jruby-openssl 0.11.0-java → 0.12.1-java

data/lib/jopenssl19/openssl/ssl-internal.rb

@@ -1,223 +0,0 @@
-=begin
-= $RCSfile$ -- Ruby-space definitions that completes C-space funcs for SSL
-
-= Info
-  'OpenSSL for Ruby 2' project
-  Copyright (C) 2001 GOTOU YUUZOU <gotoyuzo@notwork.org>
-  All rights reserved.
-
-= Licence
-  This program is licenced under the same licence as Ruby.
-  (See the file 'LICENCE'.)
-
-= Version
-  $Id$
-=end
-
-require "openssl/buffering"
-require 'fcntl' # used by OpenSSL::SSL::Nonblock (if loaded)
-
-module OpenSSL
-  module SSL
-    class SSLContext
-      DEFAULT_PARAMS = {
-          :ssl_version => "SSLv23",
-          :verify_mode => OpenSSL::SSL::VERIFY_PEER,
-          :ciphers => %w{
-          ECDHE-ECDSA-AES128-GCM-SHA256
-          ECDHE-RSA-AES128-GCM-SHA256
-          ECDHE-ECDSA-AES256-GCM-SHA384
-          ECDHE-RSA-AES256-GCM-SHA384
-          DHE-RSA-AES128-GCM-SHA256
-          DHE-DSS-AES128-GCM-SHA256
-          DHE-RSA-AES256-GCM-SHA384
-          DHE-DSS-AES256-GCM-SHA384
-          ECDHE-ECDSA-AES128-SHA256
-          ECDHE-RSA-AES128-SHA256
-          ECDHE-ECDSA-AES128-SHA
-          ECDHE-RSA-AES128-SHA
-          ECDHE-ECDSA-AES256-SHA384
-          ECDHE-RSA-AES256-SHA384
-          ECDHE-ECDSA-AES256-SHA
-          ECDHE-RSA-AES256-SHA
-          DHE-RSA-AES128-SHA256
-          DHE-RSA-AES256-SHA256
-          DHE-RSA-AES128-SHA
-          DHE-RSA-AES256-SHA
-          DHE-DSS-AES128-SHA256
-          DHE-DSS-AES256-SHA256
-          DHE-DSS-AES128-SHA
-          DHE-DSS-AES256-SHA
-          AES128-GCM-SHA256
-          AES256-GCM-SHA384
-          AES128-SHA256
-          AES256-SHA256
-          AES128-SHA
-          AES256-SHA
-          ECDHE-ECDSA-RC4-SHA
-          ECDHE-RSA-RC4-SHA
-          RC4-SHA
-        }.join(":"),
-          :options => -> {
-            opts = OpenSSL::SSL::OP_ALL
-            opts &= ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS if defined?(OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS)
-            opts |= OpenSSL::SSL::OP_NO_COMPRESSION if defined?(OpenSSL::SSL::OP_NO_COMPRESSION)
-            opts |= OpenSSL::SSL::OP_NO_SSLv2 if defined?(OpenSSL::SSL::OP_NO_SSLv2)
-            opts |= OpenSSL::SSL::OP_NO_SSLv3 if defined?(OpenSSL::SSL::OP_NO_SSLv3)
-            opts
-          }.call
-      } unless const_defined? :DEFAULT_PARAMS # JRuby does it in Java
-
-      begin
-        DEFAULT_CERT_STORE = OpenSSL::X509::Store.new
-        DEFAULT_CERT_STORE.set_default_paths
-        if defined?(OpenSSL::X509::V_FLAG_CRL_CHECK_ALL)
-          DEFAULT_CERT_STORE.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
-        end
-      end unless const_defined? :DEFAULT_CERT_STORE
-
-      def set_params(params={})
-        params = DEFAULT_PARAMS.merge(params)
-        params.each{|name, value| self.__send__("#{name}=", value) }
-        if self.verify_mode != OpenSSL::SSL::VERIFY_NONE
-          unless self.ca_file or self.ca_path or self.cert_store
-            self.cert_store = DEFAULT_CERT_STORE
-          end
-        end
-        return params
-      end unless method_defined? :set_params
-    end
-
-    module SocketForwarder
-      def addr
-        to_io.addr
-      end
-
-      def peeraddr
-        to_io.peeraddr
-      end
-
-      def setsockopt(level, optname, optval)
-        to_io.setsockopt(level, optname, optval)
-      end
-
-      def getsockopt(level, optname)
-        to_io.getsockopt(level, optname)
-      end
-
-      def fcntl(*args)
-        to_io.fcntl(*args)
-      end
-
-      def closed?
-        to_io.closed?
-      end
-
-      def do_not_reverse_lookup=(flag)
-        to_io.do_not_reverse_lookup = flag
-      end
-    end
-
-    def verify_certificate_identity(cert, hostname)
-      should_verify_common_name = true
-      cert.extensions.each { |ext|
-        next if ext.oid != "subjectAltName"
-        ext.value.split(/,\s+/).each { |general_name|
-          # MRI 1.9.3 (since we parse ASN.1 differently)
-          # when 2 # dNSName in GeneralName (RFC5280)
-          if /\ADNS:(.*)/ =~ general_name
-            should_verify_common_name = false
-            reg = Regexp.escape($1).gsub(/\\\*/, "[^.]+")
-            return true if /\A#{reg}\z/i =~ hostname
-          # MRI 1.9.3 (since we parse ASN.1 differently)
-          # when 7 # iPAddress in GeneralName (RFC5280)
-          elsif /\AIP(?: Address)?:(.*)/ =~ general_name
-            should_verify_common_name = false
-            return true if $1 == hostname
-            # NOTE: bellow logic makes little sense as we read exts differently
-            #value = $1 # follows GENERAL_NAME_print() in x509v3/v3_alt.c
-            #if value.size == 4
-            #  return true if value.unpack('C*').join('.') == hostname
-            #elsif value.size == 16
-            #  return true if value.unpack('n*').map { |e| sprintf("%X", e) }.join(':') == hostname
-            #end
-          end
-        }
-      }
-      if should_verify_common_name
-        cert.subject.to_a.each { |oid, value|
-          if oid == "CN"
-            reg = Regexp.escape(value).gsub(/\\\*/, "[^.]+")
-            return true if /\A#{reg}\z/i =~ hostname
-          end
-        }
-      end
-      return false
-    end
-    module_function :verify_certificate_identity
-
-    class SSLSocket
-      include Buffering
-      include SocketForwarder
-      include Nonblock
-
-      def sysclose
-        return if closed?
-        stop
-        io.close if sync_close
-      end unless method_defined? :sysclose
-
-      def post_connection_check(hostname)
-        unless OpenSSL::SSL.verify_certificate_identity(peer_cert, hostname)
-          raise SSLError, "hostname does not match the server certificate"
-        end
-        return true
-      end
-
-    end
-
-    class SSLServer
-      include SocketForwarder
-      attr_accessor :start_immediately
-
-      def initialize(svr, ctx)
-        @svr = svr
-        @ctx = ctx
-        unless ctx.session_id_context
-          session_id = OpenSSL::Digest::MD5.hexdigest($0)
-          @ctx.session_id_context = session_id
-        end
-        @start_immediately = true
-      end
-
-      def to_io
-        @svr
-      end
-
-      def listen(backlog=5)
-        @svr.listen(backlog)
-      end
-
-      def shutdown(how=Socket::SHUT_RDWR)
-        @svr.shutdown(how)
-      end
-
-      def accept
-        sock = @svr.accept
-        begin
-          ssl = OpenSSL::SSL::SSLSocket.new(sock, @ctx)
-          ssl.sync_close = true
-          ssl.accept if @start_immediately
-          ssl
-        rescue SSLError => ex
-          sock.close
-          raise ex
-        end
-      end
-
-      def close
-        @svr.close
-      end
-    end
-  end
-end

data/lib/jopenssl19/openssl/ssl.rb

@@ -1,2 +0,0 @@
-warn 'deprecated openssl/ssl use: require "openssl" instead of "openssl/ssl"'
-require 'openssl'

data/lib/jopenssl19/openssl/x509-internal.rb

@@ -1,115 +0,0 @@
-=begin
-= $RCSfile$ -- Ruby-space definitions that completes C-space funcs for X509 and subclasses
-
-= Info
-  'OpenSSL for Ruby 2' project
-  Copyright (C) 2002  Michal Rokos <m.rokos@sh.cvut.cz>
-  All rights reserved.
-
-= Licence
-  This program is licenced under the same licence as Ruby.
-  (See the file 'LICENCE'.)
-
-= Version
-  $Id$
-=end
-
-module OpenSSL
-  module X509
-    class Name
-      module RFC2253DN
-        Special = ',=+<>#;'
-        HexChar = /[0-9a-fA-F]/
-        HexPair = /#{HexChar}#{HexChar}/
-        HexString = /#{HexPair}+/
-        Pair = /\\(?:[#{Special}]|\\|"|#{HexPair})/
-        StringChar = /[^#{Special}\\"]/
-        QuoteChar = /[^\\"]/
-        AttributeType = /[a-zA-Z][0-9a-zA-Z]*|[0-9]+(?:\.[0-9]+)*/
-        AttributeValue = /
-          (?!["#])((?:#{StringChar}|#{Pair})*)|
-          \#(#{HexString})|
-          "((?:#{QuoteChar}|#{Pair})*)"
-        /x
-        TypeAndValue = /\A(#{AttributeType})=#{AttributeValue}/
-
-        module_function
-
-        def expand_pair(str)
-          return nil unless str
-          return str.gsub(Pair){
-            pair = $&
-            case pair.size
-            when 2 then pair[1,1]
-            when 3 then Integer("0x#{pair[1,2]}").chr
-            else raise OpenSSL::X509::NameError, "invalid pair: #{str}"
-            end
-          }
-        end
-
-        def expand_hexstring(str)
-          return nil unless str
-          der = str.gsub(HexPair){$&.to_i(16).chr }
-          a1 = OpenSSL::ASN1.decode(der)
-          return a1.value, a1.tag
-        end
-
-        def expand_value(str1, str2, str3)
-          value = expand_pair(str1)
-          value, tag = expand_hexstring(str2) unless value
-          value = expand_pair(str3) unless value
-          return value, tag
-        end
-
-        def scan(dn)
-          str = dn
-          ary = []
-          while true
-            if md = TypeAndValue.match(str)
-              remain = md.post_match
-              type = md[1]
-              value, tag = expand_value(md[2], md[3], md[4]) rescue nil
-              if value
-                type_and_value = [type, value]
-                type_and_value.push(tag) if tag
-                ary.unshift(type_and_value)
-                if remain.length > 2 && remain[0] == ?,
-                  str = remain[1..-1]
-                  next
-                elsif remain.length > 2 && remain[0] == ?+
-                  raise OpenSSL::X509::NameError,
-                    "multi-valued RDN is not supported: #{dn}"
-                elsif remain.empty?
-                  break
-                end
-              end
-            end
-            msg_dn = dn[0, dn.length - str.length] + " =>" + str
-            raise OpenSSL::X509::NameError, "malformed RDN: #{msg_dn}"
-          end
-          return ary
-        end
-      end
-
-      class << self
-        def parse_rfc2253(str, template=OBJECT_TYPE_TEMPLATE)
-          ary = OpenSSL::X509::Name::RFC2253DN.scan(str)
-          self.new(ary, template)
-        end
-
-        def parse_openssl(str, template=OBJECT_TYPE_TEMPLATE)
-          ary = str.scan(/\s*([^\/,]+)\s*/).collect{|i| i[0].split("=", 2) }
-          self.new(ary, template)
-        end
-
-        alias parse parse_openssl
-      end
-    end
-
-    class StoreContext
-      def cleanup
-        warn "(#{caller.first}) OpenSSL::X509::StoreContext#cleanup is deprecated with no replacement" if $VERBOSE
-      end
-    end
-  end
-end

data/lib/jopenssl19/openssl/x509.rb

@@ -1,2 +0,0 @@
-warn 'deprecated openssl/x509 use: require "openssl" instead of "openssl/x509"'
-require 'openssl'

data/lib/jopenssl19/openssl.rb

@@ -1,22 +0,0 @@
-=begin
-= $RCSfile$ -- Loader for all OpenSSL C-space and Ruby-space definitions
-
-= Info
-  'OpenSSL for Ruby 2' project
-  Copyright (C) 2002  Michal Rokos <m.rokos@sh.cvut.cz>
-  All rights reserved.
-
-= Licence
-  This program is licenced under the same licence as Ruby.
-  (See the file 'LICENCE'.)
-
-= Version
-  $Id$
-=end
-
-require 'openssl/bn'
-require 'openssl/cipher'
-require 'openssl/config'
-require 'openssl/digest'
-require 'openssl/ssl-internal'
-require 'openssl/x509-internal'

data/lib/jopenssl21/openssl/bn.rb

@@ -1,28 +0,0 @@
-#--
-#
-# $RCSfile$
-#
-# = Ruby-space definitions that completes C-space funcs for BN
-#
-# = Info
-# 'OpenSSL for Ruby 2' project
-# Copyright (C) 2002  Michal Rokos <m.rokos@sh.cvut.cz>
-# All rights reserved.
-#
-# = Licence
-# This program is licenced under the same licence as Ruby.
-# (See the file 'LICENCE'.)
-#
-# = Version
-# $Id$
-#
-#++
-
-##
-# Add double dispatch to Integer
-#
-class Integer
-  def to_bn
-    OpenSSL::BN::new(self)
-  end
-end # Integer

data/lib/jopenssl21/openssl/buffering.rb

@@ -1 +0,0 @@
-load 'jopenssl22/openssl/buffering.rb'

data/lib/jopenssl21/openssl/cipher.rb

@@ -1 +0,0 @@
-load 'jopenssl22/openssl/cipher.rb'

data/lib/jopenssl21/openssl/config.rb

@@ -1 +0,0 @@
-load 'jopenssl22/openssl/config.rb'

data/lib/jopenssl21/openssl/digest.rb

@@ -1 +0,0 @@
-load 'jopenssl22/openssl/digest.rb'

data/lib/jopenssl21/openssl/ssl.rb

@@ -1 +0,0 @@
-load 'jopenssl22/openssl/ssl.rb'

data/lib/jopenssl21/openssl/x509.rb

@@ -1,119 +0,0 @@
-#--
-#
-# $RCSfile$
-#
-# = Ruby-space definitions that completes C-space funcs for X509 and subclasses
-#
-# = Info
-# 'OpenSSL for Ruby 2' project
-# Copyright (C) 2002  Michal Rokos <m.rokos@sh.cvut.cz>
-# All rights reserved.
-#
-# = Licence
-# This program is licenced under the same licence as Ruby.
-# (See the file 'LICENCE'.)
-#
-# = Version
-# $Id$
-#
-#++
-
-module OpenSSL
-  module X509
-    class Name
-      module RFC2253DN
-        Special = ',=+<>#;'
-        HexChar = /[0-9a-fA-F]/
-        HexPair = /#{HexChar}#{HexChar}/
-        HexString = /#{HexPair}+/
-        Pair = /\\(?:[#{Special}]|\\|"|#{HexPair})/
-        StringChar = /[^#{Special}\\"]/
-        QuoteChar = /[^\\"]/
-        AttributeType = /[a-zA-Z][0-9a-zA-Z]*|[0-9]+(?:\.[0-9]+)*/
-        AttributeValue = /
-          (?!["#])((?:#{StringChar}|#{Pair})*)|
-          \#(#{HexString})|
-          "((?:#{QuoteChar}|#{Pair})*)"
-        /x
-        TypeAndValue = /\A(#{AttributeType})=#{AttributeValue}/
-
-        module_function
-
-        def expand_pair(str)
-          return nil unless str
-          return str.gsub(Pair){
-            pair = $&
-            case pair.size
-            when 2 then pair[1,1]
-            when 3 then Integer("0x#{pair[1,2]}").chr
-            else raise OpenSSL::X509::NameError, "invalid pair: #{str}"
-            end
-          }
-        end
-
-        def expand_hexstring(str)
-          return nil unless str
-          der = str.gsub(HexPair){$&.to_i(16).chr }
-          a1 = OpenSSL::ASN1.decode(der)
-          return a1.value, a1.tag
-        end
-
-        def expand_value(str1, str2, str3)
-          value = expand_pair(str1)
-          value, tag = expand_hexstring(str2) unless value
-          value = expand_pair(str3) unless value
-          return value, tag
-        end
-
-        def scan(dn)
-          str = dn
-          ary = []
-          while true
-            if md = TypeAndValue.match(str)
-              remain = md.post_match
-              type = md[1]
-              value, tag = expand_value(md[2], md[3], md[4]) rescue nil
-              if value
-                type_and_value = [type, value]
-                type_and_value.push(tag) if tag
-                ary.unshift(type_and_value)
-                if remain.length > 2 && remain[0] == ?,
-                  str = remain[1..-1]
-                  next
-                elsif remain.length > 2 && remain[0] == ?+
-                  raise OpenSSL::X509::NameError,
-                    "multi-valued RDN is not supported: #{dn}"
-                elsif remain.empty?
-                  break
-                end
-              end
-            end
-            msg_dn = dn[0, dn.length - str.length] + " =>" + str
-            raise OpenSSL::X509::NameError, "malformed RDN: #{msg_dn}"
-          end
-          return ary
-        end
-      end
-
-      class << self
-        def parse_rfc2253(str, template=OBJECT_TYPE_TEMPLATE)
-          ary = OpenSSL::X509::Name::RFC2253DN.scan(str)
-          self.new(ary, template)
-        end
-
-        def parse_openssl(str, template=OBJECT_TYPE_TEMPLATE)
-          ary = str.scan(/\s*([^\/,]+)\s*/).collect{|i| i[0].split("=", 2) }
-          self.new(ary, template)
-        end
-
-        alias parse parse_openssl
-      end
-    end
-
-    class StoreContext
-      def cleanup
-        warn "(#{caller.first}) OpenSSL::X509::StoreContext#cleanup is deprecated with no replacement" if $VERBOSE
-      end
-    end
-  end
-end

data/lib/jopenssl21/openssl.rb

@@ -1,22 +0,0 @@
-=begin
-= $RCSfile$ -- Loader for all OpenSSL C-space and Ruby-space definitions
-
-= Info
-  'OpenSSL for Ruby 2' project
-  Copyright (C) 2002  Michal Rokos <m.rokos@sh.cvut.cz>
-  All rights reserved.
-
-= Licence
-  This program is licenced under the same licence as Ruby.
-  (See the file 'LICENCE'.)
-
-= Version
-  $Id$
-=end
-
-require 'openssl/bn'
-require 'openssl/cipher'
-require 'openssl/config'
-require 'openssl/digest'
-require 'openssl/x509'
-require 'openssl/ssl'

data/lib/jopenssl22/openssl/bn.rb

@@ -1,39 +0,0 @@
-#--
-#
-# $RCSfile$
-#
-# = Ruby-space definitions that completes C-space funcs for BN
-#
-# = Info
-# 'OpenSSL for Ruby 2' project
-# Copyright (C) 2002  Michal Rokos <m.rokos@sh.cvut.cz>
-# All rights reserved.
-#
-# = Licence
-# This program is licenced under the same licence as Ruby.
-# (See the file 'LICENCE'.)
-#
-# = Version
-# $Id$
-#
-#++
-
-module OpenSSL
-  class BN
-    def pretty_print(q)
-      q.object_group(self) {
-        q.text ' '
-        q.text to_i.to_s
-      }
-    end
-  end # BN
-end # OpenSSL
-
-##
-# Add double dispatch to Integer
-#
-class Integer
-  def to_bn
-    OpenSSL::BN::new(self)
-  end
-end # Integer