aboutsummaryrefslogtreecommitdiffstats
path: root/ext/openssl
Commit message (Collapse)AuthorAgeFilesLines
* openssl: fix possible SEGV on race between SSLSocket#stop and #connectrhe2016-05-212-11/+8
| | | | | | | | | | | | | | | | | | * ext/openssl/ossl_ssl.c (ossl_ssl_stop): Don't free the SSL struct here. Since some methods such as SSLSocket#connect releases GVL, there is a chance of use after free if we free the SSL from another thread. SSLSocket#stop was documented as "prepares it for another connection" so this is a slightly incompatible change. However when this sentence was added (r30090, Add toplevel documentation for OpenSSL, 2010-12-06), it didn't actually. The current behavior is from r40304 (Correct shutdown behavior w.r.t GC., 2013-04-15). [ruby-core:74978] [Bug #12292] * ext/openssl/lib/openssl/ssl.rb (sysclose): Update doc. * test/openssl/test_ssl.rb: Test this. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55100 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: fix SSL client example in documentation [ci skip]rhe2016-05-211-4/+4
| | | | | | | | * ext/openssl/ossl.c: [DOC] Fix SSL client example. The variable name was wrong. Patch by Andreas Tiefenthaler <at@an-ti.eu> (@pxlpnk). [GH ruby/openssl#32] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55099 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: add OpenSSL::PKey::EC#private? and #public?rhe2016-05-211-10/+14
| | | | | | | | | | | * ext/openssl/ossl_pkey_ec.c: rename PKey::EC#private_key? and #public_key? to #private? and #public? for consistency with other PKey types. Old names remain as alias. [ruby-core:45541] [Bug #6567] * test/openssl/test_pkey_ec.rb (test_check_key): check private? and public? works correctly. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55098 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: remove impossible EOFError raise in OpenSSL::Bufferingrhe2016-05-211-2/+0
| | | | | | | | * ext/openssl/lib/openssl/buffering.rb (read_nonblock, readpartial): Remove impossible EOFError raise. Patch by Zach Anker <zanker@squareup.com>. [GH ruby/openssl#23] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55097 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ossl.c: suppress warningsnobu2016-05-201-1/+1
| | | | | | | * ext/openssl/ossl.c (ossl_pem_passwd_cb): check integer precision. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55089 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: improve handling of password for encrypted PEMrhe2016-05-206-70/+82
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * ext/openssl/ossl.c (ossl_pem_passwd_value): Added. Convert the argument to String with StringValue() and validate the length is in 4..PEM_BUFSIZE. PEM_BUFSIZE is a macro defined in OpenSSL headers. (ossl_pem_passwd_cb): When reading/writing encrypted PEM format, we used to pass the password to PEM_def_callback() directly but it was problematic. It is not NUL character safe. And surprisingly, it silently truncates the password to 1024 bytes. [GH ruby/openssl#51] * ext/openssl/ossl.h: Add function prototype declaration of newly added ossl_pem_passwd_value(). * ext/openssl/ossl_pkey.c (ossl_pkey_new_from_data): Use ossl_pem_passwd_value() to validate the password String. * ext/openssl/ossl_pkey_dsa.c (ossl_dsa_initialize, ossl_dsa_export): ditto. * ext/openssl/ossl_pkey_ec.c (ossl_ec_key_initialize, ossl_ec_key_to_string): ditto. * ext/openssl/ossl_pkey_rsa.c (ossl_rsa_initialize, ossl_rsa_export): ditto. * test/openssl/test_pkey_{dsa,ec,rsa}.rb: test this. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55087 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: register ex_data index for X509_STORE{_CTX,} respectivelyrhe2016-05-196-26/+21
| | | | | | | | | | | | | | | | | | | | | | | * ext/openssl/ossl.c (Init_openssl): register an ex_data index for X509_STORE and X509_STORE_CTX respectively. Since they don't share the ex_data index registry, we can't use the same index. (ossl_verify_cb): use the the correct index. * ext/openssl/ossl_ssl.c (ossl_ssl_verify_callback): ditto. * ext/openssl/ossl_x509store.c (ossl_x509store_set_vfy_cb): ditto. (ossl_x509stctx_verify): ditto. * ext/openssl/ossl.h (void ossl_clear_error): add extern declarations of ossl_store_{ctx_,}ex_verify_cb_idx. * ext/openssl/openssl_missing.c: remove X509_STORE_set_ex_data and X509_STORE_get_ex_data. * ext/openssl/openssl_missing.h: implement X509_STORE_get_ex_data, X509_STORE_set_ex_data and X509_STORE_get_ex_new_index as macros. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55074 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: check argument type in OpenSSL::X509::Attribute#value=rhe2016-05-191-0/+1
| | | | | | | | | | * ext/openssl/ossl_x509attr.c (ossl_x509attr_set_value): check that the argument is an OpenSSL::ASN1::Data before converting to ASN1_TYPE. This fixes SEGV on OpenSSL::X509::Attribute#value=(non-asn1-value). * test/openssl/test_x509attr.rb: add tests for OpenSSL::X509::Attribute. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55071 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: fix OpenSSL error queue leak in OpenSSL::PKCS12.newrhe2016-05-181-0/+4
| | | | | | | | * ext/openssl/ossl_pkcs12.c (ossl_pkcs12_initialize): pop errors leaked by PKCS12_parse(). This is a bug in OpenSSL, which exists in the versions before the version 1.0.0t, 1.0.1p, 1.0.2d. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55057 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ossl_pkey_ec.c: index typesnobu2016-05-181-1/+1
| | | | | | | * ext/openssl/ossl_pkey_ec.c (ossl_ec_point_mul): fix index types. Array length is long, not int. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55052 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: clear OpenSSL error queue before return to Rubyrhe2016-05-188-31/+56
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * ext/openssl/ossl_x509cert.c (ossl_x509_verify): X509_verify() family may put errors on 0 return (0 means verification failure). Clear OpenSSL error queue before return to Ruby. Since the queue is thread global, remaining errors in the queue can cause an unexpected error in the next OpenSSL operation. [ruby-core:48284] [Bug #7215] * ext/openssl/ossl_x509crl.c (ossl_x509crl_verify): ditto. * ext/openssl/ossl_x509req.c (ossl_x509req_verify): ditto. * ext/openssl/ossl_x509store.c (ossl_x509stctx_verify): ditto. * ext/openssl/ossl_pkey_dh.c (dh_generate): clear the OpenSSL error queue before re-raising exception. * ext/openssl/ossl_pkey_dsa.c (dsa_generate): ditto. * ext/openssl/ossl_pkey_rsa.c (rsa_generate): ditto. * ext/openssl/ossl_ssl.c (ossl_start_ssl): ditto. * test/openssl: check that OpenSSL.errors is empty every time after running a test case. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55051 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: report errors in OpenSSL error queue when clear itrhe2016-05-188-15/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | * ext/openssl/ossl.c (ossl_clear_error): Extracted from ossl_make_error(). This prints errors in the OpenSSL error queue if OpenSSL.debug is true, and clears the queue. (ossl_make_error): use ossl_clear_error(). * ext/openssl/ossl.h: add prototype declaration of ossl_make_error(). (OSSL_BIO_reset) use ossl_clear_error() to clear the queue. Clearing silently makes debugging difficult. * ext/openssl/ossl_engine.c (ossl_engine_s_by_id): ditto. * ext/openssl/ossl_ns_spki.c (ossl_spki_initialize): ditto. * ext/openssl/ossl_pkcs7.c (ossl_pkcs7_verify): ditto. * ext/openssl/ossl_pkey_dsa.c (ossl_dsa_initialize): ditto. * ext/openssl/ossl_pkey_ec.c (ossl_ec_key_initialize): ditto. (ossl_ec_group_initialize): ditto. * ext/openssl/ossl_ssl.c (ossl_ssl_shutdown): ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55050 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl: refactor OpenSSL::PKey::EC::Point#mulrhe2016-05-181-54/+64
| | | | | | | | | | | * ext/openssl/ossl_pkey_ec.c (ossl_ec_point_mul): Validate the arguments before passing to EC_POINT(s)_mul(). Add description of this method. [ruby-core:65152] [Bug #10268] * test/openssl/test_pkey_ec.rb (test_ec_point_mul): Test that OpenSSL::PKey::EC::Point#mul works. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55048 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: fix equality test methods of OpenSSL::BNrhe2016-05-181-13/+77
| | | | | | | | | | | | | | | | * ext/openssl/ossl_bn.c (try_convert_to_bnptr): Extracted from GetBNPtr(). This doesn't raise exception but returns NULL on error. (GetBNPtr): Raise TypeError if conversion fails. (ossl_bn_eq): Implement BN#==. (ossl_bn_eql): #eql? should not raise TypeError even if the argument is not compatible with BN. (ossl_bn_hash): Implement BN#hash. * ext/openssl/ossl_bn.c (Init_ossl_bn): Define #== and #hash. * test/openssl/test_bn.rb: Test BN#eql?, #== and #hash git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55047 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl/extconf.rb: NO SSL macros firstnobu2016-05-091-8/+10
| | | | | | | * ext/openssl/extconf.rb: check OPENSSL_NO_SSL{2,3} macros before checking related functions. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54959 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/extconf.rb: asume it doesn't have SSLv2 relatednaruse2016-05-081-0/+2
| | | | | | | | | | | | functions when OPENSSL_NO_SSL2 is defined. Usually openssl's header and the library (libssl) have the same set of functions, but on some environment the library has functions whose headers doesn't declare. (openssl/opensslconf.h and libsso.so aren't be synchronized) To detect such case explicitly check feature macro and remove related functions. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54950 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Update dependencies.akr2016-04-111-0/+31
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54544 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: Access to ephemeral TLS session keynobu2016-04-042-0/+23
| | | | | | | | | * ext/openssl/ossl_ssl.c (ossl_ssl_tmp_key): Access to ephemeral TLS session key in case of forward secrecy cipher. Only available since OpenSSL 1.0.2. [Fix GH-1318] * ext/openssl/extconf.rb: Check for SSL_get_server_tmp_key. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54485 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: accept moving write buffer for write_nonblocknormal2016-03-311-1/+2
| | | | | | | | | | | | | | | | | | | By setting the SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER flag. This flag was introduced at the same time as SSL_MODE_ENABLE_PARTIAL_WRITE in OpenSSL 0.9.4 and makes usage with non-blocking sockets much easier. Before this, a Rubyist would need to remember the exact object which failed to write and reuse it later when the socket became writable again. This causes problems when the buffer is given by another layer of the application (e.g. a buffer is given by a Rack middleware or application to a Rack web server). * ext/openssl/ossl_ssl.c (ossl_sslctx_s_alloc): enable SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER by default [Bug #12126] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54466 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: fix build when NPN is disabled by OpenSSLnobu2016-03-252-20/+21
| | | | | | | | | | | * ext/openssl/extconf.rb: check SSL_CTX_set_next_proto_select_cb function rather than OPENSSL_NPN_NEGOTIATED macro. it exists even if it is disabled by OpenSSL configuration. [ruby-core:74384] [Bug #12182] * ext/openssl/ossl_ssl.c: update #ifdef(s) as above. * test/openssl/test_ssl.rb: skip NPN tests if NPN is disabled. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54258 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* document OpenSSL::SSL::SSLContext#setup as MT-unsafenormal2016-03-141-2/+2
| | | | | | | | | | | On a cursory inspection, using rb_block_call for extra_chain_cert is thread-unsafe. There may be other instances of thread-unsafe behavior in this method, but one is enough. * ext/openssl/ossl_ssl.c (ossl_sslctx_setup): document as MT-unsafe [ruby-core:73803] [Bug #12069] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54097 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Fix typo on OpenSSL::PKey doc [ci skip]nobu2016-02-021-1/+1
| | | | | | | * ext/openssl/ossl_pkey.c (Init_ossl_pkey): [DOC] Fix typo "encrypted" to "decrypted". [Fix GH-1235] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53723 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/lib/openssl/pkey.rb: Added 2048 bit DH parameter.hsbt2016-01-161-0/+12
| | | | | | * test/openssl/test_pkey_dh.rb: ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53553 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * Remove 512-bit DH group. It's affected by LogJam Attack.hsbt2016-01-141-8/+0
| | | | | | | https://weakdh.org/ [fix GH-1196][Bug #11968][ruby-core:72766] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53531 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: fix examples [ci skip]nobu2016-01-091-0/+3
| | | | | | | * ext/openssl/ossl.c: Add missing variables to documentation examples. [Fix GH-1189] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53486 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* prefer rb_syserr_failnobu2015-12-231-1/+2
| | | | | | | | * file.c, io.c, util.c: prefer rb_syserr_fail with saved errno over setting errno then call rb_sys_fail, not to be clobbered potentially and to reduce thread local errno accesses. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53264 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* NotImplementedError typonobu2015-12-211-1/+1
| | | | | | | * ext/openssl/lib/openssl/ssl.rb (OpenSSL::SSL::SSLSocket): fix NotImplementedError typo. [Fix GH-1165] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53223 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* handle ext/ as r53141naruse2015-12-1611-0/+11
| | | | | | | | g -L frozen_string_literal ext/**/*.rb|xargs ruby -Ka -e'ARGV.each{|fn|puts fn;open(fn,"r+"){|f|s=f.read.sub(/\A(#!.*\n)?(#.*coding.*\n)?/,"\\&# frozen_string_literal: false\n");f.rewind;f.write s}}' git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53143 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_ssl.c (ssl_npn_select_cb_common): fix parsingnaruse2015-12-131-10/+7
| | | | | | | | protocol list. The protocol list from OpenSSL is not null-terminated. patched by Kazuki Yamaguchi [Bug #11810] [ruby-core:72082] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53064 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/**/*.c (*_memsize): same as r52986 for extensions.ko12015-12-091-1/+1
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52988 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_ssl.c: hide globalsnormal2015-12-012-8/+6
| | | | | | | | | | | | | * ext/openssl/ossl_ssl.c (mSSLExtConfig): make static (eSSLError): ditto (ID_callback_state): ditto (ossl_ssl_ex_vcb_idx): ditto (ossl_ssl_ex_store_p): ditto (ossl_ssl_ex_ptr_idx): ditto * ext/openssl/ossl_ssl.h: remove extern declarations for mSSLExtConfig and eSSLError git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52842 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_rand.c (ossl_rand_bytes): RAND_bytes couldkosaki2015-11-302-4/+10
| | | | | | | be return -1 as an error. Therefore, added error handling. * ext/openssl/ossl_pkey_dsa.c (dsa_generate): ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52810 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl.c: fix brew command for installation of openssl.hsbt2015-11-221-1/+1
| | | | | | [ci skip][fix GH-1007] Patch by @arthurnn git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52714 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl.h: LibreSSL doesn't have and need e_os2.h.naruse2015-11-211-1/+1
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52693 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Commit miss from r52556zzak2015-11-131-1/+1
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52557 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_pkey.c: Merge ruby/openssl@b9ea8ef [Bug #10735]zzak2015-11-131-1/+4
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52556 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_ssl.c: Merge ruby/openssl@81e1a30zzak2015-11-131-0/+6
| | | | | | | * test/openssl/test_ssl.rb: ditto git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52555 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* suppress warningsnobu2015-11-081-1/+1
| | | | | | | * ext/date/date_parse.c (date_zone_to_diff): suppress parentheses warnings. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52491 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext: use RARRAY_AREFnobu2015-11-056-13/+13
| | | | | | | | * ext/**/*.c: prefer RARRAY_AREF to indexing RARRAY_CONST_PTR. pointed out by hanmac. https://github.com/ruby/ruby/commit/3553a86#commitcomment-14187670 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52453 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext: use RARRAY_CONST_PTRnobu2015-11-046-13/+13
| | | | | | | * ext/bigdecimal/bigdecimal.c: use RARRAY_CONST_PTR just fore reference instead of RARRAY_PTR, to keep the array WB-protected. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52448 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext: adjust index typenobu2015-11-046-8/+9
| | | | | | * ext: use long for index instead of int and RARRAY_LENINT. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52447 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ALPN also uses the same logic [Bug #11369]naruse2015-10-221-30/+32
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52228 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_ssl.c (ssl_npn_select_cb): explicitly raise errornaruse2015-10-221-2/+5
| | | | | | | | | in ext/openssl instead of OpenSSL itself because LibreSSL silently truncate the selected protocol name by casting the length from int to unsigned char. [Bug #11369] Patch by Jeremy Evans <merch-redmine@jeremyevans.net> git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52227 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/lib/openssl/ssl.rb: Revert r52082 because it wassorah2015-10-091-5/+4
| | | | | | | | | | | | | | dropping TLS v1.1 support too. Supporting only TLS v1.2 is too early, because many popular websites still don't support it. For instance, Servers where aws-sdk connects to still don't support TLS v1.2 and it became broken. We should consider more carefully about this. [Fix GH-873] [Feature #11524] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52089 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/lib/openssl/ssl.rb: Default to TLSv1.2 and drop TLS v1zzak2015-10-081-4/+5
| | | | | | | | Patch provided by @claudijd [Fixes GH-873] [Feature #11524]: https://github.com/ruby/ruby/pull/873 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52082 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_pkcs12*: Remove svn commit id macrozzak2015-09-232-2/+0
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51920 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/*: Remove svn commit id macros to make sync easierzzak2015-09-2257-122/+0
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51918 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/ossl_ssl.c (static const struct): Only add SSLv3 supporttenderlove2015-08-292-0/+6
| | | | | | | | | | | | | if the SSL library supports it. Thanks Kurt Roeckx <kurt@roeckx.be> [Bug #11376] * ext/openssl/extconf.rb: check for SSLv3 support in the SSL implementation. * test/openssl/test_ssl.rb (class OpenSSL): Skip tests that need SSLv3 if there is no support. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51722 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/openssl/lib/openssl/ssl.rb (module OpenSSL): add OP_ALL totenderlove2015-08-191-1/+1
| | | | | | | | | | | | existing options rather than just setting it. Some vendors apply custom patches to their versions of OpenSSL that set default values for options. This commit respects the custom patches they've applied. * test/openssl/test_ssl.rb (class OpenSSL): check that OP_ALL has been added to the options. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51642 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ossl_ssl.c: check SSL method namenobu2015-08-151-2/+2
| | | | | | | * ext/openssl/ossl_ssl.c (ossl_sslctx_set_ssl_version): SSL method name must not contain NUL. preserve the encoding of message. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51588 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-28 15:54:19 +0000