RubyGems - openssl - Versions diffs - 2.0.0 → 2.0.1 - Mend

openssl 2.0.0 → 2.0.1

Potentially problematic release.

This version of openssl might be problematic. Click here for more details.

Files changed (12) hide show

checksums.yaml +4 -4
data/ext/openssl/extconf.rb +1 -0
data/ext/openssl/openssl_missing.h +4 -0
data/ext/openssl/ossl.c +1 -1
data/ext/openssl/ossl_asn1.c +9 -3
data/ext/openssl/ossl_bn.c +21 -15
data/ext/openssl/ossl_bn.h +3 -1
data/ext/openssl/ossl_engine.c +1 -1
data/ext/openssl/ossl_pkey_ec.c +7 -3
data/ext/openssl/ossl_ssl.c +4 -1
data/ext/openssl/ossl_version.h +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 03d318590b847c8c1c1b994254b8e2487107bf31
-  data.tar.gz: 67dee2b7da3246aa429b2a35ec3fc44c93a7cc8f
+  metadata.gz: cc80177aa96ab17f6920d0e790efce7b53562e92
+  data.tar.gz: dfc39bf0895ae109cb29de4df756695676ee2b39
 SHA512:
-  metadata.gz: 2797a1a1a48b1ddd8181f668a4bbda6efa4362f20a8aaf05b8e9e14e403f25bc98eeec8a4749c98756ce88da465b21c5494432dcebcdbd52437805209f376b1d
-  data.tar.gz: e49508cdc45afcc6c564b4de70f1029b163c2660a583b06059f524b1a67e1295171bc253c2172d0ae7e77ac59d44a7b9edebc7415e135b5838120bca3dba3f05
+  metadata.gz: 65a3823e00d851a8ced0f6beabc81ec3a100ad01fe4da8e41ca3ae5763fd45c284717ffd1f7257fc632b492662c8234b686dacf12e0a6097727f886bef884dff
+  data.tar.gz: 66c8d3f98438ef4f8e1dae8658551d5cd92a9ba138ad4ecb0d82b70911e3cf4f54e4095d489ba174d2f20ca5e29ff7c2c64a2d490fa1c29b9636606071d6b94f

data/ext/openssl/extconf.rb CHANGED Viewed

@@ -95,6 +95,7 @@ have_func("i2d_ASN1_SET_ANY")
 have_func("SSL_SESSION_cmp") # removed
 OpenSSL.check_func_or_macro("SSL_set_tlsext_host_name", "openssl/ssl.h")
 have_struct_member("CRYPTO_THREADID", "ptr", "openssl/crypto.h")
+have_func("EVP_PKEY_get0")
 # added in 1.0.1
 have_func("SSL_CTX_set_next_proto_select_cb")

data/ext/openssl/openssl_missing.h CHANGED Viewed

@@ -47,6 +47,10 @@ int HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in);
 		i2d_ASN1_TYPE, V_ASN1_SET, V_ASN1_UNIVERSAL, 0)
 #endif
+#if !defined(HAVE_EVP_PKEY_GET0)
+#  define EVP_PKEY_get0(pk) (pk->pkey.ptr)
+#endif
 /* added in 1.0.2 */
 #if !defined(OPENSSL_NO_EC)
 #if !defined(HAVE_EC_CURVE_NIST2NID)

data/ext/openssl/ossl.c CHANGED Viewed

@@ -180,7 +180,7 @@ ossl_pem_passwd_cb(char *buf, int max_len, int flag, void *pwd_)
 	    len = RSTRING_LEN(pass);
 	    if (len >= OSSL_MIN_PWD_LEN && len <= max_len) {
 		memcpy(buf, RSTRING_PTR(pass), len);
-		return len;
+		return (int)len;
 	    }
 	}
 	OSSL_Debug("passed data is not valid String???");

data/ext/openssl/ossl_asn1.c CHANGED Viewed

@@ -47,9 +47,15 @@ asn1time_to_time(const ASN1_TIME *time)
 	}
 	break;
     case V_ASN1_GENERALIZEDTIME:
-	if (sscanf((const char *)time->data, "%4d%2d%2d%2d%2d%2dZ", &tm.tm_year, &tm.tm_mon,
-    		&tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) != 6) {
-	    ossl_raise(rb_eTypeError, "bad GENERALIZEDTIME format" );
+	count = sscanf((const char *)time->data, "%4d%2d%2d%2d%2d%2dZ",
+		&tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour, &tm.tm_min,
+		&tm.tm_sec);
+	if (count == 5) {
+		tm.tm_sec = 0;
+	}
+	else if (count != 6) {
+		ossl_raise(rb_eTypeError, "bad GENERALIZEDTIME format: \"%s\"",
+			time->data);
 	}
 	break;
     default:

data/ext/openssl/ossl_bn.c CHANGED Viewed

@@ -120,30 +120,34 @@ integer_to_bnptr(VALUE obj, BIGNUM *orig)
     return bn;
 }
-static BIGNUM *
-try_convert_to_bnptr(VALUE obj)
+static VALUE
+try_convert_to_bn(VALUE obj)
 {
-    BIGNUM *bn = NULL;
-    VALUE newobj;
+    BIGNUM *bn;
+    VALUE newobj = Qnil;
-    if (rb_obj_is_kind_of(obj, cBN)) {
-	GetBN(obj, bn);
-    }
-    else if (RB_INTEGER_TYPE_P(obj)) {
+    if (rb_obj_is_kind_of(obj, cBN))
+	return obj;
+    if (RB_INTEGER_TYPE_P(obj)) {
 	newobj = NewBN(cBN); /* Handle potencial mem leaks */
 	bn = integer_to_bnptr(obj, NULL);
 	SetBN(newobj, bn);
     }
-    return bn;
+    return newobj;
 }
 BIGNUM *
-GetBNPtr(VALUE obj)
+ossl_bn_value_ptr(volatile VALUE *ptr)
 {
-    BIGNUM *bn = try_convert_to_bnptr(obj);
-    if (!bn)
+    VALUE tmp;
+    BIGNUM *bn;
+    tmp = try_convert_to_bn(*ptr);
+    if (NIL_P(tmp))
 	ossl_raise(rb_eTypeError, "Cannot convert into OpenSSL::BN");
+    GetBN(tmp, bn);
+    *ptr = tmp;
     return bn;
 }
@@ -893,10 +897,12 @@ ossl_bn_eq(VALUE self, VALUE other)
     BIGNUM *bn1, *bn2;
     GetBN(self, bn1);
-    /* BNPtr may raise, so we can't use here */
-    bn2 = try_convert_to_bnptr(other);
+    other = try_convert_to_bn(other);
+    if (NIL_P(other))
+	return Qfalse;
+    GetBN(other, bn2);
-    if (bn2 && !BN_cmp(bn1, bn2)) {
+    if (!BN_cmp(bn1, bn2)) {
 	return Qtrue;
     }
     return Qfalse;

data/ext/openssl/ossl_bn.h CHANGED Viewed

@@ -15,8 +15,10 @@ extern VALUE eBNError;
 extern BN_CTX *ossl_bn_ctx;
+#define GetBNPtr(obj) ossl_bn_value_ptr(&(obj))
 VALUE ossl_bn_new(const BIGNUM *);
-BIGNUM *GetBNPtr(VALUE);
+BIGNUM *ossl_bn_value_ptr(volatile VALUE *);
 void Init_ossl_bn(void);

data/ext/openssl/ossl_engine.c CHANGED Viewed

@@ -287,7 +287,7 @@ ossl_engine_finish(VALUE self)
  * This returns an OpenSSL::Cipher by +name+, if it is available in this
  * engine.
  *
- * A EngineError will be raised if the cipher is unavailable.
+ * An EngineError will be raised if the cipher is unavailable.
  *
  *    e = OpenSSL::Engine.by_id("openssl")
  *     => #<OpenSSL::Engine id="openssl" name="Software engine support">

data/ext/openssl/ossl_pkey_ec.c CHANGED Viewed

@@ -1635,7 +1635,7 @@ static VALUE ossl_ec_point_mul(int argc, VALUE *argv, VALUE self)
 	 * points  | self    | arg2[0] | arg2[1] | ...
 	 */
 	long i, num;
-	VALUE tmp_p, tmp_b;
+	VALUE bns_tmp, tmp_p, tmp_b;
 	const EC_POINT **points;
 	const BIGNUM **bignums;
@@ -1645,9 +1645,13 @@ static VALUE ossl_ec_point_mul(int argc, VALUE *argv, VALUE self)
 	    ossl_raise(rb_eArgError, "bns must be 1 longer than points; see the documentation");
 	num = RARRAY_LEN(arg1);
+	bns_tmp = rb_ary_tmp_new(num);
 	bignums = ALLOCV_N(const BIGNUM *, tmp_b, num);
-	for (i = 0; i < num; i++)
-	    bignums[i] = GetBNPtr(RARRAY_AREF(arg1, i));
+	for (i = 0; i < num; i++) {
+	    VALUE item = RARRAY_AREF(arg1, i);
+	    bignums[i] = GetBNPtr(item);
+	    rb_ary_push(bns_tmp, item);
+	}
 	points = ALLOCV_N(const EC_POINT *, tmp_p, num);
 	points[0] = point_self; /* self */

data/ext/openssl/ossl_ssl.c CHANGED Viewed

@@ -32,7 +32,8 @@ VALUE cSSLSocket;
 static VALUE eSSLErrorWaitReadable;
 static VALUE eSSLErrorWaitWritable;
-static ID ID_callback_state, id_tmp_dh_callback, id_tmp_ecdh_callback;
+static ID ID_callback_state, id_tmp_dh_callback, id_tmp_ecdh_callback,
+	  id_npn_protocols_encoded;
 static VALUE sym_exception, sym_wait_readable, sym_wait_writable;
 static ID id_i_cert_store, id_i_ca_file, id_i_ca_path, id_i_verify_mode,
@@ -892,6 +893,7 @@ ossl_sslctx_setup(VALUE self)
     val = rb_attr_get(self, id_i_npn_protocols);
     if (!NIL_P(val)) {
 	VALUE encoded = ssl_encode_npn_protocols(val);
+	rb_ivar_set(self, id_npn_protocols_encoded, encoded);
 	SSL_CTX_set_next_protos_advertised_cb(ctx, ssl_npn_advertise_cb, (void *)encoded);
 	OSSL_Debug("SSL NPN advertise callback added");
     }
@@ -2712,6 +2714,7 @@ Init_ossl_ssl(void)
     id_tmp_dh_callback = rb_intern("tmp_dh_callback");
     id_tmp_ecdh_callback = rb_intern("tmp_ecdh_callback");
+    id_npn_protocols_encoded = rb_intern("npn_protocols_encoded");
 #define DefIVarID(name) do \
     id_i_##name = rb_intern("@"#name); while (0)

data/ext/openssl/ossl_version.h CHANGED Viewed

@@ -10,6 +10,6 @@
 #if !defined(_OSSL_VERSION_H_)
 #define _OSSL_VERSION_H_
-#define OSSL_VERSION "2.0.0"
+#define OSSL_VERSION "2.0.1"
 #endif /* _OSSL_VERSION_H_ */

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: openssl
 version: !ruby/object:Gem::Version
-  version: 2.0.0
+  version: 2.0.1
 platform: ruby
 authors:
 - Martin Bosslet
@@ -11,7 +11,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-11-30 00:00:00.000000000 Z
+date: 2016-12-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake