kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity
ruby--ruby/test
History
rhe f52ab6e494 openssl: improve handling of password for encrypted PEM 
* ext/openssl/ossl.c (ossl_pem_passwd_value): Added. Convert the
  argument to String with StringValue() and validate the length is in
  4..PEM_BUFSIZE. PEM_BUFSIZE is a macro defined in OpenSSL headers.
  (ossl_pem_passwd_cb): When reading/writing encrypted PEM format, we
  used to pass the password to PEM_def_callback() directly but it was
  problematic. It is not NUL character safe. And surprisingly, it
  silently truncates the password to 1024 bytes.  [GH ruby/openssl#51]

* ext/openssl/ossl.h: Add function prototype declaration of newly
  added ossl_pem_passwd_value().

* ext/openssl/ossl_pkey.c (ossl_pkey_new_from_data): Use
  ossl_pem_passwd_value() to validate the password String.

* ext/openssl/ossl_pkey_dsa.c (ossl_dsa_initialize, ossl_dsa_export):
  ditto.

* ext/openssl/ossl_pkey_ec.c (ossl_ec_key_initialize,
  ossl_ec_key_to_string): ditto.

* ext/openssl/ossl_pkey_rsa.c (ossl_rsa_initialize, ossl_rsa_export):
  ditto.

* test/openssl/test_pkey_{dsa,ec,rsa}.rb: test this.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55087 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-05-20 15:05:25 +00:00
..
-ext- string.c: integer overflow 2016-05-18 05:52:40 +00:00
base64
benchmark
bigdecimal
cgi
coverage
csv Use Integer instead of Fixnum and Bignum. 2016-05-17 13:15:57 +00:00
date Use Integer instead of Fixnum and Bignum. 2016-05-17 13:15:57 +00:00
dbm update comments. 2016-05-01 12:50:19 +00:00
digest
drb don't use keeper thread. [Bug #12342] 2016-05-15 11:59:00 +00:00
dtrace
erb
etc
excludes
fiddle * test_handle.rb: refine test_fallback_to_ansi 2016-05-16 06:26:56 +00:00
fileutils
gdbm update comments. 2016-05-01 12:50:19 +00:00
io
irb
json Use Integer instead of Fixnum and Bignum. 2016-05-17 13:15:57 +00:00
lib assertions.rb: leave timeout to invoke_ruby 2016-05-19 03:46:20 +00:00
logger * test/logger/test_logdevice.rb (TestLogDevice#test_shifting_period_suffix): 2016-05-01 14:56:45 +00:00
matrix
minitest Use Integer instead of Fixnum and Bignum. 2016-05-17 13:15:57 +00:00
misc
mkmf
monitor
net * lib/net/http/header.rb (Net::HTTPHeader#{each_header,each_name, 2016-05-04 09:46:46 +00:00
nkf
objspace
open-uri
openssl openssl: improve handling of password for encrypted PEM 2016-05-20 15:05:25 +00:00
optparse
ostruct
pathname
psych
rdoc
readline
resolv
rexml Use Integer instead of Fixnum and Bignum. 2016-05-17 13:15:57 +00:00
rinda
ripper
rss
ruby fix document of Regexp#match? 2016-05-19 12:23:57 +00:00
rubygems Use Integer instead of Fixnum and Bignum. 2016-05-17 13:15:57 +00:00
scanf
sdbm update comments. 2016-05-01 12:50:19 +00:00
shell
socket
stringio stringio.c: warn block for new 2016-04-27 06:47:56 +00:00
strscan
syslog
testunit assertions.rb: leave timeout to invoke_ruby 2016-05-19 03:46:20 +00:00
thread Use Integer instead of Fixnum and Bignum. 2016-05-17 13:15:57 +00:00
uri
webrick webrick/utils.rb: suppress messages 2016-05-09 00:05:32 +00:00
win32ole test/win32ole/test_win32ole_variant.rb: use other than Integer 2016-05-18 02:05:30 +00:00
zlib
colors
runner.rb
test_abbrev.rb
test_cmath.rb
test_delegate.rb
test_find.rb
test_forwardable.rb
test_ipaddr.rb
test_mathn.rb
test_mutex_m.rb
test_observer.rb
test_open3.rb
test_pp.rb
test_prettyprint.rb
test_prime.rb
test_pstore.rb
test_pty.rb
test_rbconfig.rb
test_securerandom.rb random.c: use bytes 2016-05-10 05:57:11 +00:00
test_set.rb * lib/set.rb (Set#{delete_if,keep_if,collect!,reject!,select!,classify,divide}, 2016-05-04 09:06:59 +00:00
test_shellwords.rb
test_singleton.rb
test_syslog.rb
test_tempfile.rb
test_time.rb
test_timeout.rb
test_tmpdir.rb
test_tracer.rb
test_tsort.rb
test_unicode_normalize.rb
test_weakref.rb
test_win32api.rb