openssl 2.0.1 → 2.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: cc80177aa96ab17f6920d0e790efce7b53562e92
-  data.tar.gz: dfc39bf0895ae109cb29de4df756695676ee2b39
+  metadata.gz: a5fc7434da3c037df14f771cf28ecfe09aca0913
+  data.tar.gz: 15266849694e11a7c9b613daac1d72c05381ac2d
 SHA512:
-  metadata.gz: 65a3823e00d851a8ced0f6beabc81ec3a100ad01fe4da8e41ca3ae5763fd45c284717ffd1f7257fc632b492662c8234b686dacf12e0a6097727f886bef884dff
-  data.tar.gz: 66c8d3f98438ef4f8e1dae8658551d5cd92a9ba138ad4ecb0d82b70911e3cf4f54e4095d489ba174d2f20ca5e29ff7c2c64a2d490fa1c29b9636606071d6b94f
+  metadata.gz: 4ba1268157ef5e5cf7972df04b0f189412aa3ed66e7d510f4cb2afd2e16010f02eaaf8cd4bfa63919995f0e9258c14004874be7857c81ffa37a33c639f56c57f
+  data.tar.gz: ee568fed49aa95b9daf6c0dd58bf140f3af1dbc61f4041d5e3203568a5361f9817be92e0738fc64de1727d82a3be06d2806616b8a31279ce935e994bf23d11ab

data/ext/openssl/extconf.rb

@@ -81,6 +81,7 @@ engines.each { |name|
 # added in 0.9.8X
 have_func("EVP_CIPHER_CTX_new")
 have_func("EVP_CIPHER_CTX_free")
+OpenSSL.check_func_or_macro("SSL_CTX_clear_options", "openssl/ssl.h")
 
 # added in 1.0.0
 have_func("ASN1_TIME_adj")
@@ -143,6 +144,7 @@ OpenSSL.check_func_or_macro("SSL_CTX_set_tmp_ecdh_callback", "openssl/ssl.h") #
 OpenSSL.check_func_or_macro("SSL_CTX_set_min_proto_version", "openssl/ssl.h")
 have_func("SSL_CTX_get_security_level")
 have_func("X509_get0_notBefore")
+have_func("SSL_SESSION_get_protocol_version")
 
 Logging::message "=== Checking done. ===\n"
 

data/ext/openssl/openssl_missing.c

@@ -23,7 +23,7 @@
 /* added in 0.9.8X */
 #if !defined(HAVE_EVP_CIPHER_CTX_NEW)
 EVP_CIPHER_CTX *
-EVP_CIPHER_CTX_new(void)
+ossl_EVP_CIPHER_CTX_new(void)
 {
     EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof(EVP_CIPHER_CTX));
     if (!ctx)
@@ -35,7 +35,7 @@ EVP_CIPHER_CTX_new(void)
 
 #if !defined(HAVE_EVP_CIPHER_CTX_FREE)
 void
-EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
+ossl_EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
 {
     if (ctx) {
 	EVP_CIPHER_CTX_cleanup(ctx);
@@ -52,7 +52,7 @@ EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
  * tested on 0.9.7d.
  */
 int
-EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
+ossl_EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
 {
     memcpy(out, in, sizeof(EVP_CIPHER_CTX));
 
@@ -71,7 +71,7 @@ EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
 #if !defined(OPENSSL_NO_HMAC)
 #if !defined(HAVE_HMAC_CTX_COPY)
 int
-HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in)
+ossl_HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in)
 {
     if (!out || !in)
 	return 0;
@@ -112,7 +112,7 @@ static struct {
 };
 
 int
-EC_curve_nist2nid(const char *name)
+ossl_EC_curve_nist2nid(const char *name)
 {
     size_t i;
     for (i = 0; i < (sizeof(nist_curves) / sizeof(nist_curves[0])); i++) {
@@ -127,7 +127,7 @@ EC_curve_nist2nid(const char *name)
 /*** added in 1.1.0 ***/
 #if !defined(HAVE_HMAC_CTX_NEW)
 HMAC_CTX *
-HMAC_CTX_new(void)
+ossl_HMAC_CTX_new(void)
 {
     HMAC_CTX *ctx = OPENSSL_malloc(sizeof(HMAC_CTX));
     if (!ctx)
@@ -139,7 +139,7 @@ HMAC_CTX_new(void)
 
 #if !defined(HAVE_HMAC_CTX_FREE)
 void
-HMAC_CTX_free(HMAC_CTX *ctx)
+ossl_HMAC_CTX_free(HMAC_CTX *ctx)
 {
     if (ctx) {
 	HMAC_CTX_cleanup(ctx);
@@ -150,8 +150,8 @@ HMAC_CTX_free(HMAC_CTX *ctx)
 
 #if !defined(HAVE_X509_CRL_GET0_SIGNATURE)
 void
-X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig,
-			const X509_ALGOR **palg)
+ossl_X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig,
+			     const X509_ALGOR **palg)
 {
     if (psig != NULL)
 	*psig = crl->signature;
@@ -162,8 +162,8 @@ X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig,
 
 #if !defined(HAVE_X509_REQ_GET0_SIGNATURE)
 void
-X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig,
-			const X509_ALGOR **palg)
+ossl_X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig,
+			     const X509_ALGOR **palg)
 {
     if (psig != NULL)
 	*psig = req->signature;

data/ext/openssl/openssl_missing.h

@@ -14,11 +14,17 @@
 
 /* added in 0.9.8X */
 #if !defined(HAVE_EVP_CIPHER_CTX_NEW)
-EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+EVP_CIPHER_CTX *ossl_EVP_CIPHER_CTX_new(void);
+#  define EVP_CIPHER_CTX_new ossl_EVP_CIPHER_CTX_new
 #endif
 
 #if !defined(HAVE_EVP_CIPHER_CTX_FREE)
-void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
+void ossl_EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *);
+#  define EVP_CIPHER_CTX_free ossl_EVP_CIPHER_CTX_free
+#endif
+
+#if !defined(HAVE_SSL_CTX_CLEAR_OPTIONS)
+#  define SSL_CTX_clear_options(ctx, op) ((ctx)->options &= ~(op))
 #endif
 
 /* added in 1.0.0 */
@@ -27,11 +33,13 @@ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx);
 #endif
 
 #if !defined(HAVE_EVP_CIPHER_CTX_COPY)
-int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in);
+int ossl_EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *, const EVP_CIPHER_CTX *);
+#  define EVP_CIPHER_CTX_copy ossl_EVP_CIPHER_CTX_copy
 #endif
 
 #if !defined(HAVE_HMAC_CTX_COPY)
-int HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in);
+int ossl_HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in);
+#  define HMAC_CTX_copy ossl_HMAC_CTX_copy
 #endif
 
 #if !defined(HAVE_X509_STORE_CTX_GET0_CURRENT_CRL)
@@ -54,7 +62,8 @@ int HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in);
 /* added in 1.0.2 */
 #if !defined(OPENSSL_NO_EC)
 #if !defined(HAVE_EC_CURVE_NIST2NID)
-int EC_curve_nist2nid(const char *);
+int ossl_EC_curve_nist2nid(const char *);
+#  define EC_curve_nist2nid ossl_EC_curve_nist2nid
 #endif
 #endif
 
@@ -93,11 +102,13 @@ int EC_curve_nist2nid(const char *);
 #endif
 
 #if !defined(HAVE_HMAC_CTX_NEW)
-HMAC_CTX *HMAC_CTX_new(void);
+HMAC_CTX *ossl_HMAC_CTX_new(void);
+#  define HMAC_CTX_new ossl_HMAC_CTX_new
 #endif
 
 #if !defined(HAVE_HMAC_CTX_FREE)
-void HMAC_CTX_free(HMAC_CTX *ctx);
+void ossl_HMAC_CTX_free(HMAC_CTX *);
+#  define HMAC_CTX_free ossl_HMAC_CTX_free
 #endif
 
 #if !defined(HAVE_X509_STORE_GET_EX_DATA)
@@ -114,11 +125,13 @@ void HMAC_CTX_free(HMAC_CTX *ctx);
 #endif
 
 #if !defined(HAVE_X509_CRL_GET0_SIGNATURE)
-void X509_CRL_get0_signature(const X509_CRL *, const ASN1_BIT_STRING **, const X509_ALGOR **);
+void ossl_X509_CRL_get0_signature(const X509_CRL *, const ASN1_BIT_STRING **, const X509_ALGOR **);
+#  define X509_CRL_get0_signature ossl_X509_CRL_get0_signature
 #endif
 
 #if !defined(HAVE_X509_REQ_GET0_SIGNATURE)
-void X509_REQ_get0_signature(const X509_REQ *, const ASN1_BIT_STRING **, const X509_ALGOR **);
+void ossl_X509_REQ_get0_signature(const X509_REQ *, const ASN1_BIT_STRING **, const X509_ALGOR **);
+#  define X509_REQ_get0_signature ossl_X509_REQ_get0_signature
 #endif
 
 #if !defined(HAVE_X509_REVOKED_GET0_SERIALNUMBER)
@@ -245,4 +258,8 @@ IMPL_PKEY_GETTER(EC_KEY, ec)
 #  define X509_CRL_get0_nextUpdate(x) X509_CRL_get_nextUpdate(x)
 #endif
 
+#if !defined(HAVE_SSL_SESSION_GET_PROTOCOL_VERSION)
+#  define SSL_SESSION_get_protocol_version(s) ((s)->ssl_version)
+#endif
+
 #endif /* _OSSL_OPENSSL_MISSING_H_ */

data/ext/openssl/ossl_pkey.c

@@ -73,10 +73,13 @@ const rb_data_type_t ossl_evp_pkey_type = {
 static VALUE
 pkey_new0(EVP_PKEY *pkey)
 {
-    if (!pkey)
-	ossl_raise(ePKeyError, "cannot make new key from NULL");
+    VALUE obj;
+    int type;
 
-    switch (EVP_PKEY_base_id(pkey)) {
+    if (!pkey || (type = EVP_PKEY_base_id(pkey)) == EVP_PKEY_NONE)
+	ossl_raise(rb_eRuntimeError, "pkey is empty");
+
+    switch (type) {
 #if !defined(OPENSSL_NO_RSA)
     case EVP_PKEY_RSA:
 	return ossl_rsa_new(pkey);
@@ -94,7 +97,9 @@ pkey_new0(EVP_PKEY *pkey)
 	return ossl_ec_new(pkey);
 #endif
     default:
-	ossl_raise(ePKeyError, "unsupported key type");
+	obj = NewPKey(cPKey);
+	SetPKey(obj, pkey);
+	return obj;
     }
 }
 
@@ -260,7 +265,7 @@ static VALUE
 ossl_pkey_initialize(VALUE self)
 {
     if (rb_obj_is_instance_of(self, cPKey)) {
-	ossl_raise(rb_eNotImpError, "OpenSSL::PKey::PKey is an abstract class.");
+	ossl_raise(rb_eTypeError, "OpenSSL::PKey::PKey can't be instantiated directly");
     }
     return self;
 }

data/ext/openssl/ossl_ssl_session.c

@@ -93,23 +93,22 @@ ossl_ssl_session_initialize_copy(VALUE self, VALUE other)
     return self;
 }
 
-#if HAVE_SSL_SESSION_CMP == 0
-int SSL_SESSION_cmp(const SSL_SESSION *a,const SSL_SESSION *b)
+#if !defined(HAVE_SSL_SESSION_CMP)
+int ossl_SSL_SESSION_cmp(const SSL_SESSION *a, const SSL_SESSION *b)
 {
     unsigned int a_len;
     const unsigned char *a_sid = SSL_SESSION_get_id(a, &a_len);
     unsigned int b_len;
     const unsigned char *b_sid = SSL_SESSION_get_id(b, &b_len);
 
-#if !defined(HAVE_OPAQUE_OPENSSL) /* missing SSL_SESSION_get_ssl_version() ? */
-    if (a->ssl_version != b->ssl_version)
+    if (SSL_SESSION_get_protocol_version(a) != SSL_SESSION_get_protocol_version(b))
 	return 1;
-#endif
     if (a_len != b_len)
 	return 1;
 
     return CRYPTO_memcmp(a_sid, b_sid, a_len);
 }
+#define SSL_SESSION_cmp(a, b) ossl_SSL_SESSION_cmp(a, b)
 #endif
 
 /*

data/ext/openssl/ossl_version.h

@@ -10,6 +10,6 @@
 #if !defined(_OSSL_VERSION_H_)
 #define _OSSL_VERSION_H_
 
-#define OSSL_VERSION "2.0.1"
+#define OSSL_VERSION "2.0.2"
 
 #endif /* _OSSL_VERSION_H_ */

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: openssl
 version: !ruby/object:Gem::Version
-  version: 2.0.1
+  version: 2.0.2
 platform: ruby
 authors:
 - Martin Bosslet
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-12-10 00:00:00.000000000 Z
+date: 2016-12-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -77,8 +77,8 @@ extensions:
 - ext/openssl/extconf.rb
 extra_rdoc_files:
 - CONTRIBUTING.md
-- History.md
 - README.md
+- History.md
 files:
 - BSDL
 - CONTRIBUTING.md