https://redmine.ruby-lang.org/https://redmine.ruby-lang.org/favicon.ico?17113305112010-12-22T09:22:12ZRuby Issue Tracking SystemRuby master - Feature #4183: [ext/openssl] Timestamp supporthttps://redmine.ruby-lang.org/issues/4183?journal_id=147812010-12-22T09:22:12Ztenderlovemaking (Aaron Patterson)tenderlove@ruby-lang.org
<ul><li><strong>Assignee</strong> set to <i>tenderlovemaking (Aaron Patterson)</i></li><li><strong>Target version</strong> changed from <i>1.9.2</i> to <i>2.0.0</i></li></ul> Ruby master - Feature #4183: [ext/openssl] Timestamp supporthttps://redmine.ruby-lang.org/issues/4183?journal_id=148422010-12-25T06:37:25Ztenderlovemaking (Aaron Patterson)tenderlove@ruby-lang.org
<ul></ul><p>On Wed, Dec 22, 2010 at 03:19:12AM +0900, Martin Bosslet wrote:</p>
<blockquote>
<p>Feature <a class="issue tracker-2 status-5 priority-4 priority-default closed" title="Feature: [ext/openssl] Timestamp support (Closed)" href="https://redmine.ruby-lang.org/issues/4183">#4183</a>: [ext/openssl] Timestamp support<br>
<a href="http://redmine.ruby-lang.org/issues/show/4183" class="external">http://redmine.ruby-lang.org/issues/show/4183</a></p>
<p>Author: Martin Bosslet<br>
Status: Open, Priority: Normal<br>
Category: ext, Target version: 1.9.2</p>
<p>Hi,</p>
<p>I'd like to propose the attached code to support timestamp creation and verification in ext/openssl under a new module OpenSSL::Timestamp. It comes also with various tests and rDoc documentation. Since OpenSSL only supports timestamps beginning with OpenSSL 1.0, the entire code is in #if brackets and the module is defined only for OpenSSL versions >= 1.0.</p>
</blockquote>
<p>I think this is good functionality to add.</p>
<p>The patch seems good. I noticed some code that is not necessary though.<br>
You can remove these lines:</p>
<pre><code class="c syntaxhl" data-language="c"> <span class="cm">/*
* Creates a Factory.
*
* call-seq:
* OpenSSL::Timestamp::Factory.new -> Factory
*/</span>
<span class="k">static</span> <span class="n">VALUE</span>
<span class="nf">ossl_tsfac_initialize</span><span class="p">(</span><span class="n">VALUE</span> <span class="n">self</span><span class="p">)</span>
<span class="p">{</span>
<span class="k">return</span> <span class="n">self</span><span class="p">;</span>
<span class="p">}</span>
<span class="n">rb_define_method</span><span class="p">(</span><span class="n">cTimestampFactory</span><span class="p">,</span> <span class="s">"initialize"</span><span class="p">,</span> <span class="n">ossl_tsfac_initialize</span><span class="p">,</span> <span class="mi">0</span><span class="p">);</span>
</code></pre>
<p>and everything will Just Workâ˘.</p>
<p>This patch is really long, so if nobody objects after a week or two,<br>
I'll apply.</p>
<p>--<br>
Aaron Patterson<br>
<a href="http://tenderlovemaking.com/" class="external">http://tenderlovemaking.com/</a></p>
<p>Attachment: (unnamed)</p> Ruby master - Feature #4183: [ext/openssl] Timestamp supporthttps://redmine.ruby-lang.org/issues/4183?journal_id=148432010-12-25T10:44:37Znobu (Nobuyoshi Nakada)nobu@ruby-lang.org
<ul></ul><p>Hi,</p>
<p>At Sat, 25 Dec 2010 06:32:14 +0900,<br>
Aaron Patterson wrote in <a href="https://blade.ruby-lang.org/ruby-core/33858">[ruby-core:33858]</a>:</p>
<blockquote>
<p>The patch seems good. I noticed some code that is not necessary though.</p>
</blockquote>
<p>Just curious for my eyes,<br>
In <code>ossl_ts_verify()</code>:</p>
<pre><code class="c syntaxhl" data-language="c"><span class="mi">1068</span> <span class="nf">if</span> <span class="p">(</span><span class="o">!</span><span class="p">(</span><span class="n">ctx</span><span class="o">-></span><span class="n">store</span> <span class="o">=</span> <span class="n">X509_STORE_new</span><span class="p">()))</span> <span class="p">{</span>
<span class="mi">1069</span> <span class="n">ossl_raise</span><span class="p">(</span><span class="n">eTimestampError</span><span class="p">,</span> <span class="nb">NULL</span><span class="p">);</span>
<span class="mi">1070</span> <span class="k">goto</span> <span class="n">end</span><span class="p">;</span>
<span class="mi">1071</span> <span class="p">}</span>
</code></pre>
<p>Jump to clean-up after raise?</p>
<pre><code class="c syntaxhl" data-language="c"><span class="mi">1109</span> <span class="n">end</span><span class="o">:</span>
<span class="mi">1110</span> <span class="nf">TS_VERIFY_CTX_free</span><span class="p">(</span><span class="n">ctx</span><span class="p">);</span>
<span class="mi">1111</span> <span class="k">return</span> <span class="n">ret</span><span class="p">;</span>
</code></pre>
<p>In <code>ossl_tsfac_create_ts()</code>:</p>
<pre><code class="c syntaxhl" data-language="c"><span class="mi">1231</span> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="p">(</span><span class="n">inter_certs</span> <span class="o">=</span> <span class="n">sk_X509_new_null</span><span class="p">()))</span> <span class="k">goto</span> <span class="n">end</span><span class="p">;</span>
</code></pre>
<p>When inter_certs can't get created, all the rest are just skipped?</p>
<pre><code class="c syntaxhl" data-language="c"><span class="mi">1232</span> <span class="nf">if</span> <span class="p">(</span><span class="n">tsa_cert</span><span class="p">)</span>
<span class="mi">1233</span> <span class="k">if</span> <span class="p">(</span><span class="n">rb_obj_is_kind_of</span><span class="p">(</span><span class="n">additional_certs</span><span class="p">,</span> <span class="n">rb_cArray</span><span class="p">))</span> <span class="p">{</span>
<span class="mi">1234</span> <span class="k">for</span> <span class="p">(</span><span class="n">i</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span> <span class="n">i</span> <span class="o"><</span> <span class="n">RARRAY_LEN</span><span class="p">(</span><span class="n">additional_certs</span><span class="p">);</span> <span class="n">i</span><span class="o">++</span><span class="p">)</span> <span class="p">{</span>
<span class="mi">1235</span> <span class="n">cert</span> <span class="o">=</span> <span class="n">rb_ary_entry</span><span class="p">(</span><span class="n">additional_certs</span><span class="p">,</span> <span class="n">i</span><span class="p">);</span>
<span class="mi">1236</span> <span class="n">sk_X509_push</span><span class="p">(</span><span class="n">inter_certs</span><span class="p">,</span> <span class="n">GetX509CertPtr</span><span class="p">(</span><span class="n">cert</span><span class="p">));</span>
<span class="mi">1237</span> <span class="p">}</span>
<span class="mi">1238</span> <span class="p">}</span>
<span class="mi">1239</span> <span class="k">else</span> <span class="p">{</span>
<span class="mi">1240</span> <span class="n">sk_X509_push</span><span class="p">(</span><span class="n">inter_certs</span><span class="p">,</span> <span class="n">GetX509CertPtr</span><span class="p">(</span><span class="n">additional_certs</span><span class="p">));</span>
<span class="mi">1241</span> <span class="p">}</span>
</code></pre>
<p>Just indentation of 1233..1241 is wrong, or 1232 is misplaced?</p>
<p>A patch to suppress some warnings.</p>
<pre><code class="diff syntaxhl" data-language="diff"><span class="gh">diff --git i/ext/.document w/ext/.document
index 6f4f668..3c5ff49 100644
</span><span class="gd">--- i/ext/.document
</span><span class="gi">+++ w/ext/.document
</span><span class="p">@@ -37,6 +37,7 @@</span> openssl/ossl_pkey_rsa.c
openssl/ossl_rand.c
openssl/ossl_ssl.c
openssl/ossl_ssl_session.c
<span class="gi">+openssl/ossl_ts.c
</span> openssl/ossl_x509.c
openssl/ossl_x509attr.c
openssl/ossl_x509cert.c
<span class="gh">diff --git i/ext/openssl/extconf.rb w/ext/openssl/extconf.rb
index b1f2d88..14e2745 100644
</span><span class="gd">--- i/ext/openssl/extconf.rb
</span><span class="gi">+++ w/ext/openssl/extconf.rb
</span><span class="p">@@ -127,6 +127,7 @@</span> end
have_struct_member("EVP_CIPHER_CTX", "flags", "openssl/evp.h")
have_struct_member("EVP_CIPHER_CTX", "engine", "openssl/evp.h")
have_struct_member("X509_ATTRIBUTE", "single", "openssl/x509.h")
<span class="gi">+have_header("openssl/ts.h")
</span>
message "=== Checking done. ===\n"
<span class="gh">diff --git i/ext/openssl/ossl.c w/ext/openssl/ossl.c
index 1e4f935..9a8d02e 100644
</span><span class="gd">--- i/ext/openssl/ossl.c
</span><span class="gi">+++ w/ext/openssl/ossl.c
</span><span class="p">@@ -865,6 +865,9 @@</span> Init_openssl()
Init_ossl_pkey();
Init_ossl_rand();
Init_ossl_ssl();
<span class="gi">+#if HAVE_OPENSSL_TS_H
+ Init_ossl_ts();
+#endif
</span> Init_ossl_x509();
Init_ossl_ocsp();
Init_ossl_engine();
<span class="gh">diff --git i/ext/openssl/ossl.h w/ext/openssl/ossl.h
index 4bb18d5..6b2ddae 100644
</span><span class="gd">--- i/ext/openssl/ossl.h
</span><span class="gi">+++ w/ext/openssl/ossl.h
</span><span class="p">@@ -59,6 +59,9 @@</span> extern "C" {
#include <openssl/rand.h>
#include <openssl/conf.h>
#include <openssl/conf_api.h>
<span class="gi">+#if HAVE_OPENSSL_TS_H
+# include <openssl/ts.h>
+#endif
</span> #undef X509_NAME
#undef PKCS7_SIGNER_INFO
#if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ST_ENGINE)
<span class="p">@@ -215,6 +218,9 @@</span> void ossl_debug(const char *, ...);
#include "ossl_pkey.h"
#include "ossl_rand.h"
#include "ossl_ssl.h"
<span class="gi">+#if HAVE_OPENSSL_TS_H
+# include "ossl_ts.h"
+#endif
</span> #include "ossl_version.h"
#include "ossl_x509.h"
#include "ossl_engine.h"
<span class="gh">diff --git i/ext/openssl/ossl_ts.c w/ext/openssl/ossl_ts.c
</span><span class="p">old mode 100755
new mode 100644
</span><span class="gh">index a0b8ca2..6adc8d9
</span><span class="gd">--- i/ext/openssl/ossl_ts.c
</span><span class="gi">+++ w/ext/openssl/ossl_ts.c
</span><span class="p">@@ -110,19 +110,6 @@</span> obj_to_asn1obj(VALUE obj)
return a1obj;
}
<span class="gd">-static ASN1_STRING*
-obj_to_asn1str(VALUE obj)
-{
- ASN1_STRING *str;
-
- StringValue(obj);
- if(!(str = ASN1_STRING_new()))
- ossl_raise(eASN1Error, NULL);
- ASN1_STRING_set(str, RSTRING_PTR(obj), RSTRING_LEN(obj));
-
- return str;
-}
-
</span> static VALUE
get_asn1obj(ASN1_OBJECT *obj)
{
<span class="p">@@ -319,7 +306,7 @@</span> ossl_tsreq_set_msg_imprint(VALUE self, VALUE hash)
ossl_raise(eTimestampError, NULL);
return self;
}
<span class="gd">- TS_MSG_IMPRINT_set_msg(mi, RSTRING_PTR(hash), RSTRING_LEN(hash));
</span><span class="gi">+ TS_MSG_IMPRINT_set_msg(mi, (unsigned char *)RSTRING_PTR(hash), RSTRING_LEN(hash));
</span>
return hash;
}
<span class="p">@@ -401,6 +388,7 @@</span> ossl_tsreq_set_policy_id(VALUE self, VALUE oid)
ASN1_OBJECT_free(req->policy_id);
obj = obj_to_asn1obj(oid);
req->policy_id = obj;
<span class="gi">+ return oid;
</span> }
/*
<span class="p">@@ -536,7 +524,8 @@</span> ossl_tsresp_alloc(VALUE klass)
* OpenSSL::Timestamp::Response.new(string) -> response
*/
static VALUE
<span class="gd">-ossl_ts_initialize(VALUE self, VALUE der) {
</span><span class="gi">+ossl_ts_initialize(VALUE self, VALUE der)
+{
</span> TS_RESP *ts_resp = DATA_PTR(self);
BIO *in;
<span class="p">@@ -666,8 +655,6 @@</span> ossl_ts_get_pkcs7(VALUE self)
{
TS_RESP *resp;
PKCS7 *p7;
<span class="gd">- unsigned char *p;
- int len;
</span>
GetTS_RESP(self, resp);
p7 = resp->token;
<span class="p">@@ -920,7 +907,7 @@</span> ossl_ts_to_der(VALUE self)
}
static void
<span class="gd">-int_ossl_handle_verify_errors()
</span><span class="gi">+int_ossl_handle_verify_errors(void)
</span> {
const char *msg = NULL;
int is_validation_err = 0;
<span class="p">@@ -1124,7 +1111,8 @@</span> ossl_tsfac_initialize(VALUE self)
}
static ASN1_INTEGER *
<span class="gd">-ossl_tsfac_serial_cb(struct TS_resp_ctx *ctx, void *data) {
</span><span class="gi">+ossl_tsfac_serial_cb(struct TS_resp_ctx *ctx, void *data)
+{
</span> VALUE serial = *((VALUE *)data);
ASN1_INTEGER *num;
if (!(num = ASN1_INTEGER_new())) {
<span class="p">@@ -1280,7 +1268,7 @@</span> end:
* INIT
*/
void
<span class="gd">-Init_ossl_ts()
</span><span class="gi">+Init_ossl_ts(void)
</span> {
#if 0
mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */
<span class="p">@@ -1543,4 +1531,4 @@</span> Init_ossl_ts()
rb_define_method(cTimestampFactory, "create_timestamp", ossl_tsfac_create_ts, 3);
}
<span class="gd">-#endif
</span>\ No newline at end of file
<span class="gi">+#endif
</span><span class="gh">diff --git i/ext/openssl/ossl_ts.h w/ext/openssl/ossl_ts.h
index bbf3a0a..5034443 100755
</span><span class="gd">--- i/ext/openssl/ossl_ts.h
</span><span class="gi">+++ w/ext/openssl/ossl_ts.h
</span><span class="p">@@ -22,4 +22,4 @@</span> extern VALUE cTimestampFactory;
void Init_ossl_ts(void);
TS_RESP *GetTsRespPtr(VALUE obj);
<span class="gd">-#endif
</span>\ No newline at end of file
<span class="gi">+#endif
</span>~~~
<span class="err">
</span><span class="gd">--
</span><span class="p">Nobu Nakada
</span><span class="err">
</span></code></pre> Ruby master - Feature #4183: [ext/openssl] Timestamp supporthttps://redmine.ruby-lang.org/issues/4183?journal_id=148512010-12-25T23:59:06Znahi (Hiroshi Nakamura)nakahiro@gmail.com
<ul></ul><p>=begin<br>
Hi,</p>
<p>On Sat, Dec 25, 2010 at 06:32, Aaron Patterson<br>
<a href="mailto:aaron@tenderlovemaking.com" class="email">aaron@tenderlovemaking.com</a> wrote:</p>
<blockquote>
<p>This patch is really long, so if nobody objects after a week or two,<br>
I'll apply.</p>
</blockquote>
<p>Isn't it good to ask him to be a ruby-ossl maintainer, instead of<br>
applying the patch we don't understand?</p>
<p>Regards,<br>
// NaHi</p>
<p>=end</p> Ruby master - Feature #4183: [ext/openssl] Timestamp supporthttps://redmine.ruby-lang.org/issues/4183?journal_id=148612010-12-26T06:18:41Ztenderlovemaking (Aaron Patterson)tenderlove@ruby-lang.org
<ul></ul><p>=begin<br>
On Sat, Dec 25, 2010 at 11:58:56PM +0900, Hiroshi Nakamura wrote:</p>
<blockquote>
<p>Hi,</p>
<p>On Sat, Dec 25, 2010 at 06:32, Aaron Patterson<br>
<a href="mailto:aaron@tenderlovemaking.com" class="email">aaron@tenderlovemaking.com</a> wrote:</p>
<blockquote>
<p>This patch is really long, so if nobody objects after a week or two,<br>
I'll apply.</p>
</blockquote>
<p>Isn't it good to ask him to be a ruby-ossl maintainer, instead of<br>
applying the patch we don't understand?</p>
</blockquote>
<p>I don't mind spending time to maintain openssl, but a patch this long is<br>
difficult for just one person to review. I take responsibility for<br>
patches I apply, so if there are bugs, I will fix them.</p>
<p>That being said, we can always use help! :-D</p>
<p>--<br>
Aaron Patterson<br>
<a href="http://tenderlovemaking.com/" class="external">http://tenderlovemaking.com/</a></p>
<p>Attachment: (unnamed)<br>
=end</p> Ruby master - Feature #4183: [ext/openssl] Timestamp supporthttps://redmine.ruby-lang.org/issues/4183?journal_id=148922010-12-27T01:07:13ZMartinBosslet (Martin Bosslet)Martin.Bosslet@gmail.com
<ul><li><strong>File</strong> <a href="/attachments/1379">ts2.tar.gz</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/1379/ts2.tar.gz">ts2.tar.gz</a> added</li></ul><p>=begin<br>
Thanks for the input! I updated the code with regard to Aaron's and Nobuyoshi's comments. Concerning Nobuyoshi's questions:</p>
<blockquote>
<p>Just curious for my eyes,<br>
In ossl_ts_verify():<br>
1068 if (!(ctx->store = X509_STORE_new())) {<br>
1069 ossl_raise(eTimestampError, NULL);<br>
1070 goto end;<br>
1071 }</p>
</blockquote>
<blockquote>
<p>Jump to clean-up after raise?</p>
</blockquote>
<blockquote>
<p>1109 end:<br>
1110 TS_VERIFY_CTX_free(ctx);<br>
1111 return ret;</p>
</blockquote>
<p>I corrected this, cleanup is now performed before the raise.</p>
<blockquote>
<p>In ossl_tsfac_create_ts():<br>
1231 if (!(inter_certs = sk_X509_new_null())) goto end;</p>
</blockquote>
<blockquote>
<p>When inter_certs can't get created, all the rest are just skipped?</p>
</blockquote>
<p>I forgot to set the error message there. Corrected this, now an error is raised when allocation fails.</p>
<blockquote>
<p>1232 if (tsa_cert)<br>
1233 if (rb_obj_is_kind_of(additional_certs, rb_cArray)) {<br>
1234 for (i = 0; i < RARRAY_LEN(additional_certs); i++) {<br>
1235 cert = rb_ary_entry(additional_certs, i);<br>
1236 sk_X509_push(inter_certs, GetX509CertPtr(cert));<br>
1237 }<br>
1238 }<br>
1239 else {<br>
1240 sk_X509_push(inter_certs, GetX509CertPtr(additional_certs));<br>
1241 }</p>
</blockquote>
<blockquote>
<p>Just indentation of 1233..1241 is wrong, or 1232 is misplaced?</p>
</blockquote>
<p>No, you're right, it was simply misplaced, I removed it.</p>
<p>Regarding your patch, I already applied it in the update.</p>
<p>There is still some functionality that is not supported and some features I dislike about the way OpenSSL handles timestamp verification. Concerning the missing functionality - I'm planning to add this in case the feature will be accepted, I first wanted to get your reactions before I indulge too deeply in something nobody would want anyway :) Missing features right now are:</p>
<ul>
<li>Extensions are neither supported for Request nor for the Response</li>
<li>Accuracy and TSAName are not supported for the Response.</li>
<li>I'd like to add some factory methods, that create Responses indicating errors easily. E.g.</li>
</ul>
<p>error_ts = OpenSSL::Timestamp::Response.create_fault_response(OpenSSL::Timestamp::Response::REJECTION,<br>
:UNACCEPTED_POLICY,<br>
"The policy you provided is not supported by this server")</p>
<p>This would simplify error creation for errors detected on the server side when manually analyzing the Request.</p>
<p>Things I would like different:</p>
<ul>
<li>I don't like the fact that for verification, you need to pass OpenSSL a BIO, even if you're still in possession of the TS_REQ*, as in our case (and I guess in most use cases). This forces encoding (and later decoding in OpenSSL) the TS_REQ*, which is unnecessary. I'll try to submit a patch to OpenSSL regarding this.</li>
<li>The second thing I'm not really happy with is the fact that you cannot validate a timestamp solely based on the timestamp end entity certificate, verification always includes certificate validation of the entire chain. This is too tightly coupled in my opinion, certificate validation should only be an option (so that there is the possibility to perform it in a separate step). In addition, decoupling would also remove the necessity to provide intermediate certificates or root certificates. If the timestamp already contains the timestamp authority certificate(which it must if Request#cert_requested? is true), validation would be self-contained, no other external resources needed. I'll also try to submit a patch for this to OpenSSL.</li>
</ul>
<p><a class="user active user-mention" href="https://redmine.ruby-lang.org/users/151">@hiroshi (Hiroshi MORIYAMA)</a>: thanks for the confidence, I'm happy to help :)</p>
<p>Regards,<br>
Martin</p>
<p>=end</p> Ruby master - Feature #4183: [ext/openssl] Timestamp supporthttps://redmine.ruby-lang.org/issues/4183?journal_id=148942010-12-27T05:34:19ZMartinBosslet (Martin Bosslet)Martin.Bosslet@gmail.com
<ul></ul><p>=begin</p>
<blockquote>
<ul>
<li>I don't like the fact that for verification, you need to pass OpenSSL a BIO, even if you're still in possession of the TS_REQ*, as in >our case (and I guess in most use cases). This forces encoding (and later decoding in OpenSSL) the TS_REQ*, which is unnecessary. I'll >try to submit a patch to OpenSSL regarding this.</li>
</ul>
</blockquote>
<p>I meant for creation of a TS_RESP, not verification.</p>
<p>=end</p> Ruby master - Feature #4183: [ext/openssl] Timestamp supporthttps://redmine.ruby-lang.org/issues/4183?journal_id=149602010-12-29T23:18:24ZMartinBosslet (Martin Bosslet)Martin.Bosslet@gmail.com
<ul><li><strong>File</strong> <a href="/attachments/1385">ts3.tar.gz</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/1385/ts3.tar.gz">ts3.tar.gz</a> added</li></ul><p>=begin</p>
<ul>
<li>Removed a redundant variable</li>
<li>Corrected another code line with "raise without freeing before"</li>
<li>Additional test</li>
<li>replaced FileUtils by File method in the test</li>
</ul>
<p>The attachment contains the two relevant files only, together with diff files showing the changes made to the versions in ts2.tar.gz (since changes are really minor).</p>
<p>Regards,<br>
Martin<br>
=end</p> Ruby master - Feature #4183: [ext/openssl] Timestamp supporthttps://redmine.ruby-lang.org/issues/4183?journal_id=161942011-03-26T22:25:28Zshyouhei (Shyouhei Urabe)shyouhei@ruby-lang.org
<ul><li><strong>Status</strong> changed from <i>Open</i> to <i>Assigned</i></li></ul> Ruby master - Feature #4183: [ext/openssl] Timestamp supporthttps://redmine.ruby-lang.org/issues/4183?journal_id=168932011-05-12T08:18:09ZMartinBosslet (Martin Bosslet)Martin.Bosslet@gmail.com
<ul><li><strong>Assignee</strong> changed from <i>tenderlovemaking (Aaron Patterson)</i> to <i>MartinBosslet (Martin Bosslet)</i></li></ul> Ruby master - Feature #4183: [ext/openssl] Timestamp supporthttps://redmine.ruby-lang.org/issues/4183?journal_id=316552012-10-27T05:54:27Zko1 (Koichi Sasada)
<ul></ul><p>ping. status?</p> Ruby master - Feature #4183: [ext/openssl] Timestamp supporthttps://redmine.ruby-lang.org/issues/4183?journal_id=333722012-11-21T11:41:15ZMartinBosslet (Martin Bosslet)Martin.Bosslet@gmail.com
<ul><li><strong>Target version</strong> changed from <i>2.0.0</i> to <i>2.6</i></li></ul><p>Given the short time until 2.0.0, I believe "next minor" is a more realistic target.</p> Ruby master - Feature #4183: [ext/openssl] Timestamp supporthttps://redmine.ruby-lang.org/issues/4183?journal_id=541502015-09-13T03:20:54Zzzak (zzak _)
<ul><li><strong>Assignee</strong> changed from <i>MartinBosslet (Martin Bosslet)</i> to <i>7150</i></li></ul> Ruby master - Feature #4183: [ext/openssl] Timestamp supporthttps://redmine.ruby-lang.org/issues/4183?journal_id=679762017-11-28T14:30:22Zmame (Yusuke Endoh)mame@ruby-lang.org
<ul><li><strong>Assignee</strong> changed from <i>7150</i> to <i>rhenium (Kazuki Yamaguchi)</i></li></ul><p>rhe-san, what do you think about this feature proposal?</p> Ruby master - Feature #4183: [ext/openssl] Timestamp supporthttps://redmine.ruby-lang.org/issues/4183?journal_id=942432021-10-21T20:48:05Zjeremyevans0 (Jeremy Evans)merch-redmine@jeremyevans.net
<ul><li><strong>Status</strong> changed from <i>Assigned</i> to <i>Closed</i></li></ul><p>ruby-openssl 2.2.0 (included with Ruby 3.0) added OpenSSL::Timestamp, so this can be closed.</p>