jruby-openssl 0.9.7-java → 0.9.8-java

data/lib/jopenssl21/openssl/cipher.rb

@@ -1,28 +1 @@
-#--
-#
-# $RCSfile$
-#
-# = Ruby-space predefined Cipher subclasses
-#
-# = Info
-# 'OpenSSL for Ruby 2' project
-# Copyright (C) 2002  Michal Rokos <m.rokos@sh.cvut.cz>
-# All rights reserved.
-#
-# = Licence
-# This program is licenced under the same licence as Ruby.
-# (See the file 'LICENCE'.)
-#
-# = Version
-# $Id$
-#
-#++
-
-module OpenSSL
-  class Cipher
-    # This class is only provided for backwards compatibility.  Use OpenSSL::Cipher in the future.
-    class Cipher < Cipher
-      # add warning
-    end
-  end # Cipher
-end # OpenSSL
+load 'jopenssl22/openssl/cipher.rb'

data/lib/jopenssl21/openssl/config.rb

@@ -1,313 +1 @@
-=begin
-= Ruby-space definitions that completes C-space funcs for Config
-
-= Info
-  Copyright (C) 2010  Hiroshi Nakamura <nahi@ruby-lang.org>
-
-= Licence
-  This program is licenced under the same licence as Ruby.
-  (See the file 'LICENCE'.)
-
-=end
-
-require 'stringio'
-
-module OpenSSL
-  class Config
-    include Enumerable
-
-    class << self
-      def parse(str)
-        c = new()
-        parse_config(StringIO.new(str)).each do |section, hash|
-          c[section] = hash
-        end
-        c
-      end
-
-      alias load new
-
-      def parse_config(io)
-        begin
-          parse_config_lines(io)
-        rescue ConfigError => e
-          e.message.replace("error in line #{io.lineno}: " + e.message)
-          raise
-        end
-      end
-
-      def get_key_string(data, section, key) # :nodoc:
-        if v = data[section] && data[section][key]
-          return v
-        elsif section == 'ENV'
-          if v = ENV[key]
-            return v
-          end
-        end
-        if v = data['default'] && data['default'][key]
-          return v
-        end
-      end
-
-    private
-
-      def parse_config_lines(io)
-        section = 'default'
-        data = {section => {}}
-        while definition = get_definition(io)
-          definition = clear_comments(definition)
-          next if definition.empty?
-          if definition[0] == ?[
-            if /\[([^\]]*)\]/ =~ definition
-              section = $1.strip
-              data[section] ||= {}
-            else
-              raise ConfigError, "missing close square bracket"
-            end
-          else
-            if /\A([^:\s]*)(?:::([^:\s]*))?\s*=(.*)\z/ =~ definition
-              if $2
-                section = $1
-                key = $2
-              else
-                key = $1
-              end
-              value = unescape_value(data, section, $3)
-              (data[section] ||= {})[key] = value.strip
-            else
-              raise ConfigError, "missing equal sign"
-            end
-          end
-        end
-        data
-      end
-
-      # escape with backslash
-      QUOTE_REGEXP_SQ = /\A([^'\\]*(?:\\.[^'\\]*)*)'/
-      # escape with backslash and doubled dq
-      QUOTE_REGEXP_DQ = /\A([^"\\]*(?:""[^"\\]*|\\.[^"\\]*)*)"/
-      # escaped char map
-      ESCAPE_MAP = {
-        "r" => "\r",
-        "n" => "\n",
-        "b" => "\b",
-        "t" => "\t",
-      }
-
-      def unescape_value(data, section, value)
-        scanned = []
-        while m = value.match(/['"\\$]/)
-          scanned << m.pre_match
-          c = m[0]
-          value = m.post_match
-          case c
-          when "'"
-            if m = value.match(QUOTE_REGEXP_SQ)
-              scanned << m[1].gsub(/\\(.)/, '\\1')
-              value = m.post_match
-            else
-              break
-            end
-          when '"'
-            if m = value.match(QUOTE_REGEXP_DQ)
-              scanned << m[1].gsub(/""/, '').gsub(/\\(.)/, '\\1')
-              value = m.post_match
-            else
-              break
-            end
-          when "\\"
-            c = value.slice!(0, 1)
-            scanned << (ESCAPE_MAP[c] || c)
-          when "$"
-            ref, value = extract_reference(value)
-            refsec = section
-            if ref.index('::')
-              refsec, ref = ref.split('::', 2)
-            end
-            if v = get_key_string(data, refsec, ref)
-              scanned << v
-            else
-              raise ConfigError, "variable has no value"
-            end
-          else
-            raise 'must not reaced'
-          end
-        end
-        scanned << value
-        scanned.join
-      end
-
-      def extract_reference(value)
-        rest = ''
-        if m = value.match(/\(([^)]*)\)|\{([^}]*)\}/)
-          value = m[1] || m[2]
-          rest = m.post_match
-        elsif [?(, ?{].include?(value[0])
-          raise ConfigError, "no close brace"
-        end
-        if m = value.match(/[a-zA-Z0-9_]*(?:::[a-zA-Z0-9_]*)?/)
-          return m[0], m.post_match + rest
-        else
-          raise
-        end
-      end
-
-      def clear_comments(line)
-        # FCOMMENT
-        if m = line.match(/\A([\t\n\f ]*);.*\z/)
-          return m[1]
-        end
-        # COMMENT
-        scanned = []
-        while m = line.match(/[#'"\\]/)
-          scanned << m.pre_match
-          c = m[0]
-          line = m.post_match
-          case c
-          when '#'
-            line = nil
-            break
-          when "'", '"'
-            regexp = (c == "'") ? QUOTE_REGEXP_SQ : QUOTE_REGEXP_DQ
-            scanned << c
-            if m = line.match(regexp)
-              scanned << m[0]
-              line = m.post_match
-            else
-              scanned << line
-              line = nil
-              break
-            end
-          when "\\"
-            scanned << c
-            scanned << line.slice!(0, 1)
-          else
-            raise 'must not reaced'
-          end
-        end
-        scanned << line
-        scanned.join
-      end
-
-      def get_definition(io)
-        if line = get_line(io)
-          while /[^\\]\\\z/ =~ line
-            if extra = get_line(io)
-              line += extra
-            else
-              break
-            end
-          end
-          return line.strip
-        end
-      end
-
-      def get_line(io)
-        if line = io.gets
-          line.gsub(/[\r\n]*/, '')
-        end
-      end
-    end
-
-    def initialize(filename = nil)
-      @data = {}
-      if filename
-        File.open(filename.to_s) do |file|
-          Config.parse_config(file).each do |section, hash|
-            self[section] = hash
-          end
-        end
-      end
-    end
-
-    def get_value(section, key)
-      if section.nil?
-        raise TypeError.new('nil not allowed')
-      end
-      section = 'default' if section.empty?
-      get_key_string(section, key)
-    end
-
-    def value(arg1, arg2 = nil)
-      warn('Config#value is deprecated; use Config#get_value')
-      if arg2.nil?
-        section, key = 'default', arg1
-      else
-        section, key = arg1, arg2
-      end
-      section ||= 'default'
-      section = 'default' if section.empty?
-      get_key_string(section, key)
-    end
-
-    def add_value(section, key, value)
-      check_modify
-      (@data[section] ||= {})[key] = value
-    end
-
-    def [](section)
-      @data[section] || {}
-    end
-
-    def section(name)
-      warn('Config#section is deprecated; use Config#[]')
-      @data[name] || {}
-    end
-
-    def []=(section, pairs)
-      check_modify
-      @data[section] ||= {}
-      pairs.each do |key, value|
-        self.add_value(section, key, value)
-      end
-    end
-
-    def sections
-      @data.keys
-    end
-
-    def to_s
-      ary = []
-      @data.keys.sort.each do |section|
-        ary << "[ #{section} ]\n"
-        @data[section].keys.each do |key|
-          ary << "#{key}=#{@data[section][key]}\n"
-        end
-        ary << "\n"
-      end
-      ary.join
-    end
-
-    def each
-      @data.each do |section, hash|
-        hash.each do |key, value|
-          yield [section, key, value]
-        end
-      end
-    end
-
-    def inspect
-      "#<#{self.class.name} sections=#{sections.inspect}>"
-    end
-
-  protected
-
-    def data
-      @data
-    end
-
-  private
-
-    def initialize_copy(other)
-      @data = other.data.dup
-    end
-
-    def check_modify
-      raise TypeError.new("Insecure: can't modify OpenSSL config") if frozen?
-    end
-
-    def get_key_string(section, key)
-      Config.get_key_string(@data, section, key)
-    end
-  end
-end
+load 'jopenssl22/openssl/config.rb'

data/lib/jopenssl21/openssl/digest.rb

@@ -1,49 +1 @@
-#--
-#
-# $RCSfile$
-#
-# = Ruby-space predefined Digest subclasses
-#
-# = Info
-# 'OpenSSL for Ruby 2' project
-# Copyright (C) 2002  Michal Rokos <m.rokos@sh.cvut.cz>
-# All rights reserved.
-#
-# = Licence
-# This program is licenced under the same licence as Ruby.
-# (See the file 'LICENCE'.)
-#
-# = Version
-# $Id$
-#
-#++
-
-module OpenSSL
-  class Digest
-    # This class is only provided for backwards compatibility.  Use OpenSSL::Digest in the future.
-    class Digest < Digest
-      def initialize(*args)
-        # add warning
-        super(*args)
-      end
-    end
-  end # Digest
-
-  # Returns a Digest subclass by +name+.
-  #
-  #   require 'openssl'
-  #
-  #   OpenSSL::Digest("MD5")
-  #   # => OpenSSL::Digest::MD5
-  #
-  #   Digest("Foo")
-  #   # => NameError: wrong constant name Foo
-
-  def Digest(name)
-    OpenSSL::Digest.const_get(name)
-  end
-  
-  module_function :Digest
-
-end # OpenSSL
-
+load 'jopenssl22/openssl/digest.rb'

data/lib/jopenssl21/openssl/ssl.rb

@@ -1,205 +1 @@
-=begin
-= $RCSfile$ -- Ruby-space definitions that completes C-space funcs for SSL
-
-= Info
-  'OpenSSL for Ruby 2' project
-  Copyright (C) 2001 GOTOU YUUZOU <gotoyuzo@notwork.org>
-  All rights reserved.
-
-= Licence
-  This program is licenced under the same licence as Ruby.
-  (See the file 'LICENCE'.)
-
-= Version
-  $Id$
-=end
-
-require "openssl/buffering"
-require "fcntl"
-
-module OpenSSL
-  module SSL
-    module SocketForwarder
-      def addr
-        to_io.addr
-      end
-
-      def peeraddr
-        to_io.peeraddr
-      end
-
-      def setsockopt(level, optname, optval)
-        to_io.setsockopt(level, optname, optval)
-      end
-
-      def getsockopt(level, optname)
-        to_io.getsockopt(level, optname)
-      end
-
-      def fcntl(*args)
-        to_io.fcntl(*args)
-      end
-
-      def closed?
-        to_io.closed?
-      end
-
-      def do_not_reverse_lookup=(flag)
-        to_io.do_not_reverse_lookup = flag
-      end
-    end
-
-    module Nonblock
-      def initialize(*args)
-        flag = File::NONBLOCK
-        flag |= @io.fcntl(Fcntl::F_GETFL) if defined?(Fcntl::F_GETFL)
-        @io.fcntl(Fcntl::F_SETFL, flag)
-        super
-      end
-    end
-
-    # FIXME: Using the old non-ASN1 logic here because our ASN1 appears to
-    # return the wrong types for some decoded objects. See #1102
-    def verify_certificate_identity(cert, hostname)
-      should_verify_common_name = true
-      cert.extensions.each{|ext|
-        next if ext.oid != "subjectAltName"
-        ext.value.split(/,\s+/).each{|general_name|
-          if /\ADNS:(.*)/ =~ general_name
-            should_verify_common_name = false
-            reg = Regexp.escape($1).gsub(/\\\*/, "[^.]+")
-            return true if /\A#{reg}\z/i =~ hostname
-          # NOTE: somehow we need the IP: canonical form
-          # seems there were failures elsewhere when not
-          # not sure how that's possible possible to-do!
-          elsif /\AIP(?: Address)?:(.*)/ =~ general_name
-          #elsif /\AIP Address:(.*)/ =~ general_name
-            should_verify_common_name = false
-            return true if $1 == hostname
-          end
-        }
-      }
-      if should_verify_common_name
-        cert.subject.to_a.each{|oid, value|
-          if oid == "CN"
-            reg = Regexp.escape(value).gsub(/\\\*/, "[^.]+")
-            return true if /\A#{reg}\z/i =~ hostname
-          end
-        }
-      end
-      return false
-    end
-=begin
-    def verify_certificate_identity(cert, hostname)
-      should_verify_common_name = true
-      cert.extensions.each{|ext|
-        next if ext.oid != "subjectAltName"
-        ostr = OpenSSL::ASN1.decode(ext.to_der).value.last
-        sequence = OpenSSL::ASN1.decode(ostr.value)
-        sequence.value.each{|san|
-          case san.tag
-          when 2 # dNSName in GeneralName (RFC5280)
-            should_verify_common_name = false
-            reg = Regexp.escape(san.value).gsub(/\\\*/, "[^.]+")
-            return true if /\A#{reg}\z/i =~ hostname
-          when 7 # iPAddress in GeneralName (RFC5280)
-            should_verify_common_name = false
-            # follows GENERAL_NAME_print() in x509v3/v3_alt.c
-            if san.value.size == 4
-              return true if san.value.unpack('C*').join('.') == hostname
-            elsif san.value.size == 16
-              return true if san.value.unpack('n*').map { |e| sprintf("%X", e) }.join(':') == hostname
-            end
-          end
-        }
-      }
-      if should_verify_common_name
-        cert.subject.to_a.each{|oid, value|
-          if oid == "CN"
-            reg = Regexp.escape(value).gsub(/\\\*/, "[^.]+")
-            return true if /\A#{reg}\z/i =~ hostname
-          end
-        }
-      end
-      return false
-    end
-=end
-    module_function :verify_certificate_identity
-
-    class SSLSocket
-      include Buffering
-      include SocketForwarder
-      include Nonblock
-
-      def post_connection_check(hostname)
-        unless OpenSSL::SSL.verify_certificate_identity(peer_cert, hostname)
-          raise SSLError, "hostname \"#{hostname}\" does not match the server certificate"
-        end
-        return true
-      end
-
-      def session
-        SSL::Session.new(self)
-      rescue SSL::Session::SessionError
-        nil
-      end
-    end
-
-    ##
-    # SSLServer represents a TCP/IP server socket with Secure Sockets Layer.
-    class SSLServer
-      include SocketForwarder
-      # When true then #accept works exactly the same as TCPServer#accept
-      attr_accessor :start_immediately
-
-      # Creates a new instance of SSLServer.
-      # * +srv+ is an instance of TCPServer.
-      # * +ctx+ is an instance of OpenSSL::SSL::SSLContext.
-      def initialize(svr, ctx)
-        @svr = svr
-        @ctx = ctx
-        unless ctx.session_id_context
-          # see #6137 - session id may not exceed 32 bytes
-          prng = ::Random.new($0.hash)
-          session_id = prng.bytes(16).unpack('H*')[0]
-          @ctx.session_id_context = session_id
-        end
-        @start_immediately = true
-      end
-
-      # Returns the TCPServer passed to the SSLServer when initialized.
-      def to_io
-        @svr
-      end
-
-      # See TCPServer#listen for details.
-      def listen(backlog=5)
-        @svr.listen(backlog)
-      end
-
-      # See BasicSocket#shutdown for details.
-      def shutdown(how=Socket::SHUT_RDWR)
-        @svr.shutdown(how)
-      end
-
-      # Works similar to TCPServer#accept.
-      def accept
-        sock = @svr.accept
-        begin
-          ssl = OpenSSL::SSL::SSLSocket.new(sock, @ctx)
-          ssl.sync_close = true
-          ssl.accept if @start_immediately
-          ssl
-        rescue SSLError => ex
-          sock.close
-          raise ex
-        end
-      end
-
-      # See IO#close for details.
-      def close
-        @svr.close
-      end
-    end
-  end
-end
+load 'jopenssl22/openssl/ssl.rb'