From d7470d9756a361d7ced6ed5178c6aa4189ca661c Mon Sep 17 00:00:00 2001 From: Corey Bonnell Date: Thu, 29 Dec 2016 09:56:50 -0500 Subject: [PATCH 1/9] Fix for ASN1::Constructive 'each' implementation --- ext/openssl/ossl_asn1.c | 2 +- test/test_asn1.rb | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/ext/openssl/ossl_asn1.c b/ext/openssl/ossl_asn1.c index 534796f52..1d3ee4ac1 100644 --- a/ext/openssl/ossl_asn1.c +++ b/ext/openssl/ossl_asn1.c @@ -1291,7 +1291,7 @@ ossl_asn1cons_to_der(VALUE self) static VALUE ossl_asn1cons_each(VALUE self) { - rb_funcall(ossl_asn1_get_value(self), id_each, 0); + rb_block_call(ossl_asn1_get_value(self), id_each, 0, 0, 0, 0); return self; } diff --git a/test/test_asn1.rb b/test/test_asn1.rb index a0ac1ddbf..91ae2cfd0 100644 --- a/test/test_asn1.rb +++ b/test/test_asn1.rb @@ -566,6 +566,13 @@ def test_decode_constructed_overread assert_equal 17, ret[0][6] end + def test_constructive_each + data = [OpenSSL::ASN1::Integer.new(0), OpenSSL::ASN1::Integer.new(1)] + seq = OpenSSL::ASN1::Sequence.new data + + assert_equal data, seq.entries + end + private def assert_universal(tag, asn1) From a2dc925ac646f30e7d518158d7931ff422444ffe Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi Date: Fri, 30 Dec 2016 02:21:12 +0900 Subject: [PATCH 2/9] Fix build with static OpenSSL libraries on Windows OpenSSL <= 1.0.2 requires gdi32 for RAND_screen(). OpenSSL >= 1.1.0 no longer has RAND_screen() but it now requires crypt32. If pkg-config is usable, they are automatically linked, but if it is not, configuring Ruby/OpenSSL fails. Fixes: https://bugs.ruby-lang.org/issues/13080 --- ext/openssl/extconf.rb | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index 7033b0e20..60bd518e1 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -37,6 +37,12 @@ Logging::message "=== Checking for required stuff... ===\n" result = pkg_config("openssl") && have_header("openssl/ssl.h") unless result + if $mswin || $mingw + # required for static OpenSSL libraries + have_library("gdi32") # OpenSSL <= 1.0.2 (for RAND_screen()) + have_library("crypt32") + end + result = have_header("openssl/ssl.h") result &&= %w[crypto libeay32].any? {|lib| have_library(lib, "CRYPTO_malloc")} result &&= %w[ssl ssleay32].any? {|lib| have_library(lib, "SSL_new")} From be817ba62b71cb3635aa805338a6d536db4af8f8 Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi Date: Thu, 12 Jan 2017 13:31:49 +0900 Subject: [PATCH 3/9] appveyor.yml: update OpenSSL version to 1.0.2j The new RubyInstaller 2.3.3 uses OpenSSL 1.0.2j. This will fix CI build on AppVayor. Note that this is not a future-proof resolution; the future releases of RubyInstaller that AppVayor will use may require another incompatible version of OpenSSL. --- appveyor.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/appveyor.yml b/appveyor.yml index c3e9c303a..bd72cedeb 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -2,9 +2,9 @@ clone_depth: 10 install: - SET PATH=C:\Ruby%ruby_version%\bin;%PATH% - - appveyor DownloadFile http://dl.bintray.com/oneclick/OpenKnapsack/x64/openssl-1.0.1m-x64-windows.tar.lzma - - 7z e openssl-1.0.1m-x64-windows.tar.lzma - - 7z x -y -oC:\Ruby%ruby_version% openssl-1.0.1m-x64-windows.tar + - appveyor DownloadFile http://dl.bintray.com/oneclick/OpenKnapsack/x64/openssl-1.0.2j-x64-windows.tar.lzma + - 7z e openssl-1.0.2j-x64-windows.tar.lzma + - 7z x -y -oC:\Ruby%ruby_version% openssl-1.0.2j-x64-windows.tar - ruby -S rake install_dependencies build_script: - rake -rdevkit compile -- --with-openssl-dir=C:\Ruby%ruby_version% From 64dfefdc745d3a61634a3e455d3b7527890e5a66 Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi Date: Mon, 23 Jan 2017 10:07:31 +0900 Subject: [PATCH 4/9] buffering: fix typo in doc --- lib/openssl/buffering.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/openssl/buffering.rb b/lib/openssl/buffering.rb index 7fd647caa..b0dffefd3 100644 --- a/lib/openssl/buffering.rb +++ b/lib/openssl/buffering.rb @@ -189,7 +189,7 @@ def read_nonblock(maxlen, buf=nil, exception: true) end ## - # Reads the next "line+ from the stream. Lines are separated by +eol+. If + # Reads the next "line" from the stream. Lines are separated by +eol+. If # +limit+ is provided the result will not be longer than the given number of # bytes. # @@ -344,7 +344,7 @@ def write(s) end ## - # Writes +str+ in the non-blocking manner. + # Writes +s+ in the non-blocking manner. # # If there is buffered data, it is flushed first. This may block. # From 24a6774f623a681d6fd3b741b8b177e83c2f7160 Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi Date: Fri, 20 Jan 2017 22:55:00 +0900 Subject: [PATCH 5/9] test/envutil: fix assert_raise_with_message Import mu_pp method from Ruby trunk. --- test/envutil.rb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/test/envutil.rb b/test/envutil.rb index da3041028..89332b355 100644 --- a/test/envutil.rb +++ b/test/envutil.rb @@ -1,6 +1,7 @@ # -*- coding: us-ascii -*- require "timeout" require "rbconfig" +require "pp" module EnvUtil def rubybin @@ -259,6 +260,10 @@ def assert_join_threads(threads, message = nil) values end + def mu_pp(obj) #:nodoc: + obj.pretty_inspect.chomp + end + # :call-seq: # assert_raise_with_message(exception, expected, msg = nil, &block) # From 4ccaf256a1c178eedaa6840613a54a00d8eba20c Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi Date: Tue, 24 Jan 2017 15:29:56 +0900 Subject: [PATCH 6/9] x509: fix OpenSSL::X509::Name#eql? Commit 34e7fe34ee32 ("Use rb_obj_class() instead of CLASS_OF()", 2016-09-08) incorrectly inverted the result. Fix it, and add a test case for this. Fixes: 34e7fe34ee32 ("Use rb_obj_class() instead of CLASS_OF()") --- ext/openssl/ossl_x509name.c | 2 +- test/test_x509name.rb | 10 ++++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/ext/openssl/ossl_x509name.c b/ext/openssl/ossl_x509name.c index 4523e0d71..ac98c1b94 100644 --- a/ext/openssl/ossl_x509name.c +++ b/ext/openssl/ossl_x509name.c @@ -375,7 +375,7 @@ ossl_x509name_eql(VALUE self, VALUE other) if (!rb_obj_is_kind_of(other, cX509Name)) return Qfalse; - return ossl_x509name_cmp0(self, other) ? Qtrue : Qfalse; + return ossl_x509name_cmp0(self, other) == 0 ? Qtrue : Qfalse; } /* diff --git a/test/test_x509name.rb b/test/test_x509name.rb index b30a02e64..60e8ddb8a 100644 --- a/test/test_x509name.rb +++ b/test/test_x509name.rb @@ -357,6 +357,16 @@ def test_hash assert_equal(expected, name_hash(name)) end + def test_equality + name0 = OpenSSL::X509::Name.new([["DC", "org"], ["DC", "ruby-lang"], ["CN", "bar.ruby-lang.org"]]) + name1 = OpenSSL::X509::Name.new([["DC", "org"], ["DC", "ruby-lang"], ["CN", "bar.ruby-lang.org"]]) + name2 = OpenSSL::X509::Name.new([["DC", "org"], ["DC", "ruby-lang"], ["CN", "baz.ruby-lang.org"]]) + assert_equal true, name0 == name1 + assert_equal true, name0.eql?(name1) + assert_equal false, name0 == name2 + assert_equal false, name0.eql?(name2) + end + def test_dup name = OpenSSL::X509::Name.parse("/CN=ruby-lang.org") assert_equal(name.to_der, name.dup.to_der) From c75e835fd70b614c662811557a8b1b50d6cf8c41 Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi Date: Sat, 21 Jan 2017 01:59:55 +0900 Subject: [PATCH 7/9] ruby-openssl-docker: update versions of Ruby and OpenSSL Ruby 2.3.3/2.4.0, OpenSSL 1.0.2k/1.1.0d and LibreSSL 2.3.9/2.4.4. --- tool/ruby-openssl-docker/Dockerfile | 42 +++++++++++++++++------------ tool/ruby-openssl-docker/init.sh | 4 +-- 2 files changed, 27 insertions(+), 19 deletions(-) diff --git a/tool/ruby-openssl-docker/Dockerfile b/tool/ruby-openssl-docker/Dockerfile index a1518a9c2..d22a7e43f 100644 --- a/tool/ruby-openssl-docker/Dockerfile +++ b/tool/ruby-openssl-docker/Dockerfile @@ -19,46 +19,46 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ xz-utils \ zlib1g-dev -# Supported OpenSSL versions: 1.0.0, 1.0.1, 1.0.2, 1.1.0 +# Supported OpenSSL versions: 1.0.1- RUN mkdir -p /build/openssl RUN curl -s https://www.openssl.org/source/openssl-1.0.0t.tar.gz | tar -C /build/openssl -xzf - && \ cd /build/openssl/openssl-1.0.0t && \ ./Configure \ --openssldir=/opt/openssl/openssl-1.0.0 \ - shared debug-linux-x86_64 && \ + shared linux-x86_64 && \ make && make install_sw RUN curl -s https://www.openssl.org/source/openssl-1.0.1u.tar.gz | tar -C /build/openssl -xzf - && \ cd /build/openssl/openssl-1.0.1u && \ ./Configure \ --openssldir=/opt/openssl/openssl-1.0.1 \ - shared debug-linux-x86_64 && \ + shared linux-x86_64 && \ make && make install_sw -RUN curl -s https://www.openssl.org/source/openssl-1.0.2j.tar.gz | tar -C /build/openssl -xzf - && \ - cd /build/openssl/openssl-1.0.2j && \ +RUN curl -s https://www.openssl.org/source/openssl-1.0.2k.tar.gz | tar -C /build/openssl -xzf - && \ + cd /build/openssl/openssl-1.0.2k && \ ./Configure \ --openssldir=/opt/openssl/openssl-1.0.2 \ - shared debug-linux-x86_64 && \ + shared linux-x86_64 && \ make && make install_sw -RUN curl -s https://www.openssl.org/source/openssl-1.1.0b.tar.gz | tar -C /build/openssl -xzf - && \ - cd /build/openssl/openssl-1.1.0b && \ +RUN curl -s https://www.openssl.org/source/openssl-1.1.0d.tar.gz | tar -C /build/openssl -xzf - && \ + cd /build/openssl/openssl-1.1.0d && \ ./Configure \ --prefix=/opt/openssl/openssl-1.1.0 \ enable-crypto-mdebug enable-crypto-mdebug-backtrace \ - debug-linux-x86_64 && \ + linux-x86_64 && \ make && make install_sw -# Supported libressl versions: 2.3, 2.4, 2.5 -RUN curl -s http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.3.8.tar.gz | tar -C /build/openssl -xzf - -RUN cd /build/openssl/libressl-2.3.8 && \ +# Supported libressl versions: 2.3- +RUN curl -s http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.3.9.tar.gz | tar -C /build/openssl -xzf - +RUN cd /build/openssl/libressl-2.3.9 && \ ./configure \ --prefix=/opt/openssl/libressl-2.3 && \ make && make install -RUN curl -s http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.4.3.tar.gz | tar -C /build/openssl -xzf - -RUN cd /build/openssl/libressl-2.4.3 && \ +RUN curl -s http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.4.4.tar.gz | tar -C /build/openssl -xzf - +RUN cd /build/openssl/libressl-2.4.4 && \ ./configure \ --prefix=/opt/openssl/libressl-2.4 && \ make && make install @@ -69,16 +69,24 @@ RUN cd /build/openssl/libressl-2.5.0 && \ --prefix=/opt/openssl/libressl-2.5 && \ make && make install -# Supported Ruby versions: 2.3 +# Supported Ruby versions: 2.3- RUN mkdir -p /build/ruby -RUN curl -s https://cache.ruby-lang.org/pub/ruby/2.3/ruby-2.3.1.tar.gz | tar -C /build/ruby -xzf - && \ - cd /build/ruby/ruby-2.3.1 && \ +RUN curl -s https://cache.ruby-lang.org/pub/ruby/2.3/ruby-2.3.3.tar.gz | tar -C /build/ruby -xzf - && \ + cd /build/ruby/ruby-2.3.3 && \ autoconf && ./configure \ --without-openssl \ --prefix=/opt/ruby/ruby-2.3 \ --disable-install-doc && \ make && make install +RUN curl -s https://cache.ruby-lang.org/pub/ruby/2.4/ruby-2.4.0.tar.gz | tar -C /build/ruby -xzf - && \ + cd /build/ruby/ruby-2.4.0 && \ + autoconf && ./configure \ + --without-openssl \ + --prefix=/opt/ruby/ruby-2.4 \ + --disable-install-doc && \ + make && make install + ONBUILD ADD . /home/openssl/code ONBUILD WORKDIR /home/openssl/code diff --git a/tool/ruby-openssl-docker/init.sh b/tool/ruby-openssl-docker/init.sh index c4301482d..4d97e28c7 100755 --- a/tool/ruby-openssl-docker/init.sh +++ b/tool/ruby-openssl-docker/init.sh @@ -2,12 +2,12 @@ if [[ "$RUBY_VERSION" = "" ]] then - RUBY_VERSION=ruby-2.3 + RUBY_VERSION=ruby-2.4 fi if [[ "$OPENSSL_VERSION" = "" ]] then - OPENSSL_VERSION=openssl-1.0.2 + OPENSSL_VERSION=openssl-1.1.0 fi echo "Using Ruby ${RUBY_VERSION} with OpenSSL ${OPENSSL_VERSION}." From faefff2af2b454817b05ff21536d1f7aeaf28734 Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi Date: Sat, 21 Jan 2017 02:01:37 +0900 Subject: [PATCH 8/9] .travis.yml: test with Ruby 2.4 --- .travis.yml | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/.travis.yml b/.travis.yml index c770d989b..1476daf6a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -17,11 +17,12 @@ script: matrix: fast_finish: true include: - - env: RUBY_VERSION=ruby-2.3 OPENSSL_VERSION=openssl-1.0.0 OSSL_MDEBUG=1 - - env: RUBY_VERSION=ruby-2.3 OPENSSL_VERSION=openssl-1.0.1 OSSL_MDEBUG=1 - - env: RUBY_VERSION=ruby-2.3 OPENSSL_VERSION=openssl-1.0.2 OSSL_MDEBUG=1 - - env: RUBY_VERSION=ruby-2.3 OPENSSL_VERSION=openssl-1.1.0 OSSL_MDEBUG=1 - - env: RUBY_VERSION=ruby-2.3 OPENSSL_VERSION=libressl-2.3 - - env: RUBY_VERSION=ruby-2.3 OPENSSL_VERSION=libressl-2.4 - - env: RUBY_VERSION=ruby-2.3 OPENSSL_VERSION=libressl-2.5 + - env: RUBY_VERSION=ruby-2.3 OPENSSL_VERSION=openssl-1.0.2 + - env: RUBY_VERSION=ruby-2.4 OPENSSL_VERSION=openssl-1.0.0 + - env: RUBY_VERSION=ruby-2.4 OPENSSL_VERSION=openssl-1.0.1 + - env: RUBY_VERSION=ruby-2.4 OPENSSL_VERSION=openssl-1.0.2 + - env: RUBY_VERSION=ruby-2.4 OPENSSL_VERSION=openssl-1.1.0 + - env: RUBY_VERSION=ruby-2.4 OPENSSL_VERSION=libressl-2.3 + - env: RUBY_VERSION=ruby-2.4 OPENSSL_VERSION=libressl-2.4 + - env: RUBY_VERSION=ruby-2.4 OPENSSL_VERSION=libressl-2.5 allow_failures: From 74f166f410bd75d625a69ecc2b53601718294930 Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi Date: Tue, 31 Jan 2017 18:14:44 +0900 Subject: [PATCH 9/9] Ruby/OpenSSL 2.0.3 --- ext/openssl/ossl_version.h | 2 +- openssl.gemspec | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ext/openssl/ossl_version.h b/ext/openssl/ossl_version.h index d1bd7bc4b..b98533f48 100644 --- a/ext/openssl/ossl_version.h +++ b/ext/openssl/ossl_version.h @@ -10,6 +10,6 @@ #if !defined(_OSSL_VERSION_H_) #define _OSSL_VERSION_H_ -#define OSSL_VERSION "2.0.2" +#define OSSL_VERSION "2.0.3" #endif /* _OSSL_VERSION_H_ */ diff --git a/openssl.gemspec b/openssl.gemspec index c637080c8..da7a17659 100644 --- a/openssl.gemspec +++ b/openssl.gemspec @@ -1,6 +1,6 @@ Gem::Specification.new do |spec| spec.name = "openssl" - spec.version = "2.0.2" + spec.version = "2.0.3" spec.authors = ["Martin Bosslet", "SHIBATA Hiroshi", "Zachary Scott", "Kazuki Yamaguchi"] spec.email = ["ruby-core@ruby-lang.org"] spec.summary = %q{OpenSSL provides SSL, TLS and general purpose cryptography.} pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy