RubyGems - openssl - Versions diffs - 3.3.3 → 4.0.0 - Mend

openssl 3.3.3 → 4.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (56) hide show

checksums.yaml +4 -4
data/CONTRIBUTING.md +3 -0
data/History.md +81 -12
data/README.md +12 -11
data/ext/openssl/extconf.rb +29 -72
data/ext/openssl/openssl_missing.h +0 -233
data/ext/openssl/ossl.c +279 -300
data/ext/openssl/ossl.h +13 -9
data/ext/openssl/ossl_asn1.c +610 -423
data/ext/openssl/ossl_asn1.h +15 -1
data/ext/openssl/ossl_bio.c +3 -3
data/ext/openssl/ossl_bn.c +286 -291
data/ext/openssl/ossl_cipher.c +252 -203
data/ext/openssl/ossl_cipher.h +10 -1
data/ext/openssl/ossl_config.c +1 -6
data/ext/openssl/ossl_digest.c +74 -43
data/ext/openssl/ossl_digest.h +9 -1
data/ext/openssl/ossl_engine.c +39 -103
data/ext/openssl/ossl_hmac.c +30 -36
data/ext/openssl/ossl_kdf.c +42 -53
data/ext/openssl/ossl_ns_spki.c +27 -32
data/ext/openssl/ossl_ocsp.c +209 -236
data/ext/openssl/ossl_pkcs12.c +26 -26
data/ext/openssl/ossl_pkcs7.c +176 -146
data/ext/openssl/ossl_pkey.c +102 -158
data/ext/openssl/ossl_pkey.h +99 -99
data/ext/openssl/ossl_pkey_dh.c +31 -68
data/ext/openssl/ossl_pkey_dsa.c +15 -54
data/ext/openssl/ossl_pkey_ec.c +179 -237
data/ext/openssl/ossl_pkey_rsa.c +56 -103
data/ext/openssl/ossl_provider.c +0 -5
data/ext/openssl/ossl_rand.c +7 -14
data/ext/openssl/ossl_ssl.c +478 -353
data/ext/openssl/ossl_ssl.h +8 -8
data/ext/openssl/ossl_ssl_session.c +93 -97
data/ext/openssl/ossl_ts.c +79 -125
data/ext/openssl/ossl_x509.c +9 -28
data/ext/openssl/ossl_x509.h +6 -6
data/ext/openssl/ossl_x509attr.c +35 -57
data/ext/openssl/ossl_x509cert.c +73 -104
data/ext/openssl/ossl_x509crl.c +80 -91
data/ext/openssl/ossl_x509ext.c +45 -75
data/ext/openssl/ossl_x509name.c +64 -91
data/ext/openssl/ossl_x509req.c +57 -64
data/ext/openssl/ossl_x509revoked.c +29 -44
data/ext/openssl/ossl_x509store.c +41 -57
data/lib/openssl/buffering.rb +30 -24
data/lib/openssl/digest.rb +1 -1
data/lib/openssl/pkey.rb +71 -49
data/lib/openssl/ssl.rb +12 -79
data/lib/openssl/version.rb +2 -1
data/lib/openssl/x509.rb +9 -0
data/lib/openssl.rb +9 -6
metadata +2 -4
data/ext/openssl/openssl_missing.c +0 -41
data/lib/openssl/asn1.rb +0 -188

data/ext/openssl/ossl_x509revoked.c CHANGED Viewed

@@ -13,14 +13,14 @@
     TypedData_Wrap_Struct((klass), &ossl_x509rev_type, 0)
 #define SetX509Rev(obj, rev) do { \
     if (!(rev)) { \
-	ossl_raise(rb_eRuntimeError, "REV wasn't initialized!"); \
+        ossl_raise(rb_eRuntimeError, "REV wasn't initialized!"); \
     } \
     RTYPEDDATA_DATA(obj) = (rev); \
 } while (0)
 #define GetX509Rev(obj, rev) do { \
     TypedData_Get_Struct((obj), X509_REVOKED, &ossl_x509rev_type, (rev)); \
     if (!(rev)) { \
-	ossl_raise(rb_eRuntimeError, "REV wasn't initialized!"); \
+        ossl_raise(rb_eRuntimeError, "REV wasn't initialized!"); \
     } \
 } while (0)
@@ -39,7 +39,7 @@ ossl_x509rev_free(void *ptr)
 static const rb_data_type_t ossl_x509rev_type = {
     "OpenSSL/X509/REV",
     {
-	0, ossl_x509rev_free,
+        0, ossl_x509rev_free,
     },
     0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
 };
@@ -48,21 +48,15 @@ static const rb_data_type_t ossl_x509rev_type = {
  * PUBLIC
  */
 VALUE
-ossl_x509revoked_new(const X509_REVOKED *rev)
+ossl_x509revoked_new(X509_REVOKED *rev)
 {
     X509_REVOKED *new;
     VALUE obj;
     obj = NewX509Rev(cX509Rev);
-    if (!rev) {
-	new = X509_REVOKED_new();
-    } else {
-	/* OpenSSL 1.1.1 takes a non-const pointer */
-	new = X509_REVOKED_dup((X509_REVOKED *)rev);
-    }
-    if (!new) {
-	ossl_raise(eX509RevError, NULL);
-    }
+    new = X509_REVOKED_dup(rev);
+    if (!new)
+        ossl_raise(eX509RevError, "X509_REVOKED_dup");
     SetX509Rev(obj, new);
     return obj;
@@ -75,7 +69,7 @@ DupX509RevokedPtr(VALUE obj)
     GetX509Rev(obj, rev);
     if (!(new = X509_REVOKED_dup(rev))) {
-	ossl_raise(eX509RevError, NULL);
+        ossl_raise(eX509RevError, NULL);
     }
     return new;
@@ -92,7 +86,7 @@ ossl_x509revoked_alloc(VALUE klass)
     obj = NewX509Rev(klass);
     if (!(rev = X509_REVOKED_new())) {
-	ossl_raise(eX509RevError, NULL);
+        ossl_raise(eX509RevError, NULL);
     }
     SetX509Rev(obj, rev);
@@ -106,6 +100,7 @@ ossl_x509revoked_initialize(int argc, VALUE *argv, VALUE self)
     return self;
 }
+/* :nodoc: */
 static VALUE
 ossl_x509revoked_initialize_copy(VALUE self, VALUE other)
 {
@@ -117,7 +112,7 @@ ossl_x509revoked_initialize_copy(VALUE self, VALUE other)
     rev_new = X509_REVOKED_dup(rev_other);
     if (!rev_new)
-	ossl_raise(eX509RevError, "X509_REVOKED_dup");
+        ossl_raise(eX509RevError, "X509_REVOKED_dup");
     SetX509Rev(self, rev_new);
     X509_REVOKED_free(rev);
@@ -144,8 +139,8 @@ ossl_x509revoked_set_serial(VALUE self, VALUE num)
     GetX509Rev(self, rev);
     asn1int = num_to_asn1integer(num, NULL);
     if (!X509_REVOKED_set_serialNumber(rev, asn1int)) {
-	ASN1_INTEGER_free(asn1int);
-	ossl_raise(eX509RevError, "X509_REVOKED_set_serialNumber");
+        ASN1_INTEGER_free(asn1int);
+        ossl_raise(eX509RevError, "X509_REVOKED_set_serialNumber");
     }
     ASN1_INTEGER_free(asn1int);
@@ -161,7 +156,7 @@ ossl_x509revoked_get_time(VALUE self)
     GetX509Rev(self, rev);
     time = X509_REVOKED_get0_revocationDate(rev);
     if (!time)
-	return Qnil;
+        return Qnil;
     return asn1time_to_time(time);
 }
@@ -175,8 +170,8 @@ ossl_x509revoked_set_time(VALUE self, VALUE time)
     GetX509Rev(self, rev);
     asn1time = ossl_x509_time_adjust(NULL, time);
     if (!X509_REVOKED_set_revocationDate(rev, asn1time)) {
-	ASN1_TIME_free(asn1time);
-	ossl_raise(eX509RevError, "X509_REVOKED_set_revocationDate");
+        ASN1_TIME_free(asn1time);
+        ossl_raise(eX509RevError, "X509_REVOKED_set_revocationDate");
     }
     ASN1_TIME_free(asn1time);
@@ -190,19 +185,15 @@ ossl_x509revoked_get_extensions(VALUE self)
 {
     X509_REVOKED *rev;
     int count, i;
-    const X509_EXTENSION *ext;
+    X509_EXTENSION *ext;
     VALUE ary;
     GetX509Rev(self, rev);
     count = X509_REVOKED_get_ext_count(rev);
-    if (count < 0) {
-	OSSL_Debug("count < 0???");
-	return rb_ary_new();
-    }
-    ary = rb_ary_new2(count);
+    ary = rb_ary_new_capa(count);
     for (i=0; i<count; i++) {
-	ext = X509_REVOKED_get_ext(rev, i);
-	rb_ary_push(ary, ossl_x509ext_new(ext));
+        ext = X509_REVOKED_get_ext(rev, i);
+        rb_ary_push(ary, ossl_x509ext_new(ext));
     }
     return ary;
@@ -221,17 +212,17 @@ ossl_x509revoked_set_extensions(VALUE self, VALUE ary)
     Check_Type(ary, T_ARRAY);
     for (i=0; i<RARRAY_LEN(ary); i++) {
-	OSSL_Check_Kind(RARRAY_AREF(ary, i), cX509Ext);
+        OSSL_Check_Kind(RARRAY_AREF(ary, i), cX509Ext);
     }
     GetX509Rev(self, rev);
     for (i = X509_REVOKED_get_ext_count(rev); i > 0; i--)
         X509_EXTENSION_free(X509_REVOKED_delete_ext(rev, 0));
     for (i=0; i<RARRAY_LEN(ary); i++) {
-	item = RARRAY_AREF(ary, i);
-	ext = GetX509ExtPtr(item);
-	if(!X509_REVOKED_add_ext(rev, ext, -1)) {
-	    ossl_raise(eX509RevError, "X509_REVOKED_add_ext");
-	}
+        item = RARRAY_AREF(ary, i);
+        ext = GetX509ExtPtr(item);
+        if(!X509_REVOKED_add_ext(rev, ext, -1)) {
+            ossl_raise(eX509RevError, "X509_REVOKED_add_ext");
+        }
     }
     return ary;
@@ -244,7 +235,7 @@ ossl_x509revoked_add_extension(VALUE self, VALUE ext)
     GetX509Rev(self, rev);
     if (!X509_REVOKED_add_ext(rev, GetX509ExtPtr(ext), -1)) {
-	ossl_raise(eX509RevError, NULL);
+        ossl_raise(eX509RevError, NULL);
     }
     return ext;
@@ -261,11 +252,11 @@ ossl_x509revoked_to_der(VALUE self)
     GetX509Rev(self, rev);
     len = i2d_X509_REVOKED(rev, NULL);
     if (len <= 0)
-	ossl_raise(eX509RevError, "i2d_X509_REVOKED");
+        ossl_raise(eX509RevError, "i2d_X509_REVOKED");
     str = rb_str_new(NULL, len);
     p = (unsigned char *)RSTRING_PTR(str);
     if (i2d_X509_REVOKED(rev, &p) <= 0)
-	ossl_raise(eX509RevError, "i2d_X509_REVOKED");
+        ossl_raise(eX509RevError, "i2d_X509_REVOKED");
     ossl_str_adjust(str, p);
     return str;
 }
@@ -276,12 +267,6 @@ ossl_x509revoked_to_der(VALUE self)
 void
 Init_ossl_x509revoked(void)
 {
-#if 0
-    mOSSL = rb_define_module("OpenSSL");
-    eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);
-    mX509 = rb_define_module_under(mOSSL, "X509");
-#endif
     eX509RevError = rb_define_class_under(mX509, "RevokedError", eOSSLError);
     cX509Rev = rb_define_class_under(mX509, "Revoked", rb_cObject);

data/ext/openssl/ossl_x509store.c CHANGED Viewed

@@ -13,14 +13,14 @@
     TypedData_Wrap_Struct((klass), &ossl_x509store_type, 0)
 #define SetX509Store(obj, st) do { \
     if (!(st)) { \
-	ossl_raise(rb_eRuntimeError, "STORE wasn't initialized!"); \
+        ossl_raise(rb_eRuntimeError, "STORE wasn't initialized!"); \
     } \
     RTYPEDDATA_DATA(obj) = (st); \
 } while (0)
 #define GetX509Store(obj, st) do { \
     TypedData_Get_Struct((obj), X509_STORE, &ossl_x509store_type, (st)); \
     if (!(st)) { \
-	ossl_raise(rb_eRuntimeError, "STORE wasn't initialized!"); \
+        ossl_raise(rb_eRuntimeError, "STORE wasn't initialized!"); \
     } \
 } while (0)
@@ -28,14 +28,14 @@
     TypedData_Wrap_Struct((klass), &ossl_x509stctx_type, 0)
 #define SetX509StCtx(obj, ctx) do { \
     if (!(ctx)) { \
-	ossl_raise(rb_eRuntimeError, "STORE_CTX wasn't initialized!"); \
+        ossl_raise(rb_eRuntimeError, "STORE_CTX wasn't initialized!"); \
     } \
     RTYPEDDATA_DATA(obj) = (ctx); \
 } while (0)
 #define GetX509StCtx(obj, ctx) do { \
     TypedData_Get_Struct((obj), X509_STORE_CTX, &ossl_x509stctx_type, (ctx)); \
     if (!(ctx)) { \
-	ossl_raise(rb_eRuntimeError, "STORE_CTX is out of scope!"); \
+        ossl_raise(rb_eRuntimeError, "STORE_CTX is out of scope!"); \
     } \
 } while (0)
@@ -62,7 +62,7 @@ call_verify_cb_proc(VALUE arg)
 {
     struct ossl_verify_cb_args *args = (struct ossl_verify_cb_args *)arg;
     return rb_funcall(args->proc, rb_intern("call"), 2,
-		      args->preverify_ok, args->store_ctx);
+                      args->preverify_ok, args->store_ctx);
 }
 int
@@ -73,33 +73,33 @@ ossl_verify_cb_call(VALUE proc, int ok, X509_STORE_CTX *ctx)
     int state;
     if (NIL_P(proc))
-	return ok;
+        return ok;
     ret = Qfalse;
     rctx = rb_protect(ossl_x509stctx_new_i, (VALUE)ctx, &state);
     if (state) {
-	rb_set_errinfo(Qnil);
-	rb_warn("StoreContext initialization failure");
+        rb_set_errinfo(Qnil);
+        rb_warn("StoreContext initialization failure");
     }
     else {
-	args.proc = proc;
-	args.preverify_ok = ok ? Qtrue : Qfalse;
-	args.store_ctx = rctx;
-	ret = rb_protect(call_verify_cb_proc, (VALUE)&args, &state);
-	if (state) {
-	    rb_set_errinfo(Qnil);
-	    rb_warn("exception in verify_callback is ignored");
-	}
-	RTYPEDDATA_DATA(rctx) = NULL;
+        args.proc = proc;
+        args.preverify_ok = ok ? Qtrue : Qfalse;
+        args.store_ctx = rctx;
+        ret = rb_protect(call_verify_cb_proc, (VALUE)&args, &state);
+        if (state) {
+            rb_set_errinfo(Qnil);
+            rb_warn("exception in verify_callback is ignored");
+        }
+        RTYPEDDATA_DATA(rctx) = NULL;
     }
     if (ret == Qtrue) {
-	X509_STORE_CTX_set_error(ctx, X509_V_OK);
-	ok = 1;
+        X509_STORE_CTX_set_error(ctx, X509_V_OK);
+        ok = 1;
     }
     else {
-	if (X509_STORE_CTX_get_error(ctx) == X509_V_OK)
-	    X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_REJECTED);
-	ok = 0;
+        if (X509_STORE_CTX_get_error(ctx) == X509_V_OK)
+            X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_REJECTED);
+        ok = 0;
     }
     return ok;
@@ -159,10 +159,10 @@ x509store_verify_cb(int ok, X509_STORE_CTX *ctx)
     proc = (VALUE)X509_STORE_CTX_get_ex_data(ctx, stctx_ex_verify_cb_idx);
     if (!proc)
-	proc = (VALUE)X509_STORE_get_ex_data(X509_STORE_CTX_get0_store(ctx),
-					     store_ex_verify_cb_idx);
+        proc = (VALUE)X509_STORE_get_ex_data(X509_STORE_CTX_get0_store(ctx),
+                                             store_ex_verify_cb_idx);
     if (!proc)
-	return ok;
+        return ok;
     return ossl_verify_cb_call(proc, ok, ctx);
 }
@@ -191,8 +191,8 @@ ossl_x509store_set_vfy_cb(VALUE self, VALUE cb)
     GetX509Store(self, store);
     rb_iv_set(self, "@verify_callback", cb);
-    // We don't need to trigger a write barrier because `rb_iv_set` did it.
     X509_STORE_set_ex_data(store, store_ex_verify_cb_idx, (void *)cb);
+    RB_OBJ_WRITTEN(self, Qundef, cb);
     return cb;
 }
@@ -212,10 +212,6 @@ ossl_x509store_initialize(int argc, VALUE *argv, VALUE self)
     GetX509Store(self, store);
     if (argc != 0)
         rb_warn("OpenSSL::X509::Store.new does not take any arguments");
-#if !defined(HAVE_OPAQUE_OPENSSL)
-    /* [Bug #405] [Bug #1678] [Bug #3000]; already fixed? */
-    store->ex_data.sk = NULL;
-#endif
     X509_STORE_set_verify_cb(store, x509store_verify_cb);
     ossl_x509store_set_vfy_cb(self, Qnil);
@@ -332,11 +328,7 @@ ossl_x509store_set_time(VALUE self, VALUE time)
     X509_VERIFY_PARAM *param;
     GetX509Store(self, store);
-#ifdef HAVE_X509_STORE_GET0_PARAM
     param = X509_STORE_get0_param(store);
-#else
-    param = store->param;
-#endif
     X509_VERIFY_PARAM_set_time(param, NUM2LONG(rb_Integer(time)));
     return time;
 }
@@ -365,15 +357,6 @@ ossl_x509store_add_file(VALUE self, VALUE file)
         ossl_raise(eX509StoreError, "X509_STORE_add_lookup");
     if (X509_LOOKUP_load_file(lookup, path, X509_FILETYPE_PEM) != 1)
         ossl_raise(eX509StoreError, "X509_LOOKUP_load_file");
-#if OPENSSL_VERSION_NUMBER < 0x10101000 || defined(LIBRESSL_VERSION_NUMBER)
-    /*
-     * X509_load_cert_crl_file() which is called from X509_LOOKUP_load_file()
-     * did not check the return value of X509_STORE_add_{cert,crl}(), leaking
-     * "cert already in hash table" errors on the error queue, if duplicate
-     * certificates are found. This will be fixed by OpenSSL 1.1.1.
-     */
-    ossl_clear_error();
-#endif
     return self;
 }
@@ -501,7 +484,7 @@ ossl_x509store_verify(int argc, VALUE *argv, VALUE self)
     rb_scan_args(argc, argv, "11", &cert, &chain);
     ctx = rb_funcall(cX509StoreContext, rb_intern("new"), 3, self, cert, chain);
     proc = rb_block_given_p() ?  rb_block_proc() :
-	   rb_iv_get(self, "@verify_callback");
+           rb_iv_get(self, "@verify_callback");
     rb_iv_set(ctx, "@verify_callback", proc);
     result = rb_funcall(ctx, rb_intern("verify"), 0);
@@ -529,8 +512,10 @@ static void
 ossl_x509stctx_free(void *ptr)
 {
     X509_STORE_CTX *ctx = ptr;
-    sk_X509_pop_free(X509_STORE_CTX_get0_untrusted(ctx), X509_free);
-    X509_free((X509 *)X509_STORE_CTX_get0_cert(ctx));
+    if (X509_STORE_CTX_get0_untrusted(ctx))
+        sk_X509_pop_free(X509_STORE_CTX_get0_untrusted(ctx), X509_free);
+    if (X509_STORE_CTX_get0_cert(ctx))
+        X509_free(X509_STORE_CTX_get0_cert(ctx));
     X509_STORE_CTX_free(ctx);
 }
@@ -626,6 +611,7 @@ ossl_x509stctx_verify(VALUE self)
     GetX509StCtx(self, ctx);
     VALUE cb = rb_iv_get(self, "@verify_callback");
     X509_STORE_CTX_set_ex_data(ctx, stctx_ex_verify_cb_idx, (void *)cb);
+    RB_OBJ_WRITTEN(self, Qundef, cb);
     switch (X509_verify_cert(ctx)) {
       case 1:
@@ -750,10 +736,14 @@ static VALUE
 ossl_x509stctx_get_curr_cert(VALUE self)
 {
     X509_STORE_CTX *ctx;
+    X509 *x509;
     GetX509StCtx(self, ctx);
+    x509 = X509_STORE_CTX_get_current_cert(ctx);
+    if (!x509)
+        return Qnil;
-    return ossl_x509_new(X509_STORE_CTX_get_current_cert(ctx));
+    return ossl_x509_new(x509);
 }
 /*
@@ -768,12 +758,12 @@ static VALUE
 ossl_x509stctx_get_curr_crl(VALUE self)
 {
     X509_STORE_CTX *ctx;
-    const X509_CRL *crl;
+    X509_CRL *crl;
     GetX509StCtx(self, ctx);
     crl = X509_STORE_CTX_get0_current_crl(ctx);
     if (!crl)
-	return Qnil;
+        return Qnil;
     return ossl_x509crl_new(crl);
 }
@@ -869,19 +859,13 @@ void
 Init_ossl_x509store(void)
 {
 #undef rb_intern
-#if 0
-    mOSSL = rb_define_module("OpenSSL");
-    eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);
-    mX509 = rb_define_module_under(mOSSL, "X509");
-#endif
     /* Register ext_data slot for verify callback Proc */
     stctx_ex_verify_cb_idx = X509_STORE_CTX_get_ex_new_index(0, (void *)"stctx_ex_verify_cb_idx", 0, 0, 0);
     if (stctx_ex_verify_cb_idx < 0)
-	ossl_raise(eOSSLError, "X509_STORE_CTX_get_ex_new_index");
+        ossl_raise(eOSSLError, "X509_STORE_CTX_get_ex_new_index");
     store_ex_verify_cb_idx = X509_STORE_get_ex_new_index(0, (void *)"store_ex_verify_cb_idx", 0, 0, 0);
     if (store_ex_verify_cb_idx < 0)
-	ossl_raise(eOSSLError, "X509_STORE_get_ex_new_index");
+        ossl_raise(eOSSLError, "X509_STORE_get_ex_new_index");
     eX509StoreError = rb_define_class_under(mX509, "StoreError", eOSSLError);

data/lib/openssl/buffering.rb CHANGED Viewed

@@ -24,25 +24,21 @@ module OpenSSL::Buffering
   # A buffer which will retain binary encoding.
   class Buffer < String
-    BINARY = Encoding::BINARY
-    def initialize
-      super
-      force_encoding(BINARY)
-    end
+    unless String.method_defined?(:append_as_bytes)
+      alias_method :_append, :<<
+      def append_as_bytes(string)
+        if string.encoding == Encoding::BINARY
+          _append(string)
+        else
+          _append(string.b)
+        end
-    def << string
-      if string.encoding == BINARY
-        super(string)
-      else
-        super(string.b)
+        self
       end
-      return self
     end
-    alias concat <<
+    undef_method :concat
+    undef_method :<<
   end
   ##
@@ -77,7 +73,7 @@ module OpenSSL::Buffering
   def fill_rbuff
     begin
-      @rbuffer << self.sysread(BLOCK_SIZE)
+      @rbuffer.append_as_bytes(self.sysread(BLOCK_SIZE))
     rescue Errno::EAGAIN
       retry
     rescue EOFError
@@ -352,22 +348,32 @@ module OpenSSL::Buffering
   def do_write(s)
     @wbuffer = Buffer.new unless defined? @wbuffer
-    @wbuffer << s
-    @wbuffer.force_encoding(Encoding::BINARY)
+    @wbuffer.append_as_bytes(s)
     @sync ||= false
-    buffer_size = @wbuffer.size
+    buffer_size = @wbuffer.bytesize
     if @sync or buffer_size > BLOCK_SIZE
       nwrote = 0
       begin
         while nwrote < buffer_size do
           begin
-            nwrote += syswrite(@wbuffer[nwrote, buffer_size - nwrote])
+            chunk = if nwrote > 0
+              @wbuffer.byteslice(nwrote, @wbuffer.bytesize)
+            else
+              @wbuffer
+            end
+            nwrote += syswrite(chunk)
           rescue Errno::EAGAIN
             retry
           end
         end
       ensure
-        @wbuffer[0, nwrote] = ""
+        if nwrote < @wbuffer.bytesize
+          @wbuffer[0, nwrote] = ""
+        else
+          @wbuffer.clear
+        end
       end
     end
   end
@@ -444,10 +450,10 @@ module OpenSSL::Buffering
   def puts(*args)
     s = Buffer.new
     if args.empty?
-      s << "\n"
+      s.append_as_bytes("\n")
     end
     args.each{|arg|
-      s << arg.to_s
+      s.append_as_bytes(arg.to_s)
       s.sub!(/(?<!\n)\z/, "\n")
     }
     do_write(s)
@@ -461,7 +467,7 @@ module OpenSSL::Buffering
   def print(*args)
     s = Buffer.new
-    args.each{ |arg| s << arg.to_s }
+    args.each{ |arg| s.append_as_bytes(arg.to_s) }
     do_write(s)
     nil
   end

data/lib/openssl/digest.rb CHANGED Viewed

@@ -57,7 +57,7 @@ module OpenSSL
   #   OpenSSL::Digest("MD5")
   #   # => OpenSSL::Digest::MD5
   #
-  #   Digest("Foo")
+  #   OpenSSL::Digest("Foo")
   #   # => NameError: wrong constant name Foo
   def Digest(name)