jruby-openssl 0.7.2 → 0.7.3

data/History.txt

@@ -1,3 +1,13 @@
+== 0.7.3
+
+- JRUBY-5200: Net::IMAP + SSL(imaps) login could hang. Fixed.
+- JRUBY-5253: Allow to load the certificate file which includes private
+  key for activemarchant compatibility.
+- JRUBY-5267: Added SSL socket error-checks to avoid busy loop under an
+  unknown condition.
+- JRUBY-5316: Improvements for J9's IBMJCE support. Now all testcases
+  pass on J9 JDK 6.
+
 == 0.7.2
 
 - JRUBY-5126: Ignore Cipher#reset and Cipher#iv= when it's a stream

data/Manifest.txt

@@ -4,106 +4,112 @@ Manifest.txt
 README.txt
 License.txt
 lib/jopenssl.jar
+lib/openssl
 lib/jopenssl
 lib/jopenssl.jar
-lib/openssl
 lib/openssl.rb
-lib/jopenssl/version.rb
-lib/openssl/bn.rb
-lib/openssl/buffering.rb
-lib/openssl/cipher.rb
-lib/openssl/config.rb
-lib/openssl/digest.rb
 lib/openssl/dummy.rb
 lib/openssl/dummyssl.rb
-lib/openssl/pkcs7.rb
+lib/openssl/config.rb
+lib/openssl/cipher.rb
 lib/openssl/ssl.rb
+lib/openssl/bn.rb
 lib/openssl/x509.rb
-test/cert_with_ec_pk.cer
-test/fixture
-test/java
-test/openssl
-test/ref
+lib/openssl/digest.rb
+lib/openssl/buffering.rb
+lib/openssl/pkcs7.rb
+lib/jopenssl/version.rb
+test/test_imaps.rb
 test/test_all.rb
-test/test_certificate.rb
-test/test_cipher.rb
 test/test_integration.rb
+test/ut_eof.rb
+test/openssl
 test/test_java.rb
 test/test_openssl.rb
-test/test_parse_certificate.rb
-test/test_pkcs7.rb
 test/test_pkey.rb
-test/test_ssl.rb
+test/ref
+test/test_cipher.rb
+test/cert_with_ec_pk.cer
+test/fixture
+test/test_pkcs7.rb
 test/test_x509store.rb
-test/ut_eof.rb
-test/fixture/ca-bundle.crt
-test/fixture/ca_path
+test/test_certificate.rb
+test/test_parse_certificate.rb
+test/test_ssl.rb
+test/java
+test/openssl/test_x509name.rb
+test/openssl/test_ns_spki.rb
+test/openssl/test_x509cert.rb
+test/openssl/ssl_server.rb
+test/openssl/test_pair.rb
+test/openssl/test_ec.rb
+test/openssl/test_config.rb
+test/openssl/utils.rb
+test/openssl/test_x509req.rb
+test/openssl/test_cipher.rb
+test/openssl/test_digest.rb
+test/openssl/test_x509ext.rb
+test/openssl/test_asn1.rb
+test/openssl/test_pkcs7.rb
+test/openssl/test_x509store.rb
+test/openssl/test_pkey_rsa.rb
+test/openssl/test_ssl.rb
+test/openssl/test_x509crl.rb
+test/openssl/test_hmac.rb
+test/ref/compile.rb
+test/ref/a.out
+test/ref/pkcs1
+test/ref/pkcs1.c
 test/fixture/cacert.pem
-test/fixture/cert_localhost.pem
+test/fixture/ca-bundle.crt
 test/fixture/common.pem
-test/fixture/keypair.pem
+test/fixture/key_then_cert.pem
+test/fixture/verisign.pem
+test/fixture/cert_localhost.pem
 test/fixture/localhost_keypair.pem
+test/fixture/verisign_c3.pem
+test/fixture/selfcert.pem
 test/fixture/max.pem
+test/fixture/keypair.pem
 test/fixture/purpose
-test/fixture/selfcert.pem
-test/fixture/verisign.pem
-test/fixture/verisign_c3.pem
-test/fixture/ca_path/72fa7371.0
-test/fixture/ca_path/verisign.pem
-test/fixture/purpose/b70a5bc1.0
-test/fixture/purpose/ca
+test/fixture/imaps
+test/fixture/ca_path
 test/fixture/purpose/cacert.pem
-test/fixture/purpose/scripts
 test/fixture/purpose/sslclient
+test/fixture/purpose/b70a5bc1.0
+test/fixture/purpose/ca
 test/fixture/purpose/sslclient.pem
-test/fixture/purpose/sslserver
 test/fixture/purpose/sslserver.pem
-test/fixture/purpose/ca/ca_config.rb
+test/fixture/purpose/scripts
+test/fixture/purpose/sslserver
+test/fixture/purpose/sslclient/sslclient.pem
+test/fixture/purpose/sslclient/csr.pem
+test/fixture/purpose/sslclient/keypair.pem
 test/fixture/purpose/ca/cacert.pem
 test/fixture/purpose/ca/newcerts
 test/fixture/purpose/ca/PASSWD_OF_CA_KEY_IS_1234
-test/fixture/purpose/ca/private
+test/fixture/purpose/ca/ca_config.rb
 test/fixture/purpose/ca/serial
+test/fixture/purpose/ca/private
 test/fixture/purpose/ca/newcerts/2_cert.pem
 test/fixture/purpose/ca/newcerts/3_cert.pem
 test/fixture/purpose/ca/private/cakeypair.pem
 test/fixture/purpose/scripts/gen_cert.rb
-test/fixture/purpose/scripts/gen_csr.rb
 test/fixture/purpose/scripts/init_ca.rb
-test/fixture/purpose/sslclient/csr.pem
-test/fixture/purpose/sslclient/keypair.pem
-test/fixture/purpose/sslclient/sslclient.pem
+test/fixture/purpose/scripts/gen_csr.rb
+test/fixture/purpose/sslserver/sslserver.pem
 test/fixture/purpose/sslserver/csr.pem
 test/fixture/purpose/sslserver/keypair.pem
-test/fixture/purpose/sslserver/sslserver.pem
+test/fixture/imaps/cacert.pem
+test/fixture/imaps/server.crt
+test/fixture/imaps/server.key
+test/fixture/ca_path/verisign.pem
+test/fixture/ca_path/72fa7371.0
 test/java/pkcs7_mime_enveloped.message
 test/java/pkcs7_mime_signed.message
-test/java/pkcs7_multipart_signed.message
-test/java/test_java_attribute.rb
+test/java/test_java_pkcs7.rb
 test/java/test_java_bio.rb
+test/java/pkcs7_multipart_signed.message
 test/java/test_java_mime.rb
-test/java/test_java_pkcs7.rb
+test/java/test_java_attribute.rb
 test/java/test_java_smime.rb
-test/openssl/ssl_server.rb
-test/openssl/test_asn1.rb
-test/openssl/test_cipher.rb
-test/openssl/test_config.rb
-test/openssl/test_digest.rb
-test/openssl/test_ec.rb
-test/openssl/test_hmac.rb
-test/openssl/test_ns_spki.rb
-test/openssl/test_pair.rb
-test/openssl/test_pkcs7.rb
-test/openssl/test_pkey_rsa.rb
-test/openssl/test_ssl.rb
-test/openssl/test_x509cert.rb
-test/openssl/test_x509crl.rb
-test/openssl/test_x509ext.rb
-test/openssl/test_x509name.rb
-test/openssl/test_x509req.rb
-test/openssl/test_x509store.rb
-test/openssl/utils.rb
-test/ref/a.out
-test/ref/compile.rb
-test/ref/pkcs1
-test/ref/pkcs1.c

data/Rakefile

@@ -49,12 +49,12 @@ task :clean => :more_clean
 
 File.open("Manifest.txt", "w") {|f| MANIFEST.each {|n| f.puts n } }
 
-require File.dirname(__FILE__) + "/lib/jopenssl/version"
 begin
   require 'hoe'
   Hoe.plugin :gemcutter
   Hoe.add_include_dirs('build_lib')
   hoe = Hoe.spec("jruby-openssl") do |p|
+    load File.dirname(__FILE__) + "/lib/jopenssl/version.rb"
     p.version = Jopenssl::Version::VERSION
     p.rubyforge_name = "jruby-extras"
     p.url = "http://jruby-extras.rubyforge.org/jruby-openssl"

data/lib/jopenssl/version.rb

@@ -1,5 +1,5 @@
 module Jopenssl
   module Version
-    VERSION = "0.7.2"
+    VERSION = "0.7.3"
   end
 end

data/test/fixture/imaps/cacert.pem

@@ -0,0 +1,60 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            9f:dc:f7:94:98:05:43:4c
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org
+        Validity
+            Not Before: Dec 23 10:21:33 2010 GMT
+            Not After : Jan  1 10:21:33 2014 GMT
+        Subject: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (1024 bit)
+                Modulus:
+                    00:ce:be:2c:9f:47:ba:db:9c:9c:5b:f0:38:3b:f3:
+                    74:20:37:76:23:9f:84:1c:81:90:b4:3e:00:20:34:
+                    98:7e:81:69:50:a1:c3:65:96:ea:fa:00:da:8c:cc:
+                    53:3f:ba:3c:d0:50:7a:5a:b4:6b:ac:d3:2e:18:ca:
+                    2a:69:b3:6a:6f:38:c2:32:a8:06:b6:0a:30:a9:ee:
+                    03:38:e9:05:a5:19:23:54:a8:3c:b9:08:ad:2b:72:
+                    23:df:93:22:c4:46:a8:ea:f1:a6:e9:30:4a:3f:83:
+                    39:e9:62:8e:8b:a3:5e:67:89:1d:7c:75:de:05:aa:
+                    58:b1:b7:79:7c:10:80:6d:87
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                41:C9:49:37:B1:FA:61:E3:BA:D7:19:3D:D9:DA:8C:B9:82:C9:B4:6A
+            X509v3 Authority Key Identifier: 
+                keyid:41:C9:49:37:B1:FA:61:E3:BA:D7:19:3D:D9:DA:8C:B9:82:C9:B4:6A
+
+            X509v3 Basic Constraints: 
+                CA:TRUE
+    Signature Algorithm: sha1WithRSAEncryption
+        86:00:33:b9:dd:ff:5f:83:59:5f:c3:29:3c:d7:11:db:10:b3:
+        d7:d1:70:fb:0a:c6:74:85:c6:ea:e1:15:c4:92:f8:0e:11:cc:
+        ff:a6:3c:31:c2:2c:66:d8:fe:63:93:9f:b0:97:e6:f5:bc:5c:
+        80:68:96:5d:eb:77:b9:23:dd:68:a7:49:03:ff:22:48:55:f1:
+        39:7c:20:21:ff:64:52:e1:f6:cf:3c:b3:4d:2c:5c:03:62:ea:
+        c5:49:99:07:fa:8d:ff:7b:c2:75:0c:ca:24:b5:0b:f5:b7:57:
+        3a:10:f0:8a:bb:9a:e8:92:4d:d5:6f:c2:a2:29:36:61:78:a4:
+        dc:7b
+-----BEGIN CERTIFICATE-----
+MIIC6DCCAlGgAwIBAgIJAJ/c95SYBUNMMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYD
+VQQGEwJKUDEQMA4GA1UECAwHU2hpbWFuZTEUMBIGA1UEBwwLTWF0ei1lIGNpdHkx
+FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0Ex
+JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwHhcNMTAxMjIz
+MTAyMTMzWhcNMTQwMTAxMTAyMTMzWjCBjDELMAkGA1UEBhMCSlAxEDAOBgNVBAgM
+B1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQKDA5SdWJ5IENv
+cmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZIhvcNAQkBFhZz
+ZWN1cml0eUBydWJ5LWxhbmcub3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDOviyfR7rbnJxb8Dg783QgN3Yjn4QcgZC0PgAgNJh+gWlQocNllur6ANqMzFM/
+ujzQUHpatGus0y4Yyipps2pvOMIyqAa2CjCp7gM46QWlGSNUqDy5CK0rciPfkyLE
+Rqjq8abpMEo/gznpYo6Lo15niR18dd4Fqlixt3l8EIBthwIDAQABo1AwTjAdBgNV
+HQ4EFgQUQclJN7H6YeO61xk92dqMuYLJtGowHwYDVR0jBBgwFoAUQclJN7H6YeO6
+1xk92dqMuYLJtGowDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCGADO5
+3f9fg1lfwyk81xHbELPX0XD7CsZ0hcbq4RXEkvgOEcz/pjwxwixm2P5jk5+wl+b1
+vFyAaJZd63e5I91op0kD/yJIVfE5fCAh/2RS4fbPPLNNLFwDYurFSZkH+o3/e8J1
+DMoktQv1t1c6EPCKu5rokk3Vb8KiKTZheKTcew==
+-----END CERTIFICATE-----

data/test/fixture/imaps/server.crt

@@ -0,0 +1,61 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 0 (0x0)
+        Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org
+        Validity
+            Not Before: Dec 23 10:23:52 2010 GMT
+            Not After : Jan  1 10:23:52 2014 GMT
+        Subject: C=JP, ST=Shimane, O=Ruby Core Team, OU=Ruby Test, CN=localhost
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (1024 bit)
+                Modulus:
+                    00:db:75:d0:45:de:b1:df:bf:71:a0:0e:b0:a5:e6:
+                    bc:f4:1c:9d:e5:25:67:64:c5:7b:cb:f1:af:c6:be:
+                    9a:aa:ea:7e:0f:cc:05:af:ef:40:69:06:b2:c9:13:
+                    9d:7e:eb:a2:06:e2:ea:7d:07:c7:c7:99:c7:fb:d5:
+                    b8:eb:63:77:62:2b:18:12:c3:53:58:d0:f5:c7:40:
+                    0c:01:d1:26:82:34:16:09:e3:dc:65:f4:dc:bb:5d:
+                    a5:41:60:e7:a9:74:ba:d7:4c:b6:a3:9c:c5:8c:89:
+                    af:cb:e8:9f:05:fe:ea:fe:64:24:bf:e7:ed:e3:f6:
+                    d0:fc:d6:eb:fc:06:82:10:fb
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            Netscape Comment: 
+                OpenSSL Generated Certificate
+            X509v3 Subject Key Identifier: 
+                E8:7E:58:AC:13:7B:03:22:8D:9E:AF:32:0B:84:89:80:80:0C:1E:C2
+            X509v3 Authority Key Identifier: 
+                keyid:41:C9:49:37:B1:FA:61:E3:BA:D7:19:3D:D9:DA:8C:B9:82:C9:B4:6A
+
+    Signature Algorithm: sha1WithRSAEncryption
+        ae:ee:cd:fe:c9:af:48:0b:50:37:ac:6a:f6:68:90:9b:67:df:
+        6f:2d:17:c9:3c:a5:da:ad:39:dc:2a:5b:07:88:26:38:19:30:
+        d6:95:cf:10:69:c7:92:14:83:be:f1:b5:8e:6f:d9:91:51:c5:
+        63:ae:1c:89:ac:27:bf:4f:2a:8f:4e:0c:57:42:0a:c9:8e:0c:
+        f4:f3:02:f7:ea:44:b6:e4:47:05:af:4e:74:e4:87:87:d9:c8:
+        76:ed:ab:32:7c:f0:31:34:10:14:bc:a6:37:cd:d7:dc:33:da:
+        82:d3:d4:9b:e9:d5:cd:38:cc:fa:81:5f:4e:fd:5f:53:05:5d:
+        76:f9
+-----BEGIN CERTIFICATE-----
+MIIC3jCCAkegAwIBAgIBADANBgkqhkiG9w0BAQUFADCBjDELMAkGA1UEBhMCSlAx
+EDAOBgNVBAgMB1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQK
+DA5SdWJ5IENvcmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZI
+hvcNAQkBFhZzZWN1cml0eUBydWJ5LWxhbmcub3JnMB4XDTEwMTIyMzEwMjM1MloX
+DTE0MDEwMTEwMjM1MlowYDELMAkGA1UEBhMCSlAxEDAOBgNVBAgMB1NoaW1hbmUx
+FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRIwEAYDVQQLDAlSdWJ5IFRlc3QxEjAQ
+BgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA23XQ
+Rd6x379xoA6wpea89Byd5SVnZMV7y/Gvxr6aqup+D8wFr+9AaQayyROdfuuiBuLq
+fQfHx5nH+9W462N3YisYEsNTWND1x0AMAdEmgjQWCePcZfTcu12lQWDnqXS610y2
+o5zFjImvy+ifBf7q/mQkv+ft4/bQ/Nbr/AaCEPsCAwEAAaN7MHkwCQYDVR0TBAIw
+ADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUw
+HQYDVR0OBBYEFOh+WKwTewMijZ6vMguEiYCADB7CMB8GA1UdIwQYMBaAFEHJSTex
++mHjutcZPdnajLmCybRqMA0GCSqGSIb3DQEBBQUAA4GBAK7uzf7Jr0gLUDesavZo
+kJtn328tF8k8pdqtOdwqWweIJjgZMNaVzxBpx5IUg77xtY5v2ZFRxWOuHImsJ79P
+Ko9ODFdCCsmODPTzAvfqRLbkRwWvTnTkh4fZyHbtqzJ88DE0EBS8pjfN19wz2oLT
+1Jvp1c04zPqBX079X1MFXXb5
+-----END CERTIFICATE-----

data/test/fixture/imaps/server.key

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDbddBF3rHfv3GgDrCl5rz0HJ3lJWdkxXvL8a/Gvpqq6n4PzAWv
+70BpBrLJE51+66IG4up9B8fHmcf71bjrY3diKxgSw1NY0PXHQAwB0SaCNBYJ49xl
+9Ny7XaVBYOepdLrXTLajnMWMia/L6J8F/ur+ZCS/5+3j9tD81uv8BoIQ+wIDAQAB
+AoGAGtYHR+P5gFDaxiXFuCPFC1zMeg7e29XCU6gURIteQnQ2QhxCvcbV64HkLu51
+HeYWhB0Pa4aeCWxmpgb2e+JH4MEoIjeJSGyZQeqwkQLgWJDdvkgWx5am58QzA60I
+ipkZ9QHcPffSs5RiGx4yfr58KqAmwFphGCY8W7v4LqaENdECQQD9H5VTW9g4gj1c
+j3uNYvSI/D7a9P7gfI+ziczuwMm5xsBx3D/t5TAr3SJKNne3sl1E6ZERCUbzxf+C
+k58EiHx1AkEA3fRLGqDOq7EcQhbjTcA/v/t5MwlGEUsS9+XrqOWn50YuoIwRZJ3v
+qHRQzfQfFNklGtfBvwQ4md3irXjMeGVprwJBAMEAuwiDiHuV+xm/ofKtmE13IKot
+ksYy1BOOp/8IawhHXueyi+BmF/PqOkIiA+jCjNGF0oIN89beizPSQbbgJx0CQG/K
+qL1bu1ys0y/SeWBi8XkP/0aeaCUzq/UiYCTsrzoEll2UzvnftqMhGsXxLGqCyHaR
+r2s3hA6zvIVlL4+AfM8CQQClq+WDrC5VKciLYakZNWJjV1m+H2Ut/0fXdUjKHajE
+FWLcsrOhADf6bkTb71GwPxnKRkkRmud5upP0ZYYTqM4X
+-----END RSA PRIVATE KEY-----

data/test/fixture/key_then_cert.pem

@@ -0,0 +1,34 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDc7Lu/9x5FSdmq2tHkUy7qx+83PchU5iiFY20rWrH2yRBLGfbB
+GgmEXimSo2VdNG3QhHgg/Pvr5ZydtJX/z6Yb9NK8h+a5/mHfMS1mkXaM3PXgCLtk
+E/Ra91uQYR5nhTg8h8gepnXULXJEld//jYw+rqIWsj7VSPmSm5+sD1RL1wIDAQAB
+AoGAf//9S9zOwhBmt/IuV97GOSt78wKt1lq/sYEI2Gyk3bpi4VB6wijmyLWR2q8m
+5Jii44RM4bgR8fxIAKuHmP5jW42BMmconeeviMgGGKdnJ+U1kJcO4LuE7dg7RRbk
+6nhu56a8R/+ACaiMmqOl4TxpLxVqjho+BjFredn7YBpuRWECQQD2Hl1/DFT1nrFQ
+47NW2rTNZGj50J607uFBVevo8daTsbWAlBEvqA63r2+aTkd/TEvJPbIxTXMm7470
+hGJGPRKHAkEA5ctsNnghOKXVvbj41+TUqskwXv7IWTSQ1b/CdOkyoloQQA8YReB/
+3zsfCPSOqiYQIBHytQDw3w9I4FunRW5AMQJAOY0+NcBPeaQjOJQWUsAPuVu6hHg5
+NHwLpniOEsnCcIUEuU1me2tkDaXzhfS6GVVg/2zy5z6CJ9+q4Ri31k7frwJBAJxu
+fL4fzU3I5tZ+wzgFWRjiWQFyJGVFuYspPXFlBskq0oEpRXbcO3B1yMzJ3wzJWJTc
+YwMBHvhaaVwCSL6lLSECQDSyqJ4CUp6jZcb9oYJs+xymiY954lPlWeSiYLwFWFUB
+7yhmFaUAbqscQLpqddS292gyaDbOsIkOBynrJd99b/s=
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIDEjCCAfqgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBDMQswCQYDVQQGEwJKUDEP
+MA0GA1UECgwGU2FyaW9uMRQwEgYDVQQLDAtEZXZlbG9wbWVudDENMAsGA1UEAwwE
+U3ViMTAeFw0xMDEyMDcwNDM0NTRaFw0xMjEyMDYwNDM0NTRaMFIxCzAJBgNVBAYT
+AkpQMQ8wDQYDVQQKDAZTYXJpb24xFDASBgNVBAsMC0RldmVsb3BtZW50MRwwGgYD
+VQQDDBNzZXJ2ZXIxLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
+iQKBgQDc7Lu/9x5FSdmq2tHkUy7qx+83PchU5iiFY20rWrH2yRBLGfbBGgmEXimS
+o2VdNG3QhHgg/Pvr5ZydtJX/z6Yb9NK8h+a5/mHfMS1mkXaM3PXgCLtkE/Ra91uQ
+YR5nhTg8h8gepnXULXJEld//jYw+rqIWsj7VSPmSm5+sD1RL1wIDAQABo4GFMIGC
+MAwGA1UdEwEB/wQCMAAwMQYJYIZIAYb4QgENBCQWIlJ1YnkvT3BlblNTTCBHZW5l
+cmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFOF3EGASJTlqfvwR6KJlgBdNiPOP
+MAsGA1UdDwQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQUF
+AAOCAQEAQC9ZrlG9oayqKQ5HPq0QZVi+w7tb6HtErP39JEr0BsH+Wsja9/SND/bK
+VnbjmyiGXnazSPQRHkDWoEV1z8Tq8QwRoA5RgjDD5u1NU1wHQ95Um7NxhMcsjBMo
+0J/0dCI99XD8No4epKBWJNbTNB+C/3ZvF8gB/E7o9XNtj/hut6vpOXKRXDNwzz3g
+vQYPyKld+aKov9+9+AqXhZkpzVFc3CaKrOiYCnEIRmz6YLeWgN0xrBuqRCIpMNA5
+upUY06kQ9cuj4xpQwfxz8dx9DP6ht+W7bJOAFUGN8VcMca1vkcsQIWYf2Vf4Yrgi
+gLfQZXvROdjvHM4atTr0JVEPOEw2yw==
+-----END CERTIFICATE-----

data/test/openssl/test_pair.rb

@@ -7,10 +7,7 @@ require 'test/unit'
 if defined?(OpenSSL)
 
 require 'socket'
-dir = File.expand_path(__FILE__)
-2.times {dir = File.dirname(dir)}
-$:.replace([File.join(dir, "ruby")] | $:)
-require 'ut_eof'
+require File.join(File.dirname(__FILE__), "../ut_eof")
 
 module SSLPair
   def server

data/test/test_certificate.rb

@@ -57,9 +57,27 @@ nTA=
 END
 
     cert   = OpenSSL::X509::Certificate.new(pem_cert)
-    key_id = cert.extensions[2]
-
-    assert_equal "24:D1:34:18:66:91:2A:63:76:AA:19:CE:17:20:56:56:5E:10:8F:AA", key_id.value
+    cert.extensions.each do |ext|
+      value = ext.value
+      crit = ext.critical?
+      case ext.oid
+      when "keyUsage"
+        assert_equal true, crit
+        assert_equal "Key Cert Sign, cRLSign", value
+      when "basicConstraints"
+        assert_equal true, crit
+        assert_equal "CA:TRUE", value
+      when "authorityKeyIdentifier"
+        assert_equal false, crit
+        assert_equal "keyid:80:14:24:D1:34:18:66:91:2A:63:76:AA:19:CE:17:20:56:56:5E:10:8F:AA", value
+      when "subjectKeyIdentifier"
+        assert_equal false, crit
+        assert_equal "24:D1:34:18:66:91:2A:63:76:AA:19:CE:17:20:56:56:5E:10:8F:AA", value
+      when "nsComment"
+        assert_equal false, crit
+        assert_equal "Ruby/OpenSSL Generated Certificate", value
+      end
+    end
   end
 
   # JRUBY-5060
@@ -93,4 +111,13 @@ END
     assert(@cert.public_key.verify(digester, sig, msg))
     assert(@cert.verify(@cert.public_key))
   end
+
+  # JRUBY-5253
+  def test_load_key_and_cert_in_one_file
+    file = File.read(File.expand_path('fixture/key_then_cert.pem', File.dirname(__FILE__)))
+    cert = OpenSSL::X509::Certificate.new(file)
+    key = OpenSSL::PKey::RSA.new(file)
+    assert_equal("Tue Dec  7 04:34:54 2010", cert.not_before.asctime)
+    assert_equal(155138628173305760586484923990788939560020632428367464748448028799529480209574373402763304069949574437177088605664104864141770364385183263453740781162330879666907894314877641447552442838727890327086630369910941911916802731723019019303432276515402934176273116832204529025371212188573318159421452591783377914839, key.n)
+  end
 end

data/test/test_imaps.rb

@@ -0,0 +1,107 @@
+require "net/imap"
+require "test/unit"
+
+# This testcase is made for 1.8 based on test_imap.rb in CRuby 1.9
+class IMAPTest < Test::Unit::TestCase
+  CA_FILE = File.expand_path("fixture/imaps/cacert.pem", File.dirname(__FILE__))
+  SERVER_KEY = File.expand_path("fixture/imaps/server.key", File.dirname(__FILE__))
+  SERVER_CERT = File.expand_path("fixture/imaps/server.crt", File.dirname(__FILE__))
+
+  SERVER_ADDR = "127.0.0.1"
+
+  def setup
+    @do_not_reverse_lookup = Socket.do_not_reverse_lookup
+    Socket.do_not_reverse_lookup = true
+  end
+
+  def teardown
+    Socket.do_not_reverse_lookup = @do_not_reverse_lookup
+  end
+
+  def test_imaps_unknown_ca
+    assert_raise(OpenSSL::SSL::SSLError) do
+      imaps_test do |port|
+        Net::IMAP.new("localhost", port, true, nil, true)
+      end
+    end
+  end
+
+  def test_imaps_with_ca_file
+    assert_nothing_raised do
+      imaps_test do |port|
+        Net::IMAP.new("localhost", port, true, CA_FILE, true)
+      end
+    end
+  end
+
+  def test_imaps_login
+    assert_raises(Net::IMAP::ByeResponseError) do
+      imaps_test do |port|
+        imaps = Net::IMAP.new("localhost", port, true, CA_FILE, true)
+        imaps.login('foo@bar.com', 'wrong password')
+        imaps
+      end
+    end
+  end
+
+  def test_imaps_verify_none
+    assert_nothing_raised do
+      imaps_test do |port|
+        Net::IMAP.new(SERVER_ADDR, port, true, nil, false)
+      end
+    end
+  end
+
+  def test_imaps_post_connection_check
+    assert_raise(OpenSSL::SSL::SSLError) do
+      imaps_test do |port|
+        # SERVER_ADDR is different from the hostname in the certificate,
+        # so the following code should raise a SSLError.
+        Net::IMAP.new(SERVER_ADDR, port, true, CA_FILE, true)
+      end
+    end
+  end
+
+private
+
+  def imaps_test
+    server = create_tcp_server
+    port = server.addr[1]
+    ctx = OpenSSL::SSL::SSLContext.new
+    ctx.ca_file = CA_FILE
+    ctx.key = OpenSSL::PKey::RSA.new(File.read(SERVER_KEY))
+    ctx.cert = OpenSSL::X509::Certificate.new(File.read(SERVER_CERT))
+    ssl_server = OpenSSL::SSL::SSLServer.new(server, ctx)
+    Thread.start do
+      begin
+        sock = ssl_server.accept
+        begin
+          sock.print("* OK test server\r\n")
+          sock.read(10) # emulates half-read for JRUBY-5200
+          sock.print("* BYE terminating connection\r\n")
+          sock.print("RUBY0001 OK LOGOUT completed\r\n")
+          sock.gets
+        ensure
+          sock.close
+        end
+      rescue
+      end
+    end
+    begin
+      begin
+        imap = yield(port)
+        imap.logout if !imap.disconnected?
+      ensure
+        imap.disconnect if imap && !imap.disconnected?
+      end
+    rescue IOError
+      # ignore
+    ensure
+      ssl_server.close
+    end
+  end
+
+  def create_tcp_server
+    return TCPServer.new(SERVER_ADDR, 0)
+  end
+end

data/test/test_integration.rb

@@ -112,7 +112,9 @@ class TestIntegration < Test::Unit::TestCase
     str = "string abc foo bar baxz"
         
     cipher = OpenSSL::Cipher::Cipher.new(alg)
-    cipher.encrypt(key, iv)
+    cipher.encrypt
+    cipher.key = key
+    cipher.iv = iv
     cipher.padding = 32
     cipher.key = key
     cipher.iv = iv

data/test/test_java.rb

@@ -1,4 +1,4 @@
-$:.unshift File.join(File.dirname(__FILE__), '..', 'mocha', 'lib')
+$:.unshift File.join(File.dirname(__FILE__), '..', 'build_lib', 'mocha', 'lib')
 
 require "test/unit"
 require 'mocha'

data/test/test_ssl.rb

@@ -3,7 +3,7 @@ require 'test/unit'
 require 'webrick/https'
 require 'net/https'
 require 'logger'
-require File.expand_path('openssl/utils', File.dirname(__FILE__))
+require File.join(File.dirname(__FILE__), "openssl/utils.rb")
 
 
 class TestSSL < Test::Unit::TestCase

metadata

@@ -1,12 +1,8 @@
 --- !ruby/object:Gem::Specification 
 name: jruby-openssl
 version: !ruby/object:Gem::Version 
-  prerelease: false
-  segments: 
-    - 0
-    - 7
-    - 2
-  version: 0.7.2
+  prerelease: 
+  version: 0.7.3
 platform: ruby
 authors: 
   - Ola Bini and JRuby contributors
@@ -14,7 +10,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-11-03 00:00:00 -05:00
+date: 2011-01-21 00:00:00 +09:00
 default_executable: 
 dependencies: 
   - !ruby/object:Gem::Dependency 
@@ -25,26 +21,9 @@ dependencies:
       requirements: 
         - - ">="
           - !ruby/object:Gem::Version 
-            segments: 
-              - 0
             version: "0"
     type: :runtime
     version_requirements: *id001
-  - !ruby/object:Gem::Dependency 
-    name: rubyforge
-    prerelease: false
-    requirement: &id002 !ruby/object:Gem::Requirement 
-      none: false
-      requirements: 
-        - - ">="
-          - !ruby/object:Gem::Version 
-            segments: 
-              - 2
-              - 0
-              - 4
-            version: 2.0.4
-    type: :development
-    version_requirements: *id002
 description: JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library.
 email: ola.bini@gmail.com
 executables: []
@@ -64,93 +43,98 @@ files:
   - License.txt
   - lib/jopenssl.jar
   - lib/openssl.rb
-  - lib/jopenssl/version.rb
-  - lib/openssl/bn.rb
-  - lib/openssl/buffering.rb
-  - lib/openssl/cipher.rb
-  - lib/openssl/config.rb
-  - lib/openssl/digest.rb
   - lib/openssl/dummy.rb
   - lib/openssl/dummyssl.rb
-  - lib/openssl/pkcs7.rb
+  - lib/openssl/config.rb
+  - lib/openssl/cipher.rb
   - lib/openssl/ssl.rb
+  - lib/openssl/bn.rb
   - lib/openssl/x509.rb
-  - test/cert_with_ec_pk.cer
+  - lib/openssl/digest.rb
+  - lib/openssl/buffering.rb
+  - lib/openssl/pkcs7.rb
+  - lib/jopenssl/version.rb
+  - test/test_imaps.rb
   - test/test_all.rb
-  - test/test_certificate.rb
-  - test/test_cipher.rb
   - test/test_integration.rb
+  - test/ut_eof.rb
   - test/test_java.rb
   - test/test_openssl.rb
-  - test/test_parse_certificate.rb
-  - test/test_pkcs7.rb
   - test/test_pkey.rb
-  - test/test_ssl.rb
+  - test/test_cipher.rb
+  - test/cert_with_ec_pk.cer
+  - test/test_pkcs7.rb
   - test/test_x509store.rb
-  - test/ut_eof.rb
-  - test/fixture/ca-bundle.crt
+  - test/test_certificate.rb
+  - test/test_parse_certificate.rb
+  - test/test_ssl.rb
+  - test/openssl/test_x509name.rb
+  - test/openssl/test_ns_spki.rb
+  - test/openssl/test_x509cert.rb
+  - test/openssl/ssl_server.rb
+  - test/openssl/test_pair.rb
+  - test/openssl/test_ec.rb
+  - test/openssl/test_config.rb
+  - test/openssl/utils.rb
+  - test/openssl/test_x509req.rb
+  - test/openssl/test_cipher.rb
+  - test/openssl/test_digest.rb
+  - test/openssl/test_x509ext.rb
+  - test/openssl/test_asn1.rb
+  - test/openssl/test_pkcs7.rb
+  - test/openssl/test_x509store.rb
+  - test/openssl/test_pkey_rsa.rb
+  - test/openssl/test_ssl.rb
+  - test/openssl/test_x509crl.rb
+  - test/openssl/test_hmac.rb
+  - test/ref/compile.rb
+  - test/ref/a.out
+  - test/ref/pkcs1
+  - test/ref/pkcs1.c
   - test/fixture/cacert.pem
-  - test/fixture/cert_localhost.pem
+  - test/fixture/ca-bundle.crt
   - test/fixture/common.pem
-  - test/fixture/keypair.pem
-  - test/fixture/localhost_keypair.pem
-  - test/fixture/max.pem
-  - test/fixture/selfcert.pem
+  - test/fixture/key_then_cert.pem
   - test/fixture/verisign.pem
+  - test/fixture/cert_localhost.pem
+  - test/fixture/localhost_keypair.pem
   - test/fixture/verisign_c3.pem
-  - test/fixture/ca_path/72fa7371.0
-  - test/fixture/ca_path/verisign.pem
-  - test/fixture/purpose/b70a5bc1.0
+  - test/fixture/selfcert.pem
+  - test/fixture/max.pem
+  - test/fixture/keypair.pem
   - test/fixture/purpose/cacert.pem
+  - test/fixture/purpose/b70a5bc1.0
   - test/fixture/purpose/sslclient.pem
   - test/fixture/purpose/sslserver.pem
-  - test/fixture/purpose/ca/ca_config.rb
+  - test/fixture/purpose/sslclient/sslclient.pem
+  - test/fixture/purpose/sslclient/csr.pem
+  - test/fixture/purpose/sslclient/keypair.pem
   - test/fixture/purpose/ca/cacert.pem
   - test/fixture/purpose/ca/PASSWD_OF_CA_KEY_IS_1234
+  - test/fixture/purpose/ca/ca_config.rb
   - test/fixture/purpose/ca/serial
   - test/fixture/purpose/ca/newcerts/2_cert.pem
   - test/fixture/purpose/ca/newcerts/3_cert.pem
   - test/fixture/purpose/ca/private/cakeypair.pem
   - test/fixture/purpose/scripts/gen_cert.rb
-  - test/fixture/purpose/scripts/gen_csr.rb
   - test/fixture/purpose/scripts/init_ca.rb
-  - test/fixture/purpose/sslclient/csr.pem
-  - test/fixture/purpose/sslclient/keypair.pem
-  - test/fixture/purpose/sslclient/sslclient.pem
+  - test/fixture/purpose/scripts/gen_csr.rb
+  - test/fixture/purpose/sslserver/sslserver.pem
   - test/fixture/purpose/sslserver/csr.pem
   - test/fixture/purpose/sslserver/keypair.pem
-  - test/fixture/purpose/sslserver/sslserver.pem
+  - test/fixture/imaps/cacert.pem
+  - test/fixture/imaps/server.crt
+  - test/fixture/imaps/server.key
+  - test/fixture/ca_path/verisign.pem
+  - test/fixture/ca_path/72fa7371.0
   - test/java/pkcs7_mime_enveloped.message
   - test/java/pkcs7_mime_signed.message
-  - test/java/pkcs7_multipart_signed.message
-  - test/java/test_java_attribute.rb
+  - test/java/test_java_pkcs7.rb
   - test/java/test_java_bio.rb
+  - test/java/pkcs7_multipart_signed.message
   - test/java/test_java_mime.rb
-  - test/java/test_java_pkcs7.rb
+  - test/java/test_java_attribute.rb
   - test/java/test_java_smime.rb
-  - test/openssl/ssl_server.rb
-  - test/openssl/test_asn1.rb
-  - test/openssl/test_cipher.rb
-  - test/openssl/test_config.rb
-  - test/openssl/test_digest.rb
-  - test/openssl/test_ec.rb
-  - test/openssl/test_hmac.rb
-  - test/openssl/test_ns_spki.rb
-  - test/openssl/test_pair.rb
-  - test/openssl/test_pkcs7.rb
-  - test/openssl/test_pkey_rsa.rb
-  - test/openssl/test_ssl.rb
-  - test/openssl/test_x509cert.rb
-  - test/openssl/test_x509crl.rb
-  - test/openssl/test_x509ext.rb
-  - test/openssl/test_x509name.rb
-  - test/openssl/test_x509req.rb
-  - test/openssl/test_x509store.rb
-  - test/openssl/utils.rb
-  - test/ref/a.out
-  - test/ref/compile.rb
-  - test/ref/pkcs1
-  - test/ref/pkcs1.c
 has_rdoc: true
 homepage: http://jruby-extras.rubyforge.org/jruby-openssl
 licenses: []
@@ -166,21 +150,17 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
-        segments: 
-          - 0
         version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement 
   none: false
   requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
-        segments: 
-          - 0
         version: "0"
 requirements: []
 
 rubyforge_project: jruby-extras
-rubygems_version: 1.3.7
+rubygems_version: 1.4.2
 signing_key: 
 specification_version: 3
 summary: OpenSSL add-on for JRuby