aboutsummaryrefslogtreecommitdiffstats
path: root/ext/openssl/ossl_ocsp.c
Commit message (Collapse)AuthorAgeFilesLines
* import Ruby/OpenSSL 2.0.0.beta.1rhe2016-08-291-25/+83
| | | | | | | | | | * NEWS, {ext,test,sample}/openssl: Import Ruby/OpenSSL 2.0.0.beta.1. ext/openssl is now converted into a default gem. The full commit history since r55538 can be found at: https://github.com/ruby/openssl/compare/08e1881f5663...v2.0.0.beta.1 [Feature #9612] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56027 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: fix for OpenSSL 1.0.0trhe2016-06-291-24/+34
| | | | | | | * ext/openssl/ossl_ocsp.c: The "reuse" behavior of d2i_ functions does not work well with OpenSSL 1.0.0t. So avoid it. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55538 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: add OpenSSL::OCSP::SingleResponserhe2016-06-191-19/+426
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * ext/openssl/ossl_ocsp.c: Add OCSP::SingleResponse that represents an OCSP SingleResponse structure. Also add two new methods #responses and #find_response to OCSP::BasicResponse. A BasicResponse has one or more SingleResponse. We have OCSP::BasicResponse#status that returns them as an array of arrays, each containing the content of a SingleResponse, but this is not useful. When validating an OCSP response, we need to look into the each SingleResponse and check their validity but it is not simple. For example, when validating for a certificate 'cert', the code would be like: # certid_target is an OpenSSL::OCSP::CertificateId for cert basic = res.basic result = basic.status.any? do |ary| ary[0].cmp(certid_target) && ary[4] <= Time.now && (!ary[5] || Time.now <= ary[5]) end Adding OCSP::SingleResponse at the same time allows exposing OCSP_check_validity(). With this, the code above can be rewritten as: basic = res.basic single = basic.find_response(certid_target) result = single.check_validity * test/openssl/test_ocsp.rb: Test this. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55457 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: allow passing absolute times in OCSP::BasicResponse#add_statusrhe2016-06-191-31/+58
| | | | | | | | | | | | | | | | | * ext/openssl/ossl_ocsp.c (ossl_ocspbres_add_status): Allow specifying the times (thisUpdate, nextUpdate and revocationTime) with Time objects. Currently they accepts only relative seconds from the current time. This is inconvenience, especially for revocationTime. When Integer is passed, they are still treated as relative times. Since the type check is currently done with rb_Integer(), this is a slightly incompatible change. Hope no one passes a relative time as String or Time object... Also, allow passing nil as nextUpdate. It is optional. * ext/openssl/ruby_missing.h: Define RB_INTEGER_TYPE_P() if not defined. openssl gem will be released before Ruby 2.4.0. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55456 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: implement initialize_copy for OpenSSL::OCSP::*rhe2016-06-191-0/+80
| | | | | | | | | | * ext/openssl/ossl_ocsp.c: Implement OCSP::{CertificateId,Request, BasicResponse,Response}#initialize_copy. [ruby-core:75504] [Bug #12381] * test/openssl/test_ocsp.rb: Test them. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55455 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: refactor OpenSSL::OCSP::*#verifyrhe2016-06-151-16/+18
| | | | | | | | | | * ext/openssl/ossl_ocsp.c (ossl_ocspreq_verify, ossl_ocspbres_verify): Use ossl_clear_error() so that they don't print warnings to stderr and leak errors in the OpenSSL error queue. Also, check the return value of OCSP_*_verify() correctly. They can return -1 on verification failure. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55423 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: allow specifying hash algorithm in OCSP::*#signrhe2016-06-151-36/+52
| | | | | | | | | | | | * ext/openssl/ossl_ocsp.c (ossl_ocspreq_sign, ossl_ocspbres_sign): Allow specifying hash algorithm used in signing. They are hard coded to use SHA-1. Based on a patch provided by Tim Shirley <tidoublemy@gmail.com>. [ruby-core:70915] [Feature #11552] [GH ruby/openssl#28] * test/openssl/test_ocsp.rb: Test sign-verify works. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55422 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: add some accessor methods for OCSP::CertificateIdrhe2016-06-141-4/+79
| | | | | | | | | | | | | * ext/openssl/ossl_ocsp.c (ossl_ocspcid_get_issuer_name_hash, ossl_ocspcid_get_issuer_key_hash, ossl_ocspcid_get_hash_algorithm): Add accessor methods OCSP::CertificateId#issuer_name_hash, #issuer_key_hash, #hash_algorithm. Based on a patch provided by Paul Kehrer <paul.l.kehrer@gmail.com>. [ruby-core:48062] [Feature #7181] * test/openssl/test_ocsp.rb: Test these new methods. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55411 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: add missing #to_der to OCSP::{CertificateId,BasicResponse}rhe2016-06-141-16/+94
| | | | | | | | | | | | | | | | | | | * ext/openssl/ossl_ocsp.c (ossl_ocspbres_to_der, ossl_ocspcid_to_der): Implement #to_der methods for OCSP::BasicResponse and OCSP::CertificateId. (ossl_ocspreq_initialize, ossl_ocspres_initialize): Use GetOCSP*() instead of raw DATA_PTR(). (ossl_ocspbres_initialize, ossl_ocspcid_initialize): Allow initializing from DER string. (Init_ossl_ocsp): Define new #to_der methods. * test/openssl/test_ocsp.rb: Test these changes. Also add missing tests for OCSP::{Response,Request}#to_der. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55409 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: adapt to OpenSSL 1.1.0 opaque structsrhe2016-06-051-4/+6
| | | | | | | | | | | | | | | * ext/openssl/extconf.rb: Check existence of accessor functions that don't exist in OpenSSL 0.9.8. OpenSSL 1.1.0 made most of its structures opaque and requires use of these accessor functions. [ruby-core:75225] [Feature #12324] * ext/openssl/openssl_missing.[ch]: Implement them if missing. * ext/openssl/ossl*.c: Use these accessor functions. * test/openssl/test_hmac.rb: Add missing test for HMAC#reset. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55287 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: drop OpenSSL 0.9.6/0.9.7 supportrhe2016-05-251-2/+2
| | | | | | * ext/openssl, test/openssl: Drop OpenSSL < 0.9.8 support. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55162 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext: use RARRAY_AREFnobu2015-11-051-2/+2
| | | | | | | | * ext/**/*.c: prefer RARRAY_AREF to indexing RARRAY_CONST_PTR. pointed out by hanmac. https://github.com/ruby/ruby/commit/3553a86#commitcomment-14187670 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52453 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext: use RARRAY_CONST_PTRnobu2015-11-041-2/+2
| | | | | | | * ext/bigdecimal/bigdecimal.c: use RARRAY_CONST_PTR just fore reference instead of RARRAY_PTR, to keep the array WB-protected. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52448 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext: adjust index typenobu2015-11-041-2/+2
| | | | | | * ext: use long for index instead of int and RARRAY_LENINT. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52447 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/*: Remove svn commit id macros to make sync easierzzak2015-09-221-1/+0
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51918 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_ocsp.c: fix documentation on ocsp response cert status.hsbt2015-06-131-2/+2
| | | | | | [fix GH-932] Patch by @chrisholmes git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50861 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: wrapper object before allocnobu2015-05-291-17/+32
| | | | | | | * ext/openssl: make wrapper objects before allocating structs to get rid of potential memory leaks. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50673 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/*: use license instead of licence.hsbt2015-04-201-1/+1
| | | | | | | [fix GH-876][ci skip] Patch by @davydovanton * lib/net/https.rb: ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50351 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ossl_ocsp.c: typed datanobu2014-12-121-2/+16
| | | | | | * ext/openssl/ossl_ocsp.c (ossl_ocsp_certid_type): use typed data. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48798 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ossl_ocsp.c: typed datanobu2014-12-121-2/+16
| | | | | | | * ext/openssl/ossl_ocsp.c (ossl_ocsp_basicresp_type): use typed data. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48797 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ossl_ocsp.c: typed datanobu2014-12-121-2/+16
| | | | | | | * ext/openssl/ossl_ocsp.c (ossl_ocsp_response_type): use typed data. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48796 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ossl_ocsp.c: typed datanobu2014-12-121-2/+16
| | | | | | | * ext/openssl/ossl_ocsp.c (ossl_ocsp_request_type): use typed data. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48795 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* protoize no-arguments functionsnobu2014-09-301-2/+2
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@47744 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Remove unneeded OCSP constant macrosdrbrain2014-04-121-4/+0
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@45574 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * remove trailing spaces.nobu2014-04-121-1/+1
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@45573 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_ocsp.c: [DOC] Document OpenSSL::OCSP.drbrain2014-04-121-44/+450
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@45572 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/*: Document synonymous methods, by windwiny [GH-277]zzak2013-04-161-1/+1
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@40316 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl.c: surpress warning: shorten-64-to-32.naruse2011-03-241-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * ext/openssl/ossl.h: ditto. * ext/openssl/ossl_asn1.c: ditto. * ext/openssl/ossl_bio.c: ditto. * ext/openssl/ossl_bn.c: ditto. * ext/openssl/ossl_cipher.c: ditto. * ext/openssl/ossl_hmac.c: ditto. * ext/openssl/ossl_ns_spki.c: ditto. * ext/openssl/ossl_ocsp.c: ditto. * ext/openssl/ossl_pkcs5.c: ditto. * ext/openssl/ossl_pkey.c: ditto. * ext/openssl/ossl_pkey_dh.c: ditto. * ext/openssl/ossl_pkey_dsa.c: ditto. * ext/openssl/ossl_pkey_ec.c: ditto. * ext/openssl/ossl_pkey_rsa.c: ditto. * ext/openssl/ossl_rand.c: ditto. * ext/openssl/ossl_ssl.c: ditto. * ext/openssl/ossl_x509ext.c: ditto. * ext/openssl/ossl_x509name.c: ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@31166 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_ocsp.c (ossl_ocspreq_verify): flags is VALUE,naruse2011-03-241-2/+2
| | | | | | | | so it should use NUM2INT. * ext/openssl/ossl_ocsp.c (ossl_ocspbres_verify): ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@31162 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* cancel subversion backfire. sorrymatz2011-03-071-24/+24
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@31046 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * gc.c (rb_gc_set_params): allow GC parameter configuration bymatz2011-03-071-24/+24
| | | | | | | environment variables. based on a patch from funny-falcon at https://gist.github.com/856296, but honors safe level. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@31044 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_ocsp.c: parenthesize macro arguments.akr2011-02-281-24/+24
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@30976 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_ocsp.c (ossl_ocspcid_initialize): an optionaltenderlove2010-11-051-3/+16
| | | | | | | parameter may be used to specify the OpenSSL::OCSP::CertificateId on initialization. Thanks Elise Huard! [ruby-core:32460] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29699 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/**/*.[ch]: removed trailing spaces.nobu2010-04-221-1/+1
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@27437 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ossl_ocsp.c (ossl_ocspres_to_der): Bug fix in Response#to_def. Patch by ↵marcandre2009-09-211-1/+1
| | | | | | Chris Chandler [ruby-core:18411] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@25019 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_ocsp.c (ossl_ocspbres_verify): OCSP_basic_verifynobu2009-02-191-4/+4
| | | | | | | returns positive value on success, not non-zero. [ruby-core:21762] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@22440 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_ocsp.c (ossl_ocspres_initialize): fix fornobu2008-08-311-3/+4
| | | | | | | initialization of r18168. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@18975 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_x509attr.c (ossl_x509attr_initialize): fix fornobu2008-08-291-2/+4
| | | | | | | | | | | initialization of r18168. * ext/openssl/ossl_ocsp.c (ossl_ocspreq_initialize): ditto. * ext/openssl/ossl_x509name.c (ossl_x509name_initialize): ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@18917 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl: suppress warnings.nobu2008-07-221-11/+12
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@18168 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_ocsp.c: OpenSSL::OCSP::OSCPError should begotoyuzo2006-12-011-1/+1
| | | | | | | subclass of OpenSSL::OpenSSLError. [ruby-dev:29980] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@11320 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ruby.h (struct RArray): embed small arrays.matz2006-09-021-4/+4
| | | | | | | | | | (RARRAY_LEN): defined for accessing array members. (RARRAY_PTR): ditto. * array.c: use RARRAY_LEN and RARRAY_PTR. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@10833 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ruby.h (struct RString): embed small strings.matz2006-08-311-8/+8
| | | | | | | | | | (RSTRING_LEN): defined for accessing string members. (RSTRING_PTR): ditto. * string.c: use RSTRING_LEN and RSTRING_PTR. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@10809 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_ocsp.c (ossl_ocspreq_to_der): should callgotoyuzo2005-01-221-1/+1
| | | | | | | GetOCSPReq at first. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7810 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * lib/set.rb (Set#==): [ruby-dev:25206]matz2004-12-151-14/+18
| | | | | | | | | | | * ext/openssl/ossl_digest.c (ossl_digest_initialize): [ruby-dev:25198] * utf8.c (utf8_is_mbc_ambiguous): [ruby-talk:123561] * utf8.c (utf8_mbc_to_normalize): ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7563 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_ocsp.c (ossl_ocspreq_initialize): the argumentgotoyuzo2003-09-201-0/+2
| | | | | | | | | | | | | | | should be a String. * ext/openssl/ossl_ocsp.c (ossl_ocspres_initialize): ditt. * ext/openssl/ossl_x509attr.c (ossl_x509attr_initialize): ditto. * ext/openssl/ossl_x509ext.c (ossl_x509ext_initialize): ditto. * ext/openssl/ossl_x509ext.c (ossl_x509ext_set_value): ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4582 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl: all files are reviewed to simplify and avoid memory leak.gotoyuzo2003-09-171-34/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * ext/openssl/extconf.rb: add check for assert.h. * ext/openssl/ossl.c (ossl_buf2str): new function to convert C buffer to String and free buffer. * ext/openssl/ossl.c (ossl_x509_ary2sk): new function to convert Array of OpenSSL::X509 to STACK_OF(X509) with exception safe. * ext/openssl/ossl.c (ossl_to_der, ossl_to_der_if_possible): new functions to convert object to DER string. * ext/openssl/ossl.h: ditto. * ext/openssl/ossl_bio.c (ossl_membio2str): new function to convert BIO to String object and free BIO. * ext/openssl/ossl_bio.h: ditto. * ext/openssl/ossl_pkcs7.c (ossl_pkcs7_to_der): add for "to_der". * ext/openssl/ossl_x509name.c (ossl_x509name_to_der): ditto. * ext/openssl/ossl_x509ext.c (ossl_x509ext_to_der): ditto. * ext/openssl/ossl_x509ext.c (create_ext_from_array): removed and reimplement in openssl/x509.rb. * ext/openssl/ossl_x509attr.c: reimplemented and disable some method temporarily. this class doesn't work fine without ASN.1 data support;-) I'll rewrite in near future. * ext/openssl/lib/openssl/x509.c (X509::Attribute): get rid off unused code. * ext/openssl/lib/openssl/x509.c (X509::ExtensionFactory): refine all. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4558 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ruby_missing.c: rid of unnecessary backwardgotoyuzo2003-09-061-4/+0
| | | | | | | | | | | | | | | | compatibility stuff. and remove DEFINE_ALLOC_WRAPPER from all sources. * ext/openssl/ossl_x509ext.c (X509::Extension.new): new method. * ext/openssl/ossl_x509ext.c (X509::Extension#oid=): new method. * ext/openssl/ossl_x509ext.c (X509::Extension#value=): new method. * ext/openssl/ossl_x509ext.c (X509::Extension#critical=): new method. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4522 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl: imported.gotoyuzo2003-07-231-0/+765
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4128 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-03 01:56:33 +0000