Sync with ruby/openssl master #4275
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Allow specifying just length to #update CCM mode ciphers need to specify the total plaintext or ciphertext length to EVP_CipherUpdate. Update the link to the tests file Define Cipher#ccm_data_len= for CCM mode ciphers Add a unit test for CCM mode Also check CCM is authenticated when testing ruby/openssl@bb3816953b
Remove 4 deprecated methods. The following two methods have been marked as deprecated since 2003, by r4531 (ruby.git commit 78ff383). - OpenSSL::Config#value - OpenSSL::Config#section Other two methods are removed because the corresponding functions disappeared in OpenSSL 1.1.0. - OpenSSL::Config#add_value - OpenSSL::Config#[]= ruby/openssl@9783d7f21c
Sort keys of a section before comparing. The ordering is not part of the
API. This can cause a test failure if we use OpenSSL's C implementation.
Fixes: 2ad65b5f673f ("config: support .include directive", 2018-08-16)
ruby/openssl@259e6fd2dc
…ibreSSL LibreSSL has removed the feature to map environment variables onto the "ENV" section. ruby/openssl@b70817faec
Revert OpenSSL::Config to using the OpenSSL API and remove our own parser implementation for the config file syntax. OpenSSL::Config now wraps a CONF object. Accessor methods deal with the object directly rather than Ruby-level internal state. This work is based on the old C code we used before 2010. ruby/openssl@c891e0ea89
Now that OpenSSL::Config wraps a real CONF object, the caller can just borrow it rather than creating a new temporary CONF object. CONF object is usually treated as immutable. DupConfigPtr() is now removed, and GetConfig() is exported instead. ruby/openssl@d9064190ca
ossl_{rsa,dsa,dh,ec}_new() called from this function are not used
anywhere else. Inline them into pkey_new0() and reduce code
duplication.
ruby/openssl@94aeab2f26
Merge the code into the callers so that the wrapping Ruby object is allocated before the raw key object is allocated. This prevents possible memory leak on Ruby object allocation failure, and also reduces the lines of code. ruby/openssl@1eb1366615
Try PEM_read_bio_Parameters(). Only PEM format is supported at the moment since corresponding d2i_* functions are not provided by OpenSSL. ruby/openssl@867e5c021b
Export the flow used by OpenSSL::PKey.read and let the subclasses call it before attempting other formats. ruby/openssl@d963d4e276
Add ossl_pkey_export_traditional() and ossl_pkey_export_spki() helper functions, and use them. This reduces code duplication. ruby/openssl@56f0d34d63
The EVP interface cannot tell whether if a pkey contains the private components or not. Assume it does if it does not respond to #private?. This fixes the NoMethodError on calling #sign on a generic PKey. ruby/openssl@f4c717bcb2
Fix test_socket_open_with_local_address_port_context.
Often with MinGW, it seems EACCES is returned on bind when the port
number is unavailable. Ignore it just as we do for EADDRINUSE and
continue searching free port number.
Fixes: 98f8787b4687 ("test/openssl/test_ssl: fix random failure in
SSLSocket.open test", 2020-02-17)
ruby/openssl@413b15526e
Add two methods to create a PKey using the generic EVP interface. This is useful for the PKey types we don't have a dedicated class. ruby/openssl@d8e8e57de9
…st* interface Use EVP_DigestSign*() and EVP_DigestVerify*() interface instead of the old EVP_Sign*() and EVP_Verify*() functions. They were added in OpenSSL 1.0.0. Also, allow the digest to be specified as nil, as certain EVP_PKEY types don't expect a digest algorithm. ruby/openssl@9ff6e5143b
OpenSSL 1.1.1 added EVP_DigestSign() and EVP_DigestVerify() functions to the interface. Some EVP_PKEY methods such as PureEdDSA algorithms do not support the streaming mechanism and require us to use them. ruby/openssl@ae19454592
Add OpenSSL::PKey::PKey#derive as the wrapper for EVP_PKEY_CTX_derive(). This is useful for pkey types that we don't have dedicated classes, such as X25519. ruby/openssl@28f0059bea
…_compute_key
Use the new OpenSSL::PKey::PKey#derive instead of the raw
{EC,}DH_compute_key(), mainly to reduce amount of the C code.
ruby/openssl@28edf6bafc
…re appropriate IO.read may mangle line separator, which will corrupt binary data including DER-encoded X.509 certificates and such. Fixes: ruby/openssl#243 ruby/openssl@93213b2730
…ry [, bn]) Deprecate it for future removal. However, I do not expect any application is affected by this. The other form of calling it, PKey::EC::Point#mul(bn [, bn]) remains untouched. PKey::EC::Point#mul calls EC_POINTs_mul(3) when multiple BNs are given as an array. LibreSSL 2.8.0 released on 2018-08 removed the feature and OpenSSL 3.0 which is planned to be released in 2020 will also deprecate the function as there is no real use-case. ruby/openssl@812de4253d
Use the EVP API instead of the low-level HMAC API. Use of the HMAC API has been discouraged and is being marked as deprecated starting from OpenSSL 3.0.0. The two singleton methods OpenSSL::HMAC, HMAC.digest and HMAC.hexdigest are now in lib/openssl/hmac.rb. ruby/openssl@0317e2fc02
OpenSSL::HMAC implements the similar interface as ::Digest. Let's add base64digest methods to OpenSSL::HMAC, too, for feature parity. ruby/openssl@098bcb68af
We ran into some Linux-based systems not accepting the upper case variant ruby/openssl@7bc49121d5
…EY_cmp. Explicitly check for type given some conflicting statements within openssl's documentation around EVP_PKEY_cmp and EVP_PKEY_ASN1_METHOD(3). Add documentation with an example for compare? ruby/openssl@0bf51da6e2
…ert_cb The current test_client_auth_public_key test case checks that supplying a PKey containing only public components through client_cert_cb will cause handshake to fail. While this is a correct behavior as a whole, the assertions are misleading in the sense that giving a public key is causing the failure. Actually, the handshake fails because a client certificate is not supplied at all, as a result of ArgumentError that is silently ignored. Rename the test case to test_client_cert_cb_ignore_error and simplify it to clarify what it is testing. ruby/openssl@785b5569fc
Add explicit test cases for the behaviors with different verify_mode. If we made a bug in verify_mode, we would notice it by failures of other test cases, but there were no dedicated test cases for verify_mode. ruby/openssl@1ccdc05662
…efault values SSLContext's verify_mode expects an SSL_VERIFY_* constant (an integer) and verify_hostname expects either true or false. However, they are set to nil after calling OpenSSL::SSL::SSLContext.new, which is surprising. Set a proper value to them by default: verify_mode is set to OpenSSL::SSL::VERIFY_NONE and verify_hostname is set to false by default. Note that this does not change the default behavior. The certificate verification was never performed unless verify_mode is set to OpenSSL::SSL::VERIFY_PEER by a user. The same applies to verify_hostname. ruby/openssl@87d869352c
The socket is called ssl_connection, not connection ruby/openssl@642783aeda
… nil is given Undo special treatment of nil and simply pass the value to StringValueCStr(). nil was never a valid argument for the method; OpenSSL::X509::StoreError with an unhelpful error message "system lib" was raised in that case. ruby/openssl@fb2fcbb137
…::Store.new Anything passed to OpenSSL::X509::Store.new was always ignored. Let's emit an explicit warning to not confuse users. ruby/openssl@d173700eeb
Use ossl_x509_sk2ary() to create an array of OpenSSL::X509::Certificate from STACK_OF(X509). ruby/openssl@fa1da69f92
Use the OpenSSL function name that caused the error to generate a better error message. ruby/openssl@b31809ba3d
The certificate passed as the second argument was not properly free'd in the error paths. ruby/openssl@9561199b9f
…Context Add more details about each method, and add reference to OpenSSL man pages. ruby/openssl@02b6f82c73
The test case is huge and too complex. Break it up into separate test cases for better documentation. ruby/openssl@61012df03b
…tore#add_cert Rename the test case to test_add_cert_duplicate to clarify what it is actually testing. ruby/openssl@4cc3c4110f
Errno::EPROTOTYPE is not supposed to be raised by SSLSocket#write. However, on macOS, send(2) which is called via SSL_write() can occasionally return EPROTOTYPE. Retry SSL_write() so that we get a proper error, just as ext/socket does. Reference: https://bugs.ruby-lang.org/issues/14713 Reference: ruby/openssl#227 ruby/openssl@2e700c80bf
The underlying API SSL_CTX_set_tmp_ecdh_callback() was removed by LibreSSL >= 2.6.1 and OpenSSL >= 1.1.0, in other words, it is not supported by any non-EOL versions of OpenSSL. The wrapper was initially implemented in Ruby 2.3 and has been deprecated since Ruby/OpenSSL 2.0 (bundled with Ruby 2.4) with explicit warning with rb_warn(). ruby/openssl@ee037e1460
…) form The form created an empty EC_GROUP object with the specified EC_METHOD. However, the feature was unfinished and not useful in any way because OpenSSL::PKey::EC::Group did not implement wrappers for necessary functions to set actual parameters for the group, namely EC_GROUP_set_curve() family. EC_GROUP object creation with EC_METHOD explicitly specified is deprecated in OpenSSL 3.0, as it was apparently not intended for use outside OpenSSL. It is still possible to create EC_GROUP, but without EC_METHOD explicitly specified - OpenSSL chooses the appropriate EC_METHOD for the curve type. The OpenSSL::PKey::EC::Group.new(<:GFp|:GF2m>, p, a, b) form will continue to work. ruby/openssl@df4bec841f
This defines TLS1_3_VERSION when using LibreSSL 3.2+. LibreSSL 3.2/3.3 doesn't advertise this by default, even though it will use TLS 1.3 in both client and server modes. Changes between LibreSSL 3.1 and 3.2/3.3 broke a few tests, Defining TLS1_3_VERSION by itself fixes 1 test failure. A few tests now fail on LibreSSL 3.2/3.3 unless TLS 1.2 is set as the maximum version, and this adjusts those tests. The client CA test doesn't work in LibreSSL 3.2+, so I've marked that as pending. For the hostname verification, LibreSSL 3.2.2+ has a new stricter hostname verifier that doesn't like subjectAltName such as c*.example.com and d.*.example.com, so adjust the related tests. With these changes, the tests pass on LibreSSL 3.2/3.3. ruby/openssl@a0e98d48c9
…ure_info Made stored values `Symbol`s instead of `ID`s. Fixes https://bugs.ruby-lang.org/issues/17625 Co-Authored-By: xtkoba (Tee KOBAYASHI) <xtkoba+ruby@gmail.com> ruby/openssl@f2d004679a
Although the manpage says that BIGNUM functions return 0 on error, OpenSSL versions before 1.0.2n and current LibreSSL versions may return -1 instead. Note that the implementation of OpenSSL::BN#mod_inverse is extracted from BIGNUM_2c() macro as it didn't really share the same function signature with others. ruby/openssl@9b59f34345
LibreSSL 3.2.4 made the certificate verification logic back closer to
pre-3.2.2 one, which is more compatible with OpenSSL.
Part of the fixes added by commit a0e98d48c91f ("Enhance TLS 1.3 support
on LibreSSL 3.2/3.3", 2020-12-03) is required for 3.2.2 and 3.2.3 only
(and ~3.3.1, however 3.3 does not have a stable release yet). Since both
releases are security fix, it should be safe to remove those special
treatment from our test suite.
While we are at it, TestSSL#test_ecdh_curves is split into TLS 1.2 and
TLS 1.3 variants for clarity.
ruby/openssl@a9954bac22
It is not a common practice and should not be done since it causes name clash: for example, Digest and Random are provided by other standard libraries of Ruby. Fixes: ruby/openssl#419 ruby/openssl@6a6444984b
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Merge commits since v2.2.0.
ruby/openssl@bd3508d