openssl 2.1.0 → 3.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (64) hide show
  1. checksums.yaml +4 -4
  2. data/CONTRIBUTING.md +35 -45
  3. data/History.md +426 -0
  4. data/README.md +38 -21
  5. data/ext/openssl/extconf.rb +132 -72
  6. data/ext/openssl/openssl_missing.c +0 -66
  7. data/ext/openssl/openssl_missing.h +62 -46
  8. data/ext/openssl/ossl.c +177 -252
  9. data/ext/openssl/ossl.h +39 -17
  10. data/ext/openssl/ossl_asn1.c +53 -14
  11. data/ext/openssl/ossl_bn.c +288 -146
  12. data/ext/openssl/ossl_bn.h +2 -1
  13. data/ext/openssl/ossl_cipher.c +42 -32
  14. data/ext/openssl/ossl_config.c +412 -41
  15. data/ext/openssl/ossl_config.h +4 -7
  16. data/ext/openssl/ossl_digest.c +32 -63
  17. data/ext/openssl/ossl_engine.c +19 -28
  18. data/ext/openssl/ossl_hmac.c +61 -146
  19. data/ext/openssl/ossl_kdf.c +15 -23
  20. data/ext/openssl/ossl_ns_spki.c +2 -2
  21. data/ext/openssl/ossl_ocsp.c +17 -70
  22. data/ext/openssl/ossl_ocsp.h +3 -3
  23. data/ext/openssl/ossl_pkcs12.c +23 -4
  24. data/ext/openssl/ossl_pkcs7.c +49 -81
  25. data/ext/openssl/ossl_pkcs7.h +16 -0
  26. data/ext/openssl/ossl_pkey.c +1508 -195
  27. data/ext/openssl/ossl_pkey.h +41 -78
  28. data/ext/openssl/ossl_pkey_dh.c +153 -348
  29. data/ext/openssl/ossl_pkey_dsa.c +157 -413
  30. data/ext/openssl/ossl_pkey_ec.c +257 -343
  31. data/ext/openssl/ossl_pkey_rsa.c +166 -490
  32. data/ext/openssl/ossl_provider.c +211 -0
  33. data/ext/openssl/ossl_provider.h +5 -0
  34. data/ext/openssl/ossl_rand.c +2 -40
  35. data/ext/openssl/ossl_ssl.c +666 -456
  36. data/ext/openssl/ossl_ssl_session.c +29 -30
  37. data/ext/openssl/ossl_ts.c +1539 -0
  38. data/ext/openssl/ossl_ts.h +16 -0
  39. data/ext/openssl/ossl_x509.c +86 -1
  40. data/ext/openssl/ossl_x509attr.c +1 -1
  41. data/ext/openssl/ossl_x509cert.c +170 -14
  42. data/ext/openssl/ossl_x509crl.c +14 -11
  43. data/ext/openssl/ossl_x509ext.c +29 -9
  44. data/ext/openssl/ossl_x509name.c +24 -12
  45. data/ext/openssl/ossl_x509req.c +14 -11
  46. data/ext/openssl/ossl_x509revoked.c +4 -4
  47. data/ext/openssl/ossl_x509store.c +205 -96
  48. data/lib/openssl/bn.rb +1 -1
  49. data/lib/openssl/buffering.rb +42 -20
  50. data/lib/openssl/cipher.rb +1 -1
  51. data/lib/openssl/digest.rb +10 -16
  52. data/lib/openssl/hmac.rb +78 -0
  53. data/lib/openssl/marshal.rb +30 -0
  54. data/lib/openssl/pkcs5.rb +1 -1
  55. data/lib/openssl/pkey.rb +447 -1
  56. data/lib/openssl/ssl.rb +68 -24
  57. data/lib/openssl/version.rb +5 -0
  58. data/lib/openssl/x509.rb +177 -1
  59. data/lib/openssl.rb +24 -9
  60. metadata +18 -71
  61. data/ext/openssl/deprecation.rb +0 -23
  62. data/ext/openssl/ossl_version.h +0 -15
  63. data/ext/openssl/ruby_missing.h +0 -24
  64. data/lib/openssl/config.rb +0 -474
@@ -41,7 +41,7 @@ static const rb_data_type_t ossl_x509req_type = {
41
41
  {
42
42
  0, ossl_x509req_free,
43
43
  },
44
- 0, 0, RUBY_TYPED_FREE_IMMEDIATELY,
44
+ 0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
45
45
  };
46
46
 
47
47
  /*
@@ -79,23 +79,26 @@ static VALUE
79
79
  ossl_x509req_initialize(int argc, VALUE *argv, VALUE self)
80
80
  {
81
81
  BIO *in;
82
- X509_REQ *req, *x = DATA_PTR(self);
82
+ X509_REQ *req, *req_orig = RTYPEDDATA_DATA(self);
83
83
  VALUE arg;
84
84
 
85
+ rb_check_frozen(self);
85
86
  if (rb_scan_args(argc, argv, "01", &arg) == 0) {
86
87
  return self;
87
88
  }
88
89
  arg = ossl_to_der_if_possible(arg);
89
90
  in = ossl_obj2bio(&arg);
90
- req = PEM_read_bio_X509_REQ(in, &x, NULL, NULL);
91
- DATA_PTR(self) = x;
91
+ req = d2i_X509_REQ_bio(in, NULL);
92
92
  if (!req) {
93
- OSSL_BIO_reset(in);
94
- req = d2i_X509_REQ_bio(in, &x);
95
- DATA_PTR(self) = x;
93
+ OSSL_BIO_reset(in);
94
+ req = PEM_read_bio_X509_REQ(in, NULL, NULL, NULL);
96
95
  }
97
96
  BIO_free(in);
98
- if (!req) ossl_raise(eX509ReqError, NULL);
97
+ if (!req)
98
+ ossl_raise(eX509ReqError, "PEM_read_bio_X509_REQ");
99
+
100
+ RTYPEDDATA_DATA(self) = req;
101
+ X509_REQ_free(req_orig);
99
102
 
100
103
  return self;
101
104
  }
@@ -377,13 +380,13 @@ ossl_x509req_set_attributes(VALUE self, VALUE ary)
377
380
  OSSL_Check_Kind(RARRAY_AREF(ary, i), cX509Attr);
378
381
  }
379
382
  GetX509Req(self, req);
380
- while ((attr = X509_REQ_delete_attr(req, 0)))
381
- X509_ATTRIBUTE_free(attr);
383
+ for (i = X509_REQ_get_attr_count(req); i > 0; i--)
384
+ X509_ATTRIBUTE_free(X509_REQ_delete_attr(req, 0));
382
385
  for (i=0;i<RARRAY_LEN(ary); i++) {
383
386
  item = RARRAY_AREF(ary, i);
384
387
  attr = GetX509AttrPtr(item);
385
388
  if (!X509_REQ_add1_attr(req, attr)) {
386
- ossl_raise(eX509ReqError, NULL);
389
+ ossl_raise(eX509ReqError, "X509_REQ_add1_attr");
387
390
  }
388
391
  }
389
392
  return ary;
@@ -41,7 +41,7 @@ static const rb_data_type_t ossl_x509rev_type = {
41
41
  {
42
42
  0, ossl_x509rev_free,
43
43
  },
44
- 0, 0, RUBY_TYPED_FREE_IMMEDIATELY,
44
+ 0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
45
45
  };
46
46
 
47
47
  /*
@@ -223,13 +223,13 @@ ossl_x509revoked_set_extensions(VALUE self, VALUE ary)
223
223
  OSSL_Check_Kind(RARRAY_AREF(ary, i), cX509Ext);
224
224
  }
225
225
  GetX509Rev(self, rev);
226
- while ((ext = X509_REVOKED_delete_ext(rev, 0)))
227
- X509_EXTENSION_free(ext);
226
+ for (i = X509_REVOKED_get_ext_count(rev); i > 0; i--)
227
+ X509_EXTENSION_free(X509_REVOKED_delete_ext(rev, 0));
228
228
  for (i=0; i<RARRAY_LEN(ary); i++) {
229
229
  item = RARRAY_AREF(ary, i);
230
230
  ext = GetX509ExtPtr(item);
231
231
  if(!X509_REVOKED_add_ext(rev, ext, -1)) {
232
- ossl_raise(eX509RevError, NULL);
232
+ ossl_raise(eX509RevError, "X509_REVOKED_add_ext");
233
233
  }
234
234
  }
235
235