Bug #14754 ยป 0001-openssl-import-v2.0.8.patch
| ext/openssl/History.md | ||
|---|---|---|
|
Version 2.0.8
|
||
|
=============
|
||
|
Bug fixes
|
||
|
---------
|
||
|
* OpenSSL::Cipher#pkcs5_keyivgen raises an error when a negative iteration
|
||
|
count is given.
|
||
|
[[GitHub #184]](https://github.com/ruby/openssl/pull/184)
|
||
|
* Fixed build with LibreSSL 2.7.
|
||
|
[[GitHub #192]](https://github.com/ruby/openssl/issues/192)
|
||
|
[[GitHub #193]](https://github.com/ruby/openssl/pull/193)
|
||
|
Version 2.0.7
|
||
|
=============
|
||
| ext/openssl/extconf.rb | ||
|---|---|---|
|
have_func("SSL_is_server")
|
||
|
# added in 1.1.0
|
||
|
if !have_struct_member("SSL", "ctx", "openssl/ssl.h") ||
|
||
|
try_static_assert("LIBRESSL_VERSION_NUMBER >= 0x2070000fL", "openssl/opensslv.h")
|
||
|
$defs.push("-DHAVE_OPAQUE_OPENSSL")
|
||
|
end
|
||
|
have_func("CRYPTO_lock") || $defs.push("-DHAVE_OPENSSL_110_THREADING_API")
|
||
|
have_struct_member("SSL", "ctx", "openssl/ssl.h") || $defs.push("-DHAVE_OPAQUE_OPENSSL")
|
||
|
have_func("BN_GENCB_new")
|
||
|
have_func("BN_GENCB_free")
|
||
|
have_func("BN_GENCB_get_arg")
|
||
| ext/openssl/openssl.gemspec | ||
|---|---|---|
|
# -*- encoding: utf-8 -*-
|
||
|
# stub: openssl 2.0.7 ruby lib
|
||
|
# stub: openssl 2.0.8 ruby lib
|
||
|
# stub: ext/openssl/extconf.rb
|
||
|
Gem::Specification.new do |s|
|
||
|
s.name = "openssl".freeze
|
||
|
s.version = "2.0.7"
|
||
|
s.version = "2.0.8"
|
||
|
s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version=
|
||
|
s.metadata = { "msys2_mingw_dependencies" => "openssl" } if s.respond_to? :metadata=
|
||
|
s.require_paths = ["lib".freeze]
|
||
|
s.authors = ["Martin Bosslet".freeze, "SHIBATA Hiroshi".freeze, "Zachary Scott".freeze, "Kazuki Yamaguchi".freeze]
|
||
|
s.date = "2017-12-14"
|
||
|
s.date = "2018-05-12"
|
||
|
s.description = "It wraps the OpenSSL library.".freeze
|
||
|
s.email = ["ruby-core@ruby-lang.org".freeze]
|
||
|
s.extensions = ["ext/openssl/extconf.rb".freeze]
|
||
|
s.extra_rdoc_files = ["CONTRIBUTING.md".freeze, "README.md".freeze, "History.md".freeze]
|
||
|
s.extra_rdoc_files = ["CONTRIBUTING.md".freeze, "History.md".freeze, "README.md".freeze]
|
||
|
s.files = ["BSDL".freeze, "CONTRIBUTING.md".freeze, "History.md".freeze, "LICENSE.txt".freeze, "README.md".freeze, "ext/openssl/deprecation.rb".freeze, "ext/openssl/extconf.rb".freeze, "ext/openssl/openssl_missing.c".freeze, "ext/openssl/openssl_missing.h".freeze, "ext/openssl/ossl.c".freeze, "ext/openssl/ossl.h".freeze, "ext/openssl/ossl_asn1.c".freeze, "ext/openssl/ossl_asn1.h".freeze, "ext/openssl/ossl_bio.c".freeze, "ext/openssl/ossl_bio.h".freeze, "ext/openssl/ossl_bn.c".freeze, "ext/openssl/ossl_bn.h".freeze, "ext/openssl/ossl_cipher.c".freeze, "ext/openssl/ossl_cipher.h".freeze, "ext/openssl/ossl_config.c".freeze, "ext/openssl/ossl_config.h".freeze, "ext/openssl/ossl_digest.c".freeze, "ext/openssl/ossl_digest.h".freeze, "ext/openssl/ossl_engine.c".freeze, "ext/openssl/ossl_engine.h".freeze, "ext/openssl/ossl_hmac.c".freeze, "ext/openssl/ossl_hmac.h".freeze, "ext/openssl/ossl_ns_spki.c".freeze, "ext/openssl/ossl_ns_spki.h".freeze, "ext/openssl/ossl_ocsp.c".freeze, "ext/openssl/ossl_ocsp.h".freeze, "ext/openssl/ossl_pkcs12.c".freeze, "ext/openssl/ossl_pkcs12.h".freeze, "ext/openssl/ossl_pkcs5.c".freeze, "ext/openssl/ossl_pkcs5.h".freeze, "ext/openssl/ossl_pkcs7.c".freeze, "ext/openssl/ossl_pkcs7.h".freeze, "ext/openssl/ossl_pkey.c".freeze, "ext/openssl/ossl_pkey.h".freeze, "ext/openssl/ossl_pkey_dh.c".freeze, "ext/openssl/ossl_pkey_dsa.c".freeze, "ext/openssl/ossl_pkey_ec.c".freeze, "ext/openssl/ossl_pkey_rsa.c".freeze, "ext/openssl/ossl_rand.c".freeze, "ext/openssl/ossl_rand.h".freeze, "ext/openssl/ossl_ssl.c".freeze, "ext/openssl/ossl_ssl.h".freeze, "ext/openssl/ossl_ssl_session.c".freeze, "ext/openssl/ossl_version.h".freeze, "ext/openssl/ossl_x509.c".freeze, "ext/openssl/ossl_x509.h".freeze, "ext/openssl/ossl_x509attr.c".freeze, "ext/openssl/ossl_x509cert.c".freeze, "ext/openssl/ossl_x509crl.c".freeze, "ext/openssl/ossl_x509ext.c".freeze, "ext/openssl/ossl_x509name.c".freeze, "ext/openssl/ossl_x509req.c".freeze, "ext/openssl/ossl_x509revoked.c".freeze, "ext/openssl/ossl_x509store.c".freeze, "ext/openssl/ruby_missing.h".freeze, "lib/openssl.rb".freeze, "lib/openssl/bn.rb".freeze, "lib/openssl/buffering.rb".freeze, "lib/openssl/cipher.rb".freeze, "lib/openssl/config.rb".freeze, "lib/openssl/digest.rb".freeze, "lib/openssl/pkey.rb".freeze, "lib/openssl/ssl.rb".freeze, "lib/openssl/x509.rb".freeze]
|
||
|
s.homepage = "https://www.ruby-lang.org/".freeze
|
||
|
s.licenses = ["Ruby".freeze]
|
||
|
s.rdoc_options = ["--main".freeze, "README.md".freeze]
|
||
|
s.required_ruby_version = Gem::Requirement.new(">= 2.3.0".freeze)
|
||
|
s.rubygems_version = "2.7.3".freeze
|
||
|
s.rubygems_version = "2.7.6".freeze
|
||
|
s.summary = "OpenSSL provides SSL, TLS and general purpose cryptography.".freeze
|
||
|
if s.respond_to? :specification_version then
|
||
| ext/openssl/ossl_cipher.c | ||
|---|---|---|
|
salt = (unsigned char *)RSTRING_PTR(vsalt);
|
||
|
}
|
||
|
iter = NIL_P(viter) ? 2048 : NUM2INT(viter);
|
||
|
if (iter <= 0)
|
||
|
rb_raise(rb_eArgError, "iterations must be a positive integer");
|
||
|
digest = NIL_P(vdigest) ? EVP_md5() : GetDigestPtr(vdigest);
|
||
|
GetCipher(self, ctx);
|
||
|
EVP_BytesToKey(EVP_CIPHER_CTX_cipher(ctx), digest, salt,
|
||
| ext/openssl/ossl_version.h | ||
|---|---|---|
|
#if !defined(_OSSL_VERSION_H_)
|
||
|
#define _OSSL_VERSION_H_
|
||
|
#define OSSL_VERSION "2.0.7"
|
||
|
#define OSSL_VERSION "2.0.8"
|
||
|
#endif /* _OSSL_VERSION_H_ */
|
||
| test/openssl/test_cipher.rb | ||
|---|---|---|
|
s2 = cipher.update(pt) << cipher.final
|
||
|
assert_equal s1, s2
|
||
|
cipher2 = OpenSSL::Cipher.new("DES-EDE3-CBC").encrypt
|
||
|
assert_raise(ArgumentError) { cipher2.pkcs5_keyivgen(pass, salt, -1, "MD5") }
|
||
|
end
|
||
|
def test_info
|
||
| test/openssl/test_pkey_rsa.rb | ||
|---|---|---|
|
end
|
||
|
end
|
||
|
def test_generate
|
||
|
key = OpenSSL::PKey::RSA.generate(512, 17)
|
||
|
assert_equal 512, key.n.num_bits
|
||
|
assert_equal 17, key.e
|
||
|
assert_not_nil key.d
|
||
|
end
|
||
|
def test_new_break
|
||
|
assert_nil(OpenSSL::PKey::RSA.new(1024) { break })
|
||
|
assert_raise(RuntimeError) do
|
||
| ... | ... | |
|
end
|
||
|
def test_dup
|
||
|
key = OpenSSL::PKey::RSA.generate(256, 17)
|
||
|
key = Fixtures.pkey("rsa1024")
|
||
|
key2 = key.dup
|
||
|
assert_equal key.params, key2.params
|
||
|
key2.set_key(key2.n, 3, key2.d)
|
||
| test/openssl/test_ssl_session.rb | ||
|---|---|---|
|
first_session = nil
|
||
|
10.times do |i|
|
||
|
connections = i
|
||
|
server_connect_with_session(port, nil, first_session) { |ssl|
|
||
|
cctx = OpenSSL::SSL::SSLContext.new
|
||
|
cctx.ssl_version = :TLSv1_2
|
||
|
server_connect_with_session(port, cctx, first_session) { |ssl|
|
||
|
ssl.puts("abc"); assert_equal "abc\n", ssl.gets
|
||
|
first_session ||= ssl.session
|
||
| ... | ... | |
|
connections = nil
|
||
|
called = {}
|
||
|
cctx = OpenSSL::SSL::SSLContext.new
|
||
|
cctx.ssl_version = :TLSv1_2
|
||
|
sctx = nil
|
||
|
ctx_proc = Proc.new { |ctx|
|
||
|
sctx = ctx
|
||
| ... | ... | |
|
}
|
||
|
start_server(ctx_proc: ctx_proc) do |port|
|
||
|
connections = 0
|
||
|
sess0 = server_connect_with_session(port, nil, nil) { |ssl|
|
||
|
sess0 = server_connect_with_session(port, cctx, nil) { |ssl|
|
||
|
ssl.puts("abc"); assert_equal "abc\n", ssl.gets
|
||
|
assert_equal false, ssl.session_reused?
|
||
|
ssl.session
|
||
| ... | ... | |
|
# Internal cache hit
|
||
|
connections = 1
|
||
|
server_connect_with_session(port, nil, sess0.dup) { |ssl|
|
||
|
server_connect_with_session(port, cctx, sess0.dup) { |ssl|
|
||
|
ssl.puts("abc"); assert_equal "abc\n", ssl.gets
|
||
|
assert_equal true, ssl.session_reused?
|
||
|
ssl.session
|
||
| ... | ... | |
|
# External cache hit
|
||
|
connections = 2
|
||
|
sess2 = server_connect_with_session(port, nil, sess0.dup) { |ssl|
|
||
|
sess2 = server_connect_with_session(port, cctx, sess0.dup) { |ssl|
|
||
|
ssl.puts("abc"); assert_equal "abc\n", ssl.gets
|
||
|
if !ssl.session_reused? && openssl?(1, 1, 0) && !openssl?(1, 1, 0, 7)
|
||
|
# OpenSSL >= 1.1.0, < 1.1.0g
|
||
| ... | ... | |
|
# Cache miss
|
||
|
connections = 3
|
||
|
sess3 = server_connect_with_session(port, nil, sess0.dup) { |ssl|
|
||
|
sess3 = server_connect_with_session(port, cctx, sess0.dup) { |ssl|
|
||
|
ssl.puts("abc"); assert_equal "abc\n", ssl.gets
|
||
|
assert_equal false, ssl.session_reused?
|
||
|
ssl.session
|
||
| test/openssl/utils.rb | ||
|---|---|---|
|
threads = []
|
||
|
begin
|
||
|
server_thread = Thread.new do
|
||
|
if Thread.method_defined?(:report_on_exception=) # Ruby >= 2.4
|
||
|
Thread.current.report_on_exception = false
|
||
|
end
|
||
|
begin
|
||
|
loop do
|
||
|
begin
|
||
| ... | ... | |
|
end
|
||
|
th = Thread.new do
|
||
|
if Thread.method_defined?(:report_on_exception=)
|
||
|
Thread.current.report_on_exception = false
|
||
|
end
|
||
|
begin
|
||
|
server_proc.call(ctx, ssl)
|
||
|
ensure
|
||
| ... | ... | |
|
end
|
||
|
client_thread = Thread.new do
|
||
|
if Thread.method_defined?(:report_on_exception=)
|
||
|
Thread.current.report_on_exception = false
|
||
|
end
|
||
|
begin
|
||
|
block.call(port)
|
||
|
ensure
|
||