New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Access to ephemeral TLS session key #1318

Closed
wants to merge 3 commits into
base: trunk
from

Conversation

4 participants
@aeris

aeris commented Apr 3, 2016

Hi,

Here is a small patch to have access to ephemeral session key in case of forward secrecy cipher.
Only available since OpenSSL 1.0.2.

Regards,

@nobu

This comment has been minimized.

Show comment
Hide comment
@nobu

nobu Apr 4, 2016

Member

I think you should:

  • check if the function is available in extconf.rb,
    for the compatibility with libressl
  • conditions of ossl_ssl_tmp_key do not match;
    defined regardless defined(OPENSSL_NO_SOCK) but used only if !defined(OPENSSL_NO_SOCK)
  • adjust the indent with the rest
Member

nobu commented Apr 4, 2016

I think you should:

  • check if the function is available in extconf.rb,
    for the compatibility with libressl
  • conditions of ossl_ssl_tmp_key do not match;
    defined regardless defined(OPENSSL_NO_SOCK) but used only if !defined(OPENSSL_NO_SOCK)
  • adjust the indent with the rest
@zzak

This comment has been minimized.

Show comment
Hide comment
@zzak

zzak Apr 4, 2016

Member

Would also like to see a test for new features

Member

zzak commented Apr 4, 2016

Would also like to see a test for new features

@zzak zzak added the OpenSSL label Apr 4, 2016

@aeris

This comment has been minimized.

Show comment
Hide comment
@aeris

aeris Apr 4, 2016

Here the requested changes :)

aeris commented Apr 4, 2016

Here the requested changes :)

@hsbt hsbt closed this in 176976d Apr 4, 2016

@hsbt

This comment has been minimized.

Show comment
Hide comment
@hsbt

hsbt Apr 5, 2016

Member

👍

Member

hsbt commented Apr 5, 2016

👍

hsbt pushed a commit that referenced this pull request Apr 6, 2016

test_ssl.rb: skip unavailable pkeys
* test/openssl/test_ssl.rb (test_get_ephemeral_key): skip
  unavailable public keys.  [GH-1318]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54498 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

hsbt pushed a commit that referenced this pull request Apr 7, 2016

test_ssl.rb: skip unsupported ciphers
* test/openssl/test_ssl.rb (test_get_ephemeral_key): skip
  unsupported ciphers.  [GH-1318]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54506 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

mrkn pushed a commit to mrkn/ruby that referenced this pull request Apr 17, 2016

openssl: Access to ephemeral TLS session key
* ext/openssl/ossl_ssl.c (ossl_ssl_tmp_key): Access to ephemeral
  TLS session key in case of forward secrecy cipher.  Only
  available since OpenSSL 1.0.2.  [Fix rubyGH-1318]
* ext/openssl/extconf.rb: Check for SSL_get_server_tmp_key.

git-svn-id: svn+ssh://svn.ruby-lang.org/ruby/trunk@54485 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

mrkn pushed a commit to mrkn/ruby that referenced this pull request Apr 17, 2016

test_ssl.rb: skip unavailable pkeys
* test/openssl/test_ssl.rb (test_get_ephemeral_key): skip
  unavailable public keys.  [rubyGH-1318]

git-svn-id: svn+ssh://svn.ruby-lang.org/ruby/trunk@54498 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

mrkn pushed a commit to mrkn/ruby that referenced this pull request Apr 17, 2016

test_ssl.rb: skip unsupported ciphers
* test/openssl/test_ssl.rb (test_get_ephemeral_key): skip
  unsupported ciphers.  [rubyGH-1318]

git-svn-id: svn+ssh://svn.ruby-lang.org/ruby/trunk@54506 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

tenderlove pushed a commit to tenderlove/ruby that referenced this pull request May 1, 2016

openssl: Access to ephemeral TLS session key
* ext/openssl/ossl_ssl.c (ossl_ssl_tmp_key): Access to ephemeral
  TLS session key in case of forward secrecy cipher.  Only
  available since OpenSSL 1.0.2.  [Fix rubyGH-1318]
* ext/openssl/extconf.rb: Check for SSL_get_server_tmp_key.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54485 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

tenderlove pushed a commit to tenderlove/ruby that referenced this pull request May 1, 2016

test_ssl.rb: skip unavailable pkeys
* test/openssl/test_ssl.rb (test_get_ephemeral_key): skip
  unavailable public keys.  [rubyGH-1318]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54498 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

tenderlove pushed a commit to tenderlove/ruby that referenced this pull request May 1, 2016

test_ssl.rb: skip unsupported ciphers
* test/openssl/test_ssl.rb (test_get_ephemeral_key): skip
  unsupported ciphers.  [rubyGH-1318]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54506 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment