openssl 2.0.0.beta.1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of openssl might be problematic. Click here for more details.

Files changed (71) hide show
  1. checksums.yaml +7 -0
  2. data/BSDL +22 -0
  3. data/CONTRIBUTING.md +130 -0
  4. data/History.md +118 -0
  5. data/LICENSE.txt +56 -0
  6. data/README.md +70 -0
  7. data/ext/openssl/deprecation.rb +26 -0
  8. data/ext/openssl/extconf.rb +158 -0
  9. data/ext/openssl/openssl_missing.c +173 -0
  10. data/ext/openssl/openssl_missing.h +244 -0
  11. data/ext/openssl/ossl.c +1201 -0
  12. data/ext/openssl/ossl.h +222 -0
  13. data/ext/openssl/ossl_asn1.c +1992 -0
  14. data/ext/openssl/ossl_asn1.h +66 -0
  15. data/ext/openssl/ossl_bio.c +87 -0
  16. data/ext/openssl/ossl_bio.h +19 -0
  17. data/ext/openssl/ossl_bn.c +1153 -0
  18. data/ext/openssl/ossl_bn.h +23 -0
  19. data/ext/openssl/ossl_cipher.c +1085 -0
  20. data/ext/openssl/ossl_cipher.h +20 -0
  21. data/ext/openssl/ossl_config.c +89 -0
  22. data/ext/openssl/ossl_config.h +19 -0
  23. data/ext/openssl/ossl_digest.c +453 -0
  24. data/ext/openssl/ossl_digest.h +20 -0
  25. data/ext/openssl/ossl_engine.c +580 -0
  26. data/ext/openssl/ossl_engine.h +19 -0
  27. data/ext/openssl/ossl_hmac.c +398 -0
  28. data/ext/openssl/ossl_hmac.h +18 -0
  29. data/ext/openssl/ossl_ns_spki.c +406 -0
  30. data/ext/openssl/ossl_ns_spki.h +19 -0
  31. data/ext/openssl/ossl_ocsp.c +2013 -0
  32. data/ext/openssl/ossl_ocsp.h +23 -0
  33. data/ext/openssl/ossl_pkcs12.c +259 -0
  34. data/ext/openssl/ossl_pkcs12.h +13 -0
  35. data/ext/openssl/ossl_pkcs5.c +180 -0
  36. data/ext/openssl/ossl_pkcs5.h +6 -0
  37. data/ext/openssl/ossl_pkcs7.c +1125 -0
  38. data/ext/openssl/ossl_pkcs7.h +20 -0
  39. data/ext/openssl/ossl_pkey.c +435 -0
  40. data/ext/openssl/ossl_pkey.h +245 -0
  41. data/ext/openssl/ossl_pkey_dh.c +650 -0
  42. data/ext/openssl/ossl_pkey_dsa.c +672 -0
  43. data/ext/openssl/ossl_pkey_ec.c +1899 -0
  44. data/ext/openssl/ossl_pkey_rsa.c +768 -0
  45. data/ext/openssl/ossl_rand.c +238 -0
  46. data/ext/openssl/ossl_rand.h +18 -0
  47. data/ext/openssl/ossl_ssl.c +2679 -0
  48. data/ext/openssl/ossl_ssl.h +41 -0
  49. data/ext/openssl/ossl_ssl_session.c +352 -0
  50. data/ext/openssl/ossl_version.h +15 -0
  51. data/ext/openssl/ossl_x509.c +186 -0
  52. data/ext/openssl/ossl_x509.h +119 -0
  53. data/ext/openssl/ossl_x509attr.c +328 -0
  54. data/ext/openssl/ossl_x509cert.c +860 -0
  55. data/ext/openssl/ossl_x509crl.c +565 -0
  56. data/ext/openssl/ossl_x509ext.c +480 -0
  57. data/ext/openssl/ossl_x509name.c +547 -0
  58. data/ext/openssl/ossl_x509req.c +492 -0
  59. data/ext/openssl/ossl_x509revoked.c +279 -0
  60. data/ext/openssl/ossl_x509store.c +846 -0
  61. data/ext/openssl/ruby_missing.h +32 -0
  62. data/lib/openssl.rb +21 -0
  63. data/lib/openssl/bn.rb +39 -0
  64. data/lib/openssl/buffering.rb +451 -0
  65. data/lib/openssl/cipher.rb +67 -0
  66. data/lib/openssl/config.rb +473 -0
  67. data/lib/openssl/digest.rb +78 -0
  68. data/lib/openssl/pkey.rb +44 -0
  69. data/lib/openssl/ssl.rb +416 -0
  70. data/lib/openssl/x509.rb +176 -0
  71. metadata +178 -0
@@ -0,0 +1,32 @@
1
+ /*
2
+ * 'OpenSSL for Ruby' project
3
+ * Copyright (C) 2001-2003 Michal Rokos <m.rokos@sh.cvut.cz>
4
+ * All rights reserved.
5
+ */
6
+ /*
7
+ * This program is licensed under the same licence as Ruby.
8
+ * (See the file 'LICENCE'.)
9
+ */
10
+ #if !defined(_OSSL_RUBY_MISSING_H_)
11
+ #define _OSSL_RUBY_MISSING_H_
12
+
13
+ #define rb_define_copy_func(klass, func) \
14
+ rb_define_method((klass), "initialize_copy", (func), 1)
15
+
16
+
17
+ #ifndef GetReadFile
18
+ #define FPTR_TO_FD(fptr) ((fptr)->fd)
19
+ #else
20
+ #define FPTR_TO_FD(fptr) (fileno(GetReadFile(fptr)))
21
+ #endif
22
+
23
+ #ifndef HAVE_RB_IO_T
24
+ #define rb_io_t OpenFile
25
+ #endif
26
+
27
+ #ifndef RB_INTEGER_TYPE_P
28
+ /* for Ruby 2.3 compatibility */
29
+ #define RB_INTEGER_TYPE_P(obj) (RB_FIXNUM_P(obj) || RB_TYPE_P(obj, T_BIGNUM))
30
+ #endif
31
+
32
+ #endif /* _OSSL_RUBY_MISSING_H_ */
@@ -0,0 +1,21 @@
1
+ # frozen_string_literal: false
2
+ =begin
3
+ = Info
4
+ 'OpenSSL for Ruby 2' project
5
+ Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz>
6
+ All rights reserved.
7
+
8
+ = Licence
9
+ This program is licensed under the same licence as Ruby.
10
+ (See the file 'LICENCE'.)
11
+ =end
12
+
13
+ require 'openssl.so'
14
+
15
+ require 'openssl/bn'
16
+ require 'openssl/pkey'
17
+ require 'openssl/cipher'
18
+ require 'openssl/config'
19
+ require 'openssl/digest'
20
+ require 'openssl/x509'
21
+ require 'openssl/ssl'
@@ -0,0 +1,39 @@
1
+ # frozen_string_literal: false
2
+ #--
3
+ #
4
+ # = Ruby-space definitions that completes C-space funcs for BN
5
+ #
6
+ # = Info
7
+ # 'OpenSSL for Ruby 2' project
8
+ # Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz>
9
+ # All rights reserved.
10
+ #
11
+ # = Licence
12
+ # This program is licensed under the same licence as Ruby.
13
+ # (See the file 'LICENCE'.)
14
+ #++
15
+
16
+ module OpenSSL
17
+ class BN
18
+ include Comparable
19
+
20
+ def pretty_print(q)
21
+ q.object_group(self) {
22
+ q.text ' '
23
+ q.text to_i.to_s
24
+ }
25
+ end
26
+ end # BN
27
+ end # OpenSSL
28
+
29
+ ##
30
+ # Add double dispatch to Integer
31
+ #
32
+ class Integer
33
+ # Casts an Integer as an OpenSSL::BN
34
+ #
35
+ # See `man bn` for more info.
36
+ def to_bn
37
+ OpenSSL::BN::new(self)
38
+ end
39
+ end # Integer
@@ -0,0 +1,451 @@
1
+ # coding: binary
2
+ # frozen_string_literal: false
3
+ #--
4
+ #= Info
5
+ # 'OpenSSL for Ruby 2' project
6
+ # Copyright (C) 2001 GOTOU YUUZOU <gotoyuzo@notwork.org>
7
+ # All rights reserved.
8
+ #
9
+ #= Licence
10
+ # This program is licensed under the same licence as Ruby.
11
+ # (See the file 'LICENCE'.)
12
+ #++
13
+
14
+ ##
15
+ # OpenSSL IO buffering mix-in module.
16
+ #
17
+ # This module allows an OpenSSL::SSL::SSLSocket to behave like an IO.
18
+ #
19
+ # You typically won't use this module directly, you can see it implemented in
20
+ # OpenSSL::SSL::SSLSocket.
21
+
22
+ module OpenSSL::Buffering
23
+ include Enumerable
24
+
25
+ ##
26
+ # The "sync mode" of the SSLSocket.
27
+ #
28
+ # See IO#sync for full details.
29
+
30
+ attr_accessor :sync
31
+
32
+ ##
33
+ # Default size to read from or write to the SSLSocket for buffer operations.
34
+
35
+ BLOCK_SIZE = 1024*16
36
+
37
+ ##
38
+ # Creates an instance of OpenSSL's buffering IO module.
39
+
40
+ def initialize(*)
41
+ super
42
+ @eof = false
43
+ @rbuffer = ""
44
+ @sync = @io.sync
45
+ end
46
+
47
+ #
48
+ # for reading.
49
+ #
50
+ private
51
+
52
+ ##
53
+ # Fills the buffer from the underlying SSLSocket
54
+
55
+ def fill_rbuff
56
+ begin
57
+ @rbuffer << self.sysread(BLOCK_SIZE)
58
+ rescue Errno::EAGAIN
59
+ retry
60
+ rescue EOFError
61
+ @eof = true
62
+ end
63
+ end
64
+
65
+ ##
66
+ # Consumes +size+ bytes from the buffer
67
+
68
+ def consume_rbuff(size=nil)
69
+ if @rbuffer.empty?
70
+ nil
71
+ else
72
+ size = @rbuffer.size unless size
73
+ ret = @rbuffer[0, size]
74
+ @rbuffer[0, size] = ""
75
+ ret
76
+ end
77
+ end
78
+
79
+ public
80
+
81
+ ##
82
+ # Reads +size+ bytes from the stream. If +buf+ is provided it must
83
+ # reference a string which will receive the data.
84
+ #
85
+ # See IO#read for full details.
86
+
87
+ def read(size=nil, buf=nil)
88
+ if size == 0
89
+ if buf
90
+ buf.clear
91
+ return buf
92
+ else
93
+ return ""
94
+ end
95
+ end
96
+ until @eof
97
+ break if size && size <= @rbuffer.size
98
+ fill_rbuff
99
+ end
100
+ ret = consume_rbuff(size) || ""
101
+ if buf
102
+ buf.replace(ret)
103
+ ret = buf
104
+ end
105
+ (size && ret.empty?) ? nil : ret
106
+ end
107
+
108
+ ##
109
+ # Reads at most +maxlen+ bytes from the stream. If +buf+ is provided it
110
+ # must reference a string which will receive the data.
111
+ #
112
+ # See IO#readpartial for full details.
113
+
114
+ def readpartial(maxlen, buf=nil)
115
+ if maxlen == 0
116
+ if buf
117
+ buf.clear
118
+ return buf
119
+ else
120
+ return ""
121
+ end
122
+ end
123
+ if @rbuffer.empty?
124
+ begin
125
+ return sysread(maxlen, buf)
126
+ rescue Errno::EAGAIN
127
+ retry
128
+ end
129
+ end
130
+ ret = consume_rbuff(maxlen)
131
+ if buf
132
+ buf.replace(ret)
133
+ ret = buf
134
+ end
135
+ ret
136
+ end
137
+
138
+ ##
139
+ # Reads at most +maxlen+ bytes in the non-blocking manner.
140
+ #
141
+ # When no data can be read without blocking it raises
142
+ # OpenSSL::SSL::SSLError extended by IO::WaitReadable or IO::WaitWritable.
143
+ #
144
+ # IO::WaitReadable means SSL needs to read internally so read_nonblock
145
+ # should be called again when the underlying IO is readable.
146
+ #
147
+ # IO::WaitWritable means SSL needs to write internally so read_nonblock
148
+ # should be called again after the underlying IO is writable.
149
+ #
150
+ # OpenSSL::Buffering#read_nonblock needs two rescue clause as follows:
151
+ #
152
+ # # emulates blocking read (readpartial).
153
+ # begin
154
+ # result = ssl.read_nonblock(maxlen)
155
+ # rescue IO::WaitReadable
156
+ # IO.select([io])
157
+ # retry
158
+ # rescue IO::WaitWritable
159
+ # IO.select(nil, [io])
160
+ # retry
161
+ # end
162
+ #
163
+ # Note that one reason that read_nonblock writes to the underlying IO is
164
+ # when the peer requests a new TLS/SSL handshake. See openssl the FAQ for
165
+ # more details. http://www.openssl.org/support/faq.html
166
+
167
+ def read_nonblock(maxlen, buf=nil, exception: true)
168
+ if maxlen == 0
169
+ if buf
170
+ buf.clear
171
+ return buf
172
+ else
173
+ return ""
174
+ end
175
+ end
176
+ if @rbuffer.empty?
177
+ return sysread_nonblock(maxlen, buf, exception: exception)
178
+ end
179
+ ret = consume_rbuff(maxlen)
180
+ if buf
181
+ buf.replace(ret)
182
+ ret = buf
183
+ end
184
+ ret
185
+ end
186
+
187
+ ##
188
+ # Reads the next "line+ from the stream. Lines are separated by +eol+. If
189
+ # +limit+ is provided the result will not be longer than the given number of
190
+ # bytes.
191
+ #
192
+ # +eol+ may be a String or Regexp.
193
+ #
194
+ # Unlike IO#gets the line read will not be assigned to +$_+.
195
+ #
196
+ # Unlike IO#gets the separator must be provided if a limit is provided.
197
+
198
+ def gets(eol=$/, limit=nil)
199
+ idx = @rbuffer.index(eol)
200
+ until @eof
201
+ break if idx
202
+ fill_rbuff
203
+ idx = @rbuffer.index(eol)
204
+ end
205
+ if eol.is_a?(Regexp)
206
+ size = idx ? idx+$&.size : nil
207
+ else
208
+ size = idx ? idx+eol.size : nil
209
+ end
210
+ if size && limit && limit >= 0
211
+ size = [size, limit].min
212
+ end
213
+ consume_rbuff(size)
214
+ end
215
+
216
+ ##
217
+ # Executes the block for every line in the stream where lines are separated
218
+ # by +eol+.
219
+ #
220
+ # See also #gets
221
+
222
+ def each(eol=$/)
223
+ while line = self.gets(eol)
224
+ yield line
225
+ end
226
+ end
227
+ alias each_line each
228
+
229
+ ##
230
+ # Reads lines from the stream which are separated by +eol+.
231
+ #
232
+ # See also #gets
233
+
234
+ def readlines(eol=$/)
235
+ ary = []
236
+ while line = self.gets(eol)
237
+ ary << line
238
+ end
239
+ ary
240
+ end
241
+
242
+ ##
243
+ # Reads a line from the stream which is separated by +eol+.
244
+ #
245
+ # Raises EOFError if at end of file.
246
+
247
+ def readline(eol=$/)
248
+ raise EOFError if eof?
249
+ gets(eol)
250
+ end
251
+
252
+ ##
253
+ # Reads one character from the stream. Returns nil if called at end of
254
+ # file.
255
+
256
+ def getc
257
+ read(1)
258
+ end
259
+
260
+ ##
261
+ # Calls the given block once for each byte in the stream.
262
+
263
+ def each_byte # :yields: byte
264
+ while c = getc
265
+ yield(c.ord)
266
+ end
267
+ end
268
+
269
+ ##
270
+ # Reads a one-character string from the stream. Raises an EOFError at end
271
+ # of file.
272
+
273
+ def readchar
274
+ raise EOFError if eof?
275
+ getc
276
+ end
277
+
278
+ ##
279
+ # Pushes character +c+ back onto the stream such that a subsequent buffered
280
+ # character read will return it.
281
+ #
282
+ # Unlike IO#getc multiple bytes may be pushed back onto the stream.
283
+ #
284
+ # Has no effect on unbuffered reads (such as #sysread).
285
+
286
+ def ungetc(c)
287
+ @rbuffer[0,0] = c.chr
288
+ end
289
+
290
+ ##
291
+ # Returns true if the stream is at file which means there is no more data to
292
+ # be read.
293
+
294
+ def eof?
295
+ fill_rbuff if !@eof && @rbuffer.empty?
296
+ @eof && @rbuffer.empty?
297
+ end
298
+ alias eof eof?
299
+
300
+ #
301
+ # for writing.
302
+ #
303
+ private
304
+
305
+ ##
306
+ # Writes +s+ to the buffer. When the buffer is full or #sync is true the
307
+ # buffer is flushed to the underlying socket.
308
+
309
+ def do_write(s)
310
+ @wbuffer = "" unless defined? @wbuffer
311
+ @wbuffer << s
312
+ @wbuffer.force_encoding(Encoding::BINARY)
313
+ @sync ||= false
314
+ if @sync or @wbuffer.size > BLOCK_SIZE or idx = @wbuffer.rindex($/)
315
+ remain = idx ? idx + $/.size : @wbuffer.length
316
+ nwritten = 0
317
+ while remain > 0
318
+ str = @wbuffer[nwritten,remain]
319
+ begin
320
+ nwrote = syswrite(str)
321
+ rescue Errno::EAGAIN
322
+ retry
323
+ end
324
+ remain -= nwrote
325
+ nwritten += nwrote
326
+ end
327
+ @wbuffer[0,nwritten] = ""
328
+ end
329
+ end
330
+
331
+ public
332
+
333
+ ##
334
+ # Writes +s+ to the stream. If the argument is not a string it will be
335
+ # converted using String#to_s. Returns the number of bytes written.
336
+
337
+ def write(s)
338
+ do_write(s)
339
+ s.bytesize
340
+ end
341
+
342
+ ##
343
+ # Writes +str+ in the non-blocking manner.
344
+ #
345
+ # If there is buffered data, it is flushed first. This may block.
346
+ #
347
+ # write_nonblock returns number of bytes written to the SSL connection.
348
+ #
349
+ # When no data can be written without blocking it raises
350
+ # OpenSSL::SSL::SSLError extended by IO::WaitReadable or IO::WaitWritable.
351
+ #
352
+ # IO::WaitReadable means SSL needs to read internally so write_nonblock
353
+ # should be called again after the underlying IO is readable.
354
+ #
355
+ # IO::WaitWritable means SSL needs to write internally so write_nonblock
356
+ # should be called again after underlying IO is writable.
357
+ #
358
+ # So OpenSSL::Buffering#write_nonblock needs two rescue clause as follows.
359
+ #
360
+ # # emulates blocking write.
361
+ # begin
362
+ # result = ssl.write_nonblock(str)
363
+ # rescue IO::WaitReadable
364
+ # IO.select([io])
365
+ # retry
366
+ # rescue IO::WaitWritable
367
+ # IO.select(nil, [io])
368
+ # retry
369
+ # end
370
+ #
371
+ # Note that one reason that write_nonblock reads from the underlying IO
372
+ # is when the peer requests a new TLS/SSL handshake. See the openssl FAQ
373
+ # for more details. http://www.openssl.org/support/faq.html
374
+
375
+ def write_nonblock(s, exception: true)
376
+ flush
377
+ syswrite_nonblock(s, exception: exception)
378
+ end
379
+
380
+ ##
381
+ # Writes +s+ to the stream. +s+ will be converted to a String using
382
+ # String#to_s.
383
+
384
+ def << (s)
385
+ do_write(s)
386
+ self
387
+ end
388
+
389
+ ##
390
+ # Writes +args+ to the stream along with a record separator.
391
+ #
392
+ # See IO#puts for full details.
393
+
394
+ def puts(*args)
395
+ s = ""
396
+ if args.empty?
397
+ s << "\n"
398
+ end
399
+ args.each{|arg|
400
+ s << arg.to_s
401
+ if $/ && /\n\z/ !~ s
402
+ s << "\n"
403
+ end
404
+ }
405
+ do_write(s)
406
+ nil
407
+ end
408
+
409
+ ##
410
+ # Writes +args+ to the stream.
411
+ #
412
+ # See IO#print for full details.
413
+
414
+ def print(*args)
415
+ s = ""
416
+ args.each{ |arg| s << arg.to_s }
417
+ do_write(s)
418
+ nil
419
+ end
420
+
421
+ ##
422
+ # Formats and writes to the stream converting parameters under control of
423
+ # the format string.
424
+ #
425
+ # See Kernel#sprintf for format string details.
426
+
427
+ def printf(s, *args)
428
+ do_write(s % args)
429
+ nil
430
+ end
431
+
432
+ ##
433
+ # Flushes buffered data to the SSLSocket.
434
+
435
+ def flush
436
+ osync = @sync
437
+ @sync = true
438
+ do_write ""
439
+ return self
440
+ ensure
441
+ @sync = osync
442
+ end
443
+
444
+ ##
445
+ # Closes the SSLSocket and flushes any unwritten data.
446
+
447
+ def close
448
+ flush rescue nil
449
+ sysclose
450
+ end
451
+ end