Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Access to ephemeral TLS session key #1318

Closed
wants to merge 3 commits into from
Closed

Conversation

aeris
Copy link
Contributor

@aeris aeris commented Apr 3, 2016

Hi,

Here is a small patch to have access to ephemeral session key in case of forward secrecy cipher.
Only available since OpenSSL 1.0.2.

Regards,

@nobu
Copy link
Member

nobu commented Apr 4, 2016

I think you should:

  • check if the function is available in extconf.rb,
    for the compatibility with libressl
  • conditions of ossl_ssl_tmp_key do not match;
    defined regardless defined(OPENSSL_NO_SOCK) but used only if !defined(OPENSSL_NO_SOCK)
  • adjust the indent with the rest

@zzak
Copy link
Member

zzak commented Apr 4, 2016

Would also like to see a test for new features

@zzak zzak added the openssl label Apr 4, 2016
@aeris
Copy link
Contributor Author

aeris commented Apr 4, 2016

Here the requested changes :)

@hsbt hsbt closed this in 176976d Apr 4, 2016
@hsbt
Copy link
Member

hsbt commented Apr 5, 2016

👍

hsbt pushed a commit that referenced this pull request Apr 6, 2016
* test/openssl/test_ssl.rb (test_get_ephemeral_key): skip
  unavailable public keys.  [GH-1318]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54498 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
hsbt pushed a commit that referenced this pull request Apr 7, 2016
* test/openssl/test_ssl.rb (test_get_ephemeral_key): skip
  unsupported ciphers.  [GH-1318]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54506 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
mrkn pushed a commit to mrkn/ruby that referenced this pull request Apr 17, 2016
* ext/openssl/ossl_ssl.c (ossl_ssl_tmp_key): Access to ephemeral
  TLS session key in case of forward secrecy cipher.  Only
  available since OpenSSL 1.0.2.  [Fix rubyGH-1318]
* ext/openssl/extconf.rb: Check for SSL_get_server_tmp_key.

git-svn-id: svn+ssh://svn.ruby-lang.org/ruby/trunk@54485 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
mrkn pushed a commit to mrkn/ruby that referenced this pull request Apr 17, 2016
* test/openssl/test_ssl.rb (test_get_ephemeral_key): skip
  unavailable public keys.  [rubyGH-1318]

git-svn-id: svn+ssh://svn.ruby-lang.org/ruby/trunk@54498 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
mrkn pushed a commit to mrkn/ruby that referenced this pull request Apr 17, 2016
* test/openssl/test_ssl.rb (test_get_ephemeral_key): skip
  unsupported ciphers.  [rubyGH-1318]

git-svn-id: svn+ssh://svn.ruby-lang.org/ruby/trunk@54506 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
tenderlove pushed a commit to tenderlove/ruby that referenced this pull request May 1, 2016
* ext/openssl/ossl_ssl.c (ossl_ssl_tmp_key): Access to ephemeral
  TLS session key in case of forward secrecy cipher.  Only
  available since OpenSSL 1.0.2.  [Fix rubyGH-1318]
* ext/openssl/extconf.rb: Check for SSL_get_server_tmp_key.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54485 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
tenderlove pushed a commit to tenderlove/ruby that referenced this pull request May 1, 2016
* test/openssl/test_ssl.rb (test_get_ephemeral_key): skip
  unavailable public keys.  [rubyGH-1318]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54498 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
tenderlove pushed a commit to tenderlove/ruby that referenced this pull request May 1, 2016
* test/openssl/test_ssl.rb (test_get_ephemeral_key): skip
  unsupported ciphers.  [rubyGH-1318]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54506 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

4 participants