kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

Import Ruby/OpenSSL 2.1.2.

Browse source 
Original patches are written by rhe.

Changes since v2.1.1 can be found at the upstream GitHub repository:

	https://github.com/ruby/openssl/compare/v2.1.1..v2.1.2

Kazuki Yamaguchi (9):
      pkey: resume key generation after interrupt
      tool/ruby-openssl-docker: update to latest versions
      test/test_ssl: fix test failure with TLS 1.3
      test/test_x509name: change script encoding to ASCII-8BIT
      x509name: refactor OpenSSL::X509::Name#to_s
      x509name: fix handling of X509_NAME_{oneline,print_ex}() return value
      x509name: fix OpenSSL::X509::Name#{cmp,<=>}
      Ruby/OpenSSL 2.0.9
      Ruby/OpenSSL 2.1.2

nobu (6):
      no ID cache in Init functions
      search winsock libraries explicitly
      openssl: search winsock
      openssl_missing.h: constified
      reduce LibreSSL warnings
      needs openssl/opensslv.h



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@65132 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
nagachika 2018-10-17 15:26:54 +00:00
parent a2958f6743
commit 0ca511ef0d
19 changed files with 154 additions and 39 deletions
Download patch file Download diff file Expand all files Collapse all files

35
ext/openssl/History.md
View file

@ -1,3 +1,15 @@
Version 2.1.2
=============
Merged changes in 2.0.9.
Version 2.1.1
=============
Merged changes in 2.0.8.
Version 2.1.0
=============
@ -55,6 +67,29 @@ Notable changes
[[GitHub #177]](https://github.com/ruby/openssl/pull/177)
Version 2.0.9
=============
Security fixes
--------------
* OpenSSL::X509::Name#<=> could incorrectly return 0 (= equal) for non-equal
objects. CVE-2018-16395 is assigned for this issue.
https://hackerone.com/reports/387250
Bug fixes
---------
* Fixed OpenSSL::PKey::*.{new,generate} immediately aborting if the thread is
interrupted.
[[Bug #14882]](https://bugs.ruby-lang.org/issues/14882)
[[GitHub #205]](https://github.com/ruby/openssl/pull/205)
* Fixed OpenSSL::X509::Name#to_s failing with OpenSSL::X509::NameError if
called against an empty instance.
[[GitHub #200]](https://github.com/ruby/openssl/issues/200)
[[GitHub #211]](https://github.com/ruby/openssl/pull/211)
Version 2.0.8
=============

7
ext/openssl/extconf.rb
View file

@ -33,6 +33,9 @@ end
Logging::message "=== Checking for system dependent stuff... ===\n"
have_library("nsl", "t_open")
have_library("socket", "socket")
if $mswin || $mingw
have_library("ws2_32")
end
Logging::message "=== Checking for required stuff... ===\n"
result = pkg_config("openssl") && have_header("openssl/ssl.h")
@ -111,6 +114,10 @@ engines.each { |name|
OpenSSL.check_func_or_macro("ENGINE_load_#{name}", "openssl/engine.h")
}
if ($mswin || $mingw) && have_macro("LIBRESSL_VERSION_NUMBER", "openssl/opensslv.h")
$defs.push("-DNOCRYPT")
end
# added in 1.0.2
have_func("EC_curve_nist2nid")
have_func("X509_REVOKED_dup")

10
ext/openssl/openssl.gemspec
View file

@ -1,26 +1,26 @@
# -*- encoding: utf-8 -*-
# stub: openssl 2.1.1 ruby lib
# stub: openssl 2.1.2 ruby lib
# stub: ext/openssl/extconf.rb
Gem::Specification.new do |s|
s.name = "openssl".freeze
s.version = "2.1.1"
s.version = "2.1.2"
s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version=
s.metadata = { "msys2_mingw_dependencies" => "openssl" } if s.respond_to? :metadata=
s.require_paths = ["lib".freeze]
s.authors = ["Martin Bosslet".freeze, "SHIBATA Hiroshi".freeze, "Zachary Scott".freeze, "Kazuki Yamaguchi".freeze]
s.date = "2018-05-12"
s.date = "2018-10-17"
s.description = "It wraps the OpenSSL library.".freeze
s.email = ["ruby-core@ruby-lang.org".freeze]
s.extensions = ["ext/openssl/extconf.rb".freeze]
s.extra_rdoc_files = ["CONTRIBUTING.md".freeze, "History.md".freeze, "README.md".freeze]
s.extra_rdoc_files = ["CONTRIBUTING.md".freeze, "README.md".freeze, "History.md".freeze]
s.files = ["BSDL".freeze, "CONTRIBUTING.md".freeze, "History.md".freeze, "LICENSE.txt".freeze, "README.md".freeze, "ext/openssl/deprecation.rb".freeze, "ext/openssl/extconf.rb".freeze, "ext/openssl/openssl_missing.c".freeze, "ext/openssl/openssl_missing.h".freeze, "ext/openssl/ossl.c".freeze, "ext/openssl/ossl.h".freeze, "ext/openssl/ossl_asn1.c".freeze, "ext/openssl/ossl_asn1.h".freeze, "ext/openssl/ossl_bio.c".freeze, "ext/openssl/ossl_bio.h".freeze, "ext/openssl/ossl_bn.c".freeze, "ext/openssl/ossl_bn.h".freeze, "ext/openssl/ossl_cipher.c".freeze, "ext/openssl/ossl_cipher.h".freeze, "ext/openssl/ossl_config.c".freeze, "ext/openssl/ossl_config.h".freeze, "ext/openssl/ossl_digest.c".freeze, "ext/openssl/ossl_digest.h".freeze, "ext/openssl/ossl_engine.c".freeze, "ext/openssl/ossl_engine.h".freeze, "ext/openssl/ossl_hmac.c".freeze, "ext/openssl/ossl_hmac.h".freeze, "ext/openssl/ossl_kdf.c".freeze, "ext/openssl/ossl_kdf.h".freeze, "ext/openssl/ossl_ns_spki.c".freeze, "ext/openssl/ossl_ns_spki.h".freeze, "ext/openssl/ossl_ocsp.c".freeze, "ext/openssl/ossl_ocsp.h".freeze, "ext/openssl/ossl_pkcs12.c".freeze, "ext/openssl/ossl_pkcs12.h".freeze, "ext/openssl/ossl_pkcs7.c".freeze, "ext/openssl/ossl_pkcs7.h".freeze, "ext/openssl/ossl_pkey.c".freeze, "ext/openssl/ossl_pkey.h".freeze, "ext/openssl/ossl_pkey_dh.c".freeze, "ext/openssl/ossl_pkey_dsa.c".freeze, "ext/openssl/ossl_pkey_ec.c".freeze, "ext/openssl/ossl_pkey_rsa.c".freeze, "ext/openssl/ossl_rand.c".freeze, "ext/openssl/ossl_rand.h".freeze, "ext/openssl/ossl_ssl.c".freeze, "ext/openssl/ossl_ssl.h".freeze, "ext/openssl/ossl_ssl_session.c".freeze, "ext/openssl/ossl_version.h".freeze, "ext/openssl/ossl_x509.c".freeze, "ext/openssl/ossl_x509.h".freeze, "ext/openssl/ossl_x509attr.c".freeze, "ext/openssl/ossl_x509cert.c".freeze, "ext/openssl/ossl_x509crl.c".freeze, "ext/openssl/ossl_x509ext.c".freeze, "ext/openssl/ossl_x509name.c".freeze, "ext/openssl/ossl_x509req.c".freeze, "ext/openssl/ossl_x509revoked.c".freeze, "ext/openssl/ossl_x509store.c".freeze, "ext/openssl/ruby_missing.h".freeze, "lib/openssl.rb".freeze, "lib/openssl/bn.rb".freeze, "lib/openssl/buffering.rb".freeze, "lib/openssl/cipher.rb".freeze, "lib/openssl/config.rb".freeze, "lib/openssl/digest.rb".freeze, "lib/openssl/pkcs5.rb".freeze, "lib/openssl/pkey.rb".freeze, "lib/openssl/ssl.rb".freeze, "lib/openssl/x509.rb".freeze]
s.homepage = "https://github.com/ruby/openssl".freeze
s.licenses = ["Ruby".freeze]
s.rdoc_options = ["--main".freeze, "README.md".freeze]
s.required_ruby_version = Gem::Requirement.new(">= 2.3.0".freeze)
s.rubygems_version = "2.7.6".freeze
s.rubygems_version = "3.0.0.beta1".freeze
s.summary = "OpenSSL provides SSL, TLS and general purpose cryptography.".freeze
if s.respond_to? :specification_version then

4
ext/openssl/openssl_missing.h
View file

@ -149,7 +149,7 @@ void ossl_X509_REQ_get0_signature(const X509_REQ *, const ASN1_BIT_STRING **, co
static inline _type *EVP_PKEY_get0_##_type(EVP_PKEY *pkey) { \
return pkey->pkey._name; }
#define IMPL_KEY_ACCESSOR2(_type, _group, a1, a2, _fail_cond) \
static inline void _type##_get0_##_group(_type *obj, const BIGNUM **a1, const BIGNUM **a2) { \
static inline void _type##_get0_##_group(const _type *obj, const BIGNUM **a1, const BIGNUM **a2) { \
if (a1) *a1 = obj->a1; \
if (a2) *a2 = obj->a2; } \
static inline int _type##_set0_##_group(_type *obj, BIGNUM *a1, BIGNUM *a2) { \
@ -158,7 +158,7 @@ static inline int _type##_set0_##_group(_type *obj, BIGNUM *a1, BIGNUM *a2) { \
BN_clear_free(obj->a2); obj->a2 = a2; \
return 1; }
#define IMPL_KEY_ACCESSOR3(_type, _group, a1, a2, a3, _fail_cond) \
static inline void _type##_get0_##_group(_type *obj, const BIGNUM **a1, const BIGNUM **a2, const BIGNUM **a3) { \
static inline void _type##_get0_##_group(const _type *obj, const BIGNUM **a1, const BIGNUM **a2, const BIGNUM **a3) { \
if (a1) *a1 = obj->a1; \
if (a2) *a2 = obj->a2; \
if (a3) *a3 = obj->a3; } \

1
ext/openssl/ossl.c
View file

@ -1099,6 +1099,7 @@ static void Init_ossl_locks(void)
void
Init_openssl(void)
{
#undef rb_intern
/*
* Init timezone info
*/

1
ext/openssl/ossl_asn1.c
View file

@ -1360,6 +1360,7 @@ OSSL_ASN1_IMPL_FACTORY_METHOD(EndOfContent)
void
Init_ossl_asn1(void)
{
#undef rb_intern
VALUE ary;
int i;

1
ext/openssl/ossl_pkcs12.c
View file

@ -232,6 +232,7 @@ ossl_pkcs12_to_der(VALUE self)
void
Init_ossl_pkcs12(void)
{
#undef rb_intern
#if 0
mOSSL = rb_define_module("OpenSSL");
eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);

1
ext/openssl/ossl_pkcs7.c
View file

@ -1042,6 +1042,7 @@ ossl_pkcs7ri_get_enc_key(VALUE self)
void
Init_ossl_pkcs7(void)
{
#undef rb_intern
#if 0
mOSSL = rb_define_module("OpenSSL");
eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);

29
ext/openssl/ossl_pkey.c
View file

@ -20,6 +20,21 @@ static ID id_private_q;
/*
* callback for generating keys
*/
static VALUE
call_check_ints0(VALUE arg)
{
rb_thread_check_ints();
return Qnil;
}
static void *
call_check_ints(void *arg)
{
int state;
rb_protect(call_check_ints0, Qnil, &state);
return (void *)(VALUE)state;
}
int
ossl_generate_cb_2(int p, int n, BN_GENCB *cb)
{
@ -38,11 +53,18 @@ ossl_generate_cb_2(int p, int n, BN_GENCB *cb)
*/
rb_protect(rb_yield, ary, &state);
if (state) {
arg->stop = 1;
arg->state = state;
return 0;
}
}
if (arg->interrupted) {
arg->interrupted = 0;
state = (int)(VALUE)rb_thread_call_with_gvl(call_check_ints, NULL);
if (state) {
arg->state = state;
return 0;
}
}
if (arg->stop) return 0;
return 1;
}
@ -50,7 +72,7 @@ void
ossl_generate_cb_stop(void *ptr)
{
struct ossl_generate_cb_arg *arg = (struct ossl_generate_cb_arg *)ptr;
arg->stop = 1;
arg->interrupted = 1;
}
static void
@ -389,6 +411,7 @@ ossl_pkey_verify(VALUE self, VALUE digest, VALUE sig, VALUE data)
void
Init_ossl_pkey(void)
{
#undef rb_intern
#if 0
mOSSL = rb_define_module("OpenSSL");
eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);

2
ext/openssl/ossl_pkey.h
View file

@ -37,7 +37,7 @@ extern const rb_data_type_t ossl_evp_pkey_type;
struct ossl_generate_cb_arg {
int yield;
int stop;
int interrupted;
int state;
};
int ossl_generate_cb_2(int p, int n, BN_GENCB *cb);

1
ext/openssl/ossl_pkey_ec.c
View file

@ -1649,6 +1649,7 @@ static VALUE ossl_ec_point_mul(int argc, VALUE *argv, VALUE self)
void Init_ossl_ec(void)
{
#undef rb_intern
#if 0
mPKey = rb_define_module_under(mOSSL, "PKey");
cPKey = rb_define_class_under(mPKey, "PKey", rb_cObject);

2
ext/openssl/ossl_version.h
View file

@ -10,6 +10,6 @@
#if !defined(_OSSL_VERSION_H_)
#define _OSSL_VERSION_H_
#define OSSL_VERSION "2.1.1"
#define OSSL_VERSION "2.1.2"
#endif /* _OSSL_VERSION_H_ */

1
ext/openssl/ossl_x509ext.c
View file

@ -437,6 +437,7 @@ ossl_x509ext_to_der(VALUE obj)
void
Init_ossl_x509ext(void)
{
#undef rb_intern
#if 0
mOSSL = rb_define_module("OpenSSL");
eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);

15
ext/openssl/ossl_x509name.c
View file

@ -250,14 +250,12 @@ ossl_x509name_to_s_old(VALUE self)
{
X509_NAME *name;
char *buf;
VALUE str;
GetX509Name(self, name);
buf = X509_NAME_oneline(name, NULL, 0);
str = rb_str_new2(buf);
OPENSSL_free(buf);
return str;
if (!buf)
ossl_raise(eX509NameError, "X509_NAME_oneline");
return ossl_buf2str(buf, rb_long2int(strlen(buf)));
}
static VALUE
@ -265,12 +263,14 @@ x509name_print(VALUE self, unsigned long iflag)
{
X509_NAME *name;
BIO *out;
int ret;
GetX509Name(self, name);
out = BIO_new(BIO_s_mem());
if (!out)
ossl_raise(eX509NameError, NULL);
if (!X509_NAME_print_ex(out, name, 0, iflag)) {
ret = X509_NAME_print_ex(out, name, 0, iflag);
if (ret < 0 || iflag == XN_FLAG_COMPAT && ret == 0) {
BIO_free(out);
ossl_raise(eX509NameError, "X509_NAME_print_ex");
}
@ -400,7 +400,7 @@ ossl_x509name_cmp(VALUE self, VALUE other)
result = ossl_x509name_cmp0(self, other);
if (result < 0) return INT2FIX(-1);
if (result > 1) return INT2FIX(1);
if (result > 0) return INT2FIX(1);
return INT2FIX(0);
}
@ -502,6 +502,7 @@ ossl_x509name_to_der(VALUE self)
void
Init_ossl_x509name(void)
{
#undef rb_intern
VALUE utf8str, ptrstr, ia5str, hash;
#if 0

1
ext/openssl/ossl_x509store.c
View file

@ -771,6 +771,7 @@ ossl_x509stctx_set_time(VALUE self, VALUE time)
void
Init_ossl_x509store(void)
{
#undef rb_intern
#if 0
mOSSL = rb_define_module("OpenSSL");
eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);

58
test/openssl/test_ssl.rb
View file

@ -47,6 +47,8 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
assert_equal 2, ssl.peer_cert_chain.size
assert_equal @svr_cert.to_der, ssl.peer_cert_chain[0].to_der
assert_equal @ca_cert.to_der, ssl.peer_cert_chain[1].to_der
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
ensure
ssl&.close
sock&.close
@ -65,6 +67,8 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
assert_equal @svr_cert.subject, ssl.peer_cert.subject
assert_equal [@svr_cert.subject, @ca_cert.subject],
ssl.peer_cert_chain.map(&:subject)
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
}
end
end
@ -157,6 +161,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
sock = TCPSocket.new("127.0.0.1", port)
ssl = OpenSSL::SSL::SSLSocket.new(sock)
ssl.connect
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
ssl.close
assert_not_predicate sock, :closed?
ensure
@ -168,6 +173,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
ssl = OpenSSL::SSL::SSLSocket.new(sock)
ssl.sync_close = true # !!
ssl.connect
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
ssl.close
assert_predicate sock, :closed?
ensure
@ -259,7 +265,10 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
client_ca_from_server = sslconn.client_ca
[@cli_cert, @cli_key]
end
server_connect(port, ctx) { |ssl| assert_equal([@ca], client_ca_from_server) }
server_connect(port, ctx) { |ssl|
assert_equal([@ca], client_ca_from_server)
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
}
}
end
@ -356,21 +365,16 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
}
start_server { |port|
sock = TCPSocket.new("127.0.0.1", port)
ctx = OpenSSL::SSL::SSLContext.new
ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER
ctx.verify_callback = Proc.new do |preverify_ok, store_ctx|
store_ctx.error = OpenSSL::X509::V_OK
true
end
ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
ssl.sync_close = true
begin
ssl.connect
server_connect(port, ctx) { |ssl|
assert_equal(OpenSSL::X509::V_OK, ssl.verify_result)
ensure
ssl.close
end
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
}
}
start_server(ignore_listener_error: true) { |port|
@ -455,6 +459,8 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
start_server { |port|
server_connect(port) { |ssl|
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
assert_raise(sslerr){ssl.post_connection_check("localhost.localdomain")}
assert_raise(sslerr){ssl.post_connection_check("127.0.0.1")}
assert(ssl.post_connection_check("localhost"))
@ -476,6 +482,8 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
@svr_cert = issue_cert(@svr, @svr_key, 4, exts, @ca_cert, @ca_key)
start_server { |port|
server_connect(port) { |ssl|
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
assert(ssl.post_connection_check("localhost.localdomain"))
assert(ssl.post_connection_check("127.0.0.1"))
assert_raise(sslerr){ssl.post_connection_check("localhost")}
@ -496,6 +504,8 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
@svr_cert = issue_cert(@svr, @svr_key, 5, exts, @ca_cert, @ca_key)
start_server { |port|
server_connect(port) { |ssl|
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
assert(ssl.post_connection_check("localhost.localdomain"))
assert_raise(sslerr){ssl.post_connection_check("127.0.0.1")}
assert_raise(sslerr){ssl.post_connection_check("localhost")}
@ -722,6 +732,8 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
ssl.connect
assert_equal @cli_cert.serial, ssl.peer_cert.serial
assert_predicate fooctx, :frozen?
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
ensure
ssl&.close
sock.close
@ -733,6 +745,8 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
ssl.hostname = "bar.example.com"
ssl.connect
assert_equal @svr_cert.serial, ssl.peer_cert.serial
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
ensure
ssl&.close
sock.close
@ -805,7 +819,8 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
ssl.hostname = name
if expected_ok
assert_nothing_raised { ssl.connect }
ssl.connect
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
else
assert_handshake_error { ssl.connect }
end
@ -879,7 +894,9 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
}
start_server(ctx_proc: ctx_proc, ignore_listener_error: true) do |port|
begin
server_connect(port) { }
server_connect(port) { |ssl|
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
}
rescue OpenSSL::SSL::SSLError, Errno::ECONNRESET
else
supported << ver
@ -937,6 +954,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
if ver == cver
server_connect(port, ctx1) { |ssl|
assert_equal vmap[cver][:name], ssl.ssl_version
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
}
else
assert_handshake_error { server_connect(port, ctx1) { } }
@ -950,6 +968,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
if ver == cver
server_connect(port, ctx2) { |ssl|
assert_equal vmap[cver][:name], ssl.ssl_version
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
}
else
assert_handshake_error { server_connect(port, ctx2) { } }
@ -962,6 +981,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
ctx3.min_version = ctx3.max_version = nil
server_connect(port, ctx3) { |ssl|
assert_equal vmap[ver][:name], ssl.ssl_version
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
}
}
end
@ -980,6 +1000,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
ctx1.min_version = cver
server_connect(port, ctx1) { |ssl|
assert_equal vmap[supported.last][:name], ssl.ssl_version
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
}
# Client sets max_version
@ -988,6 +1009,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
if cver >= sver
server_connect(port, ctx2) { |ssl|
assert_equal vmap[cver][:name], ssl.ssl_version
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
}
else
assert_handshake_error { server_connect(port, ctx2) { } }
@ -1006,6 +1028,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
if cver <= sver
server_connect(port, ctx1) { |ssl|
assert_equal vmap[sver][:name], ssl.ssl_version
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
}
else
assert_handshake_error { server_connect(port, ctx1) { } }
@ -1020,6 +1043,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
else
assert_equal vmap[cver][:name], ssl.ssl_version
end
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
}
end
}
@ -1086,6 +1110,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
start_server_version(:SSLv23, ctx_proc) { |port|
server_connect(port) { |ssl|
assert_equal(1, num_handshakes)
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
}
}
end
@ -1104,6 +1129,7 @@ if openssl?(1, 0, 2) || libressl?
ctx.alpn_protocols = advertised
server_connect(port, ctx) { |ssl|
assert_equal(advertised.first, ssl.alpn_protocol)
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
}
}
end
@ -1226,14 +1252,11 @@ end
end
def test_close_after_socket_close
server_proc = proc { |ctx, ssl|
# Do nothing
}
start_server(server_proc: server_proc) { |port|
start_server { |port|
sock = TCPSocket.new("127.0.0.1", port)
ssl = OpenSSL::SSL::SSLSocket.new(sock)
ssl.sync_close = true
ssl.connect
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
sock.close
assert_nothing_raised do
ssl.close
@ -1298,6 +1321,7 @@ end
ctx.ciphers = "DEFAULT:!kRSA:!kEDH"
server_connect(port, ctx) { |ssl|
assert_instance_of OpenSSL::PKey::EC, ssl.tmp_key
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
}
end
end
@ -1440,6 +1464,7 @@ end
assert_equal "secp384r1", ssl.tmp_key.group.curve_name
end
end
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
}
if openssl?(1, 0, 2) || libressl?(2, 5, 1)
@ -1455,6 +1480,7 @@ end
server_connect(port, ctx) { |ssl|
assert_equal "secp521r1", ssl.tmp_key.group.curve_name
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
}
end
end

1
test/openssl/test_ssl_session.rb
View file

@ -113,6 +113,7 @@ __EOS__
non_resumable = nil
start_server { |port|
server_connect_with_session(port, nil, nil) { |ssl|
ssl.puts "abc"; assert_equal "abc\n", ssl.gets
non_resumable = ssl.session
}
}

21
test/openssl/test_x509name.rb
View file

@ -371,6 +371,12 @@ class OpenSSL::TestX509Name < OpenSSL::TestCase
assert_equal "DC = org, DC = ruby-lang, " \
"CN = \"\\E3\\83\\95\\E3\\83\\BC, \\E3\\83\\90\\E3\\83\\BC\"",
name.to_s(OpenSSL::X509::Name::ONELINE)
empty = OpenSSL::X509::Name.new
assert_equal "", empty.to_s
assert_equal "", empty.to_s(OpenSSL::X509::Name::COMPAT)
assert_equal "", empty.to_s(OpenSSL::X509::Name::RFC2253)
assert_equal "", empty.to_s(OpenSSL::X509::Name::ONELINE)
end
def test_to_utf8
@ -386,6 +392,9 @@ class OpenSSL::TestX509Name < OpenSSL::TestCase
expected = "CN=フー\\, バー,DC=ruby-lang,DC=org".force_encoding("UTF-8")
assert_equal expected, str
assert_equal Encoding.find("UTF-8"), str.encoding
empty = OpenSSL::X509::Name.new
assert_equal "", empty.to_utf8
end
def test_equals2
@ -396,10 +405,16 @@ class OpenSSL::TestX509Name < OpenSSL::TestCase
end
def test_spaceship
n1 = OpenSSL::X509::Name.parse_rfc2253 'CN=a'
n2 = OpenSSL::X509::Name.parse_rfc2253 'CN=b'
n1 = OpenSSL::X509::Name.new([["CN", "a"]])
n2 = OpenSSL::X509::Name.new([["CN", "a"]])
n3 = OpenSSL::X509::Name.new([["CN", "ab"]])
assert_equal(-1, n1 <=> n2)
assert_equal 0, n1 <=> n2
assert_equal -1, n1 <=> n3
assert_equal 0, n2 <=> n1
assert_equal -1, n2 <=> n3
assert_equal 1, n3 <=> n1
assert_equal 1, n3 <=> n2
end
def name_hash(name)

2
version.h
View file

@ -1,6 +1,6 @@
#define RUBY_VERSION "2.5.2"
#define RUBY_RELEASE_DATE "2018-10-18"
#define RUBY_PATCHLEVEL 103
#define RUBY_PATCHLEVEL 104
#define RUBY_RELEASE_YEAR 2018
#define RUBY_RELEASE_MONTH 10