openssl 2.1.0 → 3.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CONTRIBUTING.md +35 -45
- data/History.md +426 -0
- data/README.md +38 -21
- data/ext/openssl/extconf.rb +132 -72
- data/ext/openssl/openssl_missing.c +0 -66
- data/ext/openssl/openssl_missing.h +62 -46
- data/ext/openssl/ossl.c +177 -252
- data/ext/openssl/ossl.h +39 -17
- data/ext/openssl/ossl_asn1.c +53 -14
- data/ext/openssl/ossl_bn.c +288 -146
- data/ext/openssl/ossl_bn.h +2 -1
- data/ext/openssl/ossl_cipher.c +42 -32
- data/ext/openssl/ossl_config.c +412 -41
- data/ext/openssl/ossl_config.h +4 -7
- data/ext/openssl/ossl_digest.c +32 -63
- data/ext/openssl/ossl_engine.c +19 -28
- data/ext/openssl/ossl_hmac.c +61 -146
- data/ext/openssl/ossl_kdf.c +15 -23
- data/ext/openssl/ossl_ns_spki.c +2 -2
- data/ext/openssl/ossl_ocsp.c +17 -70
- data/ext/openssl/ossl_ocsp.h +3 -3
- data/ext/openssl/ossl_pkcs12.c +23 -4
- data/ext/openssl/ossl_pkcs7.c +49 -81
- data/ext/openssl/ossl_pkcs7.h +16 -0
- data/ext/openssl/ossl_pkey.c +1508 -195
- data/ext/openssl/ossl_pkey.h +41 -78
- data/ext/openssl/ossl_pkey_dh.c +153 -348
- data/ext/openssl/ossl_pkey_dsa.c +157 -413
- data/ext/openssl/ossl_pkey_ec.c +257 -343
- data/ext/openssl/ossl_pkey_rsa.c +166 -490
- data/ext/openssl/ossl_provider.c +211 -0
- data/ext/openssl/ossl_provider.h +5 -0
- data/ext/openssl/ossl_rand.c +2 -40
- data/ext/openssl/ossl_ssl.c +666 -456
- data/ext/openssl/ossl_ssl_session.c +29 -30
- data/ext/openssl/ossl_ts.c +1539 -0
- data/ext/openssl/ossl_ts.h +16 -0
- data/ext/openssl/ossl_x509.c +86 -1
- data/ext/openssl/ossl_x509attr.c +1 -1
- data/ext/openssl/ossl_x509cert.c +170 -14
- data/ext/openssl/ossl_x509crl.c +14 -11
- data/ext/openssl/ossl_x509ext.c +29 -9
- data/ext/openssl/ossl_x509name.c +24 -12
- data/ext/openssl/ossl_x509req.c +14 -11
- data/ext/openssl/ossl_x509revoked.c +4 -4
- data/ext/openssl/ossl_x509store.c +205 -96
- data/lib/openssl/bn.rb +1 -1
- data/lib/openssl/buffering.rb +42 -20
- data/lib/openssl/cipher.rb +1 -1
- data/lib/openssl/digest.rb +10 -16
- data/lib/openssl/hmac.rb +78 -0
- data/lib/openssl/marshal.rb +30 -0
- data/lib/openssl/pkcs5.rb +1 -1
- data/lib/openssl/pkey.rb +447 -1
- data/lib/openssl/ssl.rb +68 -24
- data/lib/openssl/version.rb +5 -0
- data/lib/openssl/x509.rb +177 -1
- data/lib/openssl.rb +24 -9
- metadata +18 -71
- data/ext/openssl/deprecation.rb +0 -23
- data/ext/openssl/ossl_version.h +0 -15
- data/ext/openssl/ruby_missing.h +0 -24
- data/lib/openssl/config.rb +0 -474
data/ext/openssl/ossl_x509req.c
CHANGED
@@ -41,7 +41,7 @@ static const rb_data_type_t ossl_x509req_type = {
|
|
41
41
|
{
|
42
42
|
0, ossl_x509req_free,
|
43
43
|
},
|
44
|
-
0, 0, RUBY_TYPED_FREE_IMMEDIATELY,
|
44
|
+
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
|
45
45
|
};
|
46
46
|
|
47
47
|
/*
|
@@ -79,23 +79,26 @@ static VALUE
|
|
79
79
|
ossl_x509req_initialize(int argc, VALUE *argv, VALUE self)
|
80
80
|
{
|
81
81
|
BIO *in;
|
82
|
-
X509_REQ *req, *
|
82
|
+
X509_REQ *req, *req_orig = RTYPEDDATA_DATA(self);
|
83
83
|
VALUE arg;
|
84
84
|
|
85
|
+
rb_check_frozen(self);
|
85
86
|
if (rb_scan_args(argc, argv, "01", &arg) == 0) {
|
86
87
|
return self;
|
87
88
|
}
|
88
89
|
arg = ossl_to_der_if_possible(arg);
|
89
90
|
in = ossl_obj2bio(&arg);
|
90
|
-
req =
|
91
|
-
DATA_PTR(self) = x;
|
91
|
+
req = d2i_X509_REQ_bio(in, NULL);
|
92
92
|
if (!req) {
|
93
|
-
|
94
|
-
|
95
|
-
DATA_PTR(self) = x;
|
93
|
+
OSSL_BIO_reset(in);
|
94
|
+
req = PEM_read_bio_X509_REQ(in, NULL, NULL, NULL);
|
96
95
|
}
|
97
96
|
BIO_free(in);
|
98
|
-
if (!req)
|
97
|
+
if (!req)
|
98
|
+
ossl_raise(eX509ReqError, "PEM_read_bio_X509_REQ");
|
99
|
+
|
100
|
+
RTYPEDDATA_DATA(self) = req;
|
101
|
+
X509_REQ_free(req_orig);
|
99
102
|
|
100
103
|
return self;
|
101
104
|
}
|
@@ -377,13 +380,13 @@ ossl_x509req_set_attributes(VALUE self, VALUE ary)
|
|
377
380
|
OSSL_Check_Kind(RARRAY_AREF(ary, i), cX509Attr);
|
378
381
|
}
|
379
382
|
GetX509Req(self, req);
|
380
|
-
|
381
|
-
|
383
|
+
for (i = X509_REQ_get_attr_count(req); i > 0; i--)
|
384
|
+
X509_ATTRIBUTE_free(X509_REQ_delete_attr(req, 0));
|
382
385
|
for (i=0;i<RARRAY_LEN(ary); i++) {
|
383
386
|
item = RARRAY_AREF(ary, i);
|
384
387
|
attr = GetX509AttrPtr(item);
|
385
388
|
if (!X509_REQ_add1_attr(req, attr)) {
|
386
|
-
ossl_raise(eX509ReqError,
|
389
|
+
ossl_raise(eX509ReqError, "X509_REQ_add1_attr");
|
387
390
|
}
|
388
391
|
}
|
389
392
|
return ary;
|
@@ -41,7 +41,7 @@ static const rb_data_type_t ossl_x509rev_type = {
|
|
41
41
|
{
|
42
42
|
0, ossl_x509rev_free,
|
43
43
|
},
|
44
|
-
0, 0, RUBY_TYPED_FREE_IMMEDIATELY,
|
44
|
+
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
|
45
45
|
};
|
46
46
|
|
47
47
|
/*
|
@@ -223,13 +223,13 @@ ossl_x509revoked_set_extensions(VALUE self, VALUE ary)
|
|
223
223
|
OSSL_Check_Kind(RARRAY_AREF(ary, i), cX509Ext);
|
224
224
|
}
|
225
225
|
GetX509Rev(self, rev);
|
226
|
-
|
227
|
-
|
226
|
+
for (i = X509_REVOKED_get_ext_count(rev); i > 0; i--)
|
227
|
+
X509_EXTENSION_free(X509_REVOKED_delete_ext(rev, 0));
|
228
228
|
for (i=0; i<RARRAY_LEN(ary); i++) {
|
229
229
|
item = RARRAY_AREF(ary, i);
|
230
230
|
ext = GetX509ExtPtr(item);
|
231
231
|
if(!X509_REVOKED_add_ext(rev, ext, -1)) {
|
232
|
-
ossl_raise(eX509RevError,
|
232
|
+
ossl_raise(eX509RevError, "X509_REVOKED_add_ext");
|
233
233
|
}
|
234
234
|
}
|
235
235
|
|