openssl 2.1.1 → 2.1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/History.md +81 -0
- data/ext/openssl/deprecation.rb +5 -1
- data/ext/openssl/extconf.rb +31 -16
- data/ext/openssl/openssl_missing.h +3 -3
- data/ext/openssl/ossl.c +3 -2
- data/ext/openssl/ossl.h +1 -1
- data/ext/openssl/ossl_asn1.c +2 -1
- data/ext/openssl/ossl_bn.c +27 -14
- data/ext/openssl/ossl_digest.c +6 -2
- data/ext/openssl/ossl_pkcs12.c +1 -0
- data/ext/openssl/ossl_pkcs7.c +1 -0
- data/ext/openssl/ossl_pkey.c +26 -3
- data/ext/openssl/ossl_pkey.h +6 -6
- data/ext/openssl/ossl_pkey_dh.c +1 -1
- data/ext/openssl/ossl_pkey_ec.c +9 -8
- data/ext/openssl/ossl_rand.c +0 -8
- data/ext/openssl/ossl_ssl.c +111 -33
- data/ext/openssl/ossl_version.h +1 -1
- data/ext/openssl/ossl_x509.c +91 -0
- data/ext/openssl/ossl_x509ext.c +1 -0
- data/ext/openssl/ossl_x509name.c +8 -7
- data/ext/openssl/ossl_x509store.c +40 -22
- data/lib/openssl/buffering.rb +5 -12
- data/lib/openssl/config.rb +36 -18
- data/lib/openssl/ssl.rb +6 -5
- metadata +22 -9
data/lib/openssl/config.rb
CHANGED
|
@@ -77,29 +77,44 @@ module OpenSSL
|
|
|
77
77
|
def parse_config_lines(io)
|
|
78
78
|
section = 'default'
|
|
79
79
|
data = {section => {}}
|
|
80
|
-
|
|
80
|
+
io_stack = [io]
|
|
81
|
+
while definition = get_definition(io_stack)
|
|
81
82
|
definition = clear_comments(definition)
|
|
82
83
|
next if definition.empty?
|
|
83
|
-
|
|
84
|
+
case definition
|
|
85
|
+
when /\A\[/
|
|
84
86
|
if /\[([^\]]*)\]/ =~ definition
|
|
85
87
|
section = $1.strip
|
|
86
88
|
data[section] ||= {}
|
|
87
89
|
else
|
|
88
90
|
raise ConfigError, "missing close square bracket"
|
|
89
91
|
end
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
92
|
+
when /\A\.include (\s*=\s*)?(.+)\z/
|
|
93
|
+
path = $2
|
|
94
|
+
if File.directory?(path)
|
|
95
|
+
files = Dir.glob(File.join(path, "*.{cnf,conf}"), File::FNM_EXTGLOB)
|
|
96
|
+
else
|
|
97
|
+
files = [path]
|
|
98
|
+
end
|
|
99
|
+
|
|
100
|
+
files.each do |filename|
|
|
101
|
+
begin
|
|
102
|
+
io_stack << StringIO.new(File.read(filename))
|
|
103
|
+
rescue
|
|
104
|
+
raise ConfigError, "could not include file '%s'" % filename
|
|
97
105
|
end
|
|
98
|
-
|
|
99
|
-
|
|
106
|
+
end
|
|
107
|
+
when /\A([^:\s]*)(?:::([^:\s]*))?\s*=(.*)\z/
|
|
108
|
+
if $2
|
|
109
|
+
section = $1
|
|
110
|
+
key = $2
|
|
100
111
|
else
|
|
101
|
-
|
|
112
|
+
key = $1
|
|
102
113
|
end
|
|
114
|
+
value = unescape_value(data, section, $3)
|
|
115
|
+
(data[section] ||= {})[key] = value.strip
|
|
116
|
+
else
|
|
117
|
+
raise ConfigError, "missing equal sign"
|
|
103
118
|
end
|
|
104
119
|
end
|
|
105
120
|
data
|
|
@@ -212,10 +227,10 @@ module OpenSSL
|
|
|
212
227
|
scanned.join
|
|
213
228
|
end
|
|
214
229
|
|
|
215
|
-
def get_definition(
|
|
216
|
-
if line = get_line(
|
|
230
|
+
def get_definition(io_stack)
|
|
231
|
+
if line = get_line(io_stack)
|
|
217
232
|
while /[^\\]\\\z/ =~ line
|
|
218
|
-
if extra = get_line(
|
|
233
|
+
if extra = get_line(io_stack)
|
|
219
234
|
line += extra
|
|
220
235
|
else
|
|
221
236
|
break
|
|
@@ -225,9 +240,12 @@ module OpenSSL
|
|
|
225
240
|
end
|
|
226
241
|
end
|
|
227
242
|
|
|
228
|
-
def get_line(
|
|
229
|
-
|
|
230
|
-
line.
|
|
243
|
+
def get_line(io_stack)
|
|
244
|
+
while io = io_stack.last
|
|
245
|
+
if line = io.gets
|
|
246
|
+
return line.gsub(/[\r\n]*/, '')
|
|
247
|
+
end
|
|
248
|
+
io_stack.pop
|
|
231
249
|
end
|
|
232
250
|
end
|
|
233
251
|
end
|
data/lib/openssl/ssl.rb
CHANGED
|
@@ -12,6 +12,7 @@
|
|
|
12
12
|
|
|
13
13
|
require "openssl/buffering"
|
|
14
14
|
require "io/nonblock"
|
|
15
|
+
require "ipaddr"
|
|
15
16
|
|
|
16
17
|
module OpenSSL
|
|
17
18
|
module SSL
|
|
@@ -272,11 +273,11 @@ YoaOffgTf5qxiwkjnlVZQc3whgnEt9FpVMvQ9eknyeGB5KHfayAc3+hUAvI3/Cr3
|
|
|
272
273
|
return true if verify_hostname(hostname, san.value)
|
|
273
274
|
when 7 # iPAddress in GeneralName (RFC5280)
|
|
274
275
|
should_verify_common_name = false
|
|
275
|
-
|
|
276
|
-
|
|
277
|
-
|
|
278
|
-
|
|
279
|
-
|
|
276
|
+
if san.value.size == 4 || san.value.size == 16
|
|
277
|
+
begin
|
|
278
|
+
return true if san.value == IPAddr.new(hostname).hton
|
|
279
|
+
rescue IPAddr::InvalidAddressError
|
|
280
|
+
end
|
|
280
281
|
end
|
|
281
282
|
end
|
|
282
283
|
}
|
metadata
CHANGED
|
@@ -1,32 +1,46 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: openssl
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.1.
|
|
4
|
+
version: 2.1.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Martin Bosslet
|
|
8
8
|
- SHIBATA Hiroshi
|
|
9
9
|
- Zachary Scott
|
|
10
10
|
- Kazuki Yamaguchi
|
|
11
|
-
autorequire:
|
|
11
|
+
autorequire:
|
|
12
12
|
bindir: bin
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date:
|
|
14
|
+
date: 2022-09-08 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
|
-
name:
|
|
17
|
+
name: ipaddr
|
|
18
18
|
requirement: !ruby/object:Gem::Requirement
|
|
19
19
|
requirements:
|
|
20
20
|
- - ">="
|
|
21
21
|
- !ruby/object:Gem::Version
|
|
22
22
|
version: '0'
|
|
23
|
-
type: :
|
|
23
|
+
type: :runtime
|
|
24
24
|
prerelease: false
|
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
|
26
26
|
requirements:
|
|
27
27
|
- - ">="
|
|
28
28
|
- !ruby/object:Gem::Version
|
|
29
29
|
version: '0'
|
|
30
|
+
- !ruby/object:Gem::Dependency
|
|
31
|
+
name: rake
|
|
32
|
+
requirement: !ruby/object:Gem::Requirement
|
|
33
|
+
requirements:
|
|
34
|
+
- - ">="
|
|
35
|
+
- !ruby/object:Gem::Version
|
|
36
|
+
version: 11.2.0
|
|
37
|
+
type: :development
|
|
38
|
+
prerelease: false
|
|
39
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
40
|
+
requirements:
|
|
41
|
+
- - ">="
|
|
42
|
+
- !ruby/object:Gem::Version
|
|
43
|
+
version: 11.2.0
|
|
30
44
|
- !ruby/object:Gem::Dependency
|
|
31
45
|
name: rake-compiler
|
|
32
46
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -155,7 +169,7 @@ licenses:
|
|
|
155
169
|
- Ruby
|
|
156
170
|
metadata:
|
|
157
171
|
msys2_mingw_dependencies: openssl
|
|
158
|
-
post_install_message:
|
|
172
|
+
post_install_message:
|
|
159
173
|
rdoc_options:
|
|
160
174
|
- "--main"
|
|
161
175
|
- README.md
|
|
@@ -172,9 +186,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
172
186
|
- !ruby/object:Gem::Version
|
|
173
187
|
version: '0'
|
|
174
188
|
requirements: []
|
|
175
|
-
|
|
176
|
-
|
|
177
|
-
signing_key:
|
|
189
|
+
rubygems_version: 3.3.8
|
|
190
|
+
signing_key:
|
|
178
191
|
specification_version: 4
|
|
179
192
|
summary: OpenSSL provides SSL, TLS and general purpose cryptography.
|
|
180
193
|
test_files: []
|