longer set the parameters/keys directly, and
the newly added functions as alternative require setting all relevant
values at the same time. So this patch contains incompatibility: the
following code no longer works (if using 1.1.0):
dh = OpenSSL::PKey::DH.new(...)
dh.priv_key = OpenSSL::BN.new(...)
...and we have to write like:
dh = OpenSSL::PKey::DH.new(...)
priv = OpenSSL::BN.new(...)
pub = <calculate (dh.g ** priv) % dh.p>
dh.set_key(pub, priv)
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix following files:
- ossl_x509attr.c
- ossl_x509cert.c
- ossl_x509store.c
- ossl_x509name.c
- ossl_x509req.c
- ossl_x509crl.c
- ossl_x509revoked.c
- ossl_x509ext.c
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
HMAC_CTX is made opaque in OpenSSL 1.1.0
|
|
|
|
| |
EVP_CIPHER_CTX was made opaque in OpenSSL 1.1.0
|
|
|
|
|
|
|
|
|
| |
The last release of OpenSSL 0.9.7 series was over 9 years ago (!) and
even 0.9.8/1.0.0 are no longer supported (EOL was 2015-12-31).
It actually doesn't compile since r40461 (ext/openssl/ossl_bn.c
(ossl_bn_initialize): allow Fixnum and Bignum. [ruby-core:53986]
[Feature #8217], 2013-04-25, 2.1.0) and it looks like nobody noticed it.
|
|
|
|
|
|
|
|
|
| |
Implement CRYPTO_memcmp() if it is not available.
Always use our SSL_SESSION_cmp() (renamed to ossl_SSL_SESSION_cmp()).
SSL_SESSION_cmp() was removed in OpenSSL 1.0.0 and we have used a
reimplemented one. However our implementation is better than the
original (it uses CRYPTO_memcmp() instead of plain memcmp).
|
|
|
|
|
|
|
| |
Fix build with very very old versions of OpenSSL.
SSL_CTX_clear_options() is new in OpenSSL 0.9.8m but some Linux
distributions still uses 0.9.8e.
|
|
|
|
| |
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51918 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
|
|
|
| |
[fix GH-876][ci skip] Patch by @davydovanton
* lib/net/https.rb: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50351 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* ext/openssl/ossl_missing.h/.c: add ASN1_put_eoc if missing.
* ext/openssl/ossl_asn1.c: introduce ossl_asn1_object_size and
ossl_asn1_put_object to wrap functionality depending on OpenSSL
version in use.
Fixes [ Ruby 1.9 - Bug #4916 ] reported by Hiroshi Nakamura.
[ruby-core:37286]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32230 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
| |
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@30886 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
|
|
|
|
|
|
| |
ref #3400
The patch contains following comment:
This patch should avoid unnecessary incompatibility with future
versions of Openssl. Changes suggested by bmaher_at_amazon.com.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29190 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
[ruby-core:22860]
* ext/openssl/ossl_engine.c (ossl_engine_s_by_id): suppress a
warning.
* ext/openssl/ossl_ssl.c (ossl_sslctx_flush_sessions): time_t may
be larger than long.
* ext/openssl/ossl_ssl_session.c (ossl_ssl_session_get_time),
(ossl_ssl_session_get_timeout): use TIMET2NUM() to convert
time_t.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@22925 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
|
|
|
| |
versions. [ruby-dev:35637]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@18181 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
| |
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@18168 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
|
|
|
|
| |
prototype change in openssl bundled with newer OpenBSD.
a patch from Takahiro Kambe <taca at back-street.net> in
[ruby-dev:34691].
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16422 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
|
|
|
| |
* ext/openssl/openssl_missing.h: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8335 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
EVP_CIPHER_CTX_set_padding, EVP_CipherFinal_ex, EVP_CipherInit_ex,
EVP_DigestFinal_ex and EVP_DigestInit_ex.
* ext/openssl/openssl_missing.c (EVP_CIPHER_CTX_copy): new function.
* ext/openssl/openssl_missing.h (EVP_DigestInit_ex, EVP_DigestFinal_ex,
EVP_CipherInit_ex, EVP_CipherFinal_ex, HMAC_Init_ex): new macro for
OpenSSL 0.9.6.
* ext/openssl/ossl_cipher.c (ossl_cipher_alloc, ossl_cipher_initialize,
ossl_cipher_copy, ossl_cipher_reset, ossl_cipher_encrypt,
ossl_cipher_decrypt, ossl_cipher_final, ossl_cipher_set_key,
ossl_cipher_set_iv): replace all EVP_CipherInit and
EVP_CipherFinal into EVP_CipherInit_ex and EVP_CipherFinal_ex.
and EVP_CIPHER_CTX_init should only be called once.
* ext/openssl/ossl_cipher.c (ossl_cipher_set_padding): check for
EVP_CIPHER_CTX_set_padding.
* ext/openssl/ossl_cipher.c (Init_ossl_cipher): Cipher#<< is deprecated.
* ext/openssl/ossl_digest.c: replace all EVP_DigestInit and
EVP_DigestFinal into EVP_DigestInit_ex and EVP_DigestFinal_ex.
and EVP_MD_CTX_init should only be called once.
* ext/openssl/ossl_digest.c (digest_final): should call
EVP_MD_CTX_cleanup to avoid memory leak.
* ext/openssl/ossl_hmac.c (ossl_hmac_initialize): repalce HMAC_init
into HMAC_init_ex. and HMAC_CTX_init is moved to ossl_hmac_alloc.
* ext/openssl/ossl_hmac.c (hmac_final): should call
HMAC_CTX_cleanup to avoid memory leak.
* test/openssl/test_cipher.rb, test/openssl/test_digest.rb,
test/openssl/test_hmac.rb: new file.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6548 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
| |
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4552 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4128 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|