RubyGems - openssl - Versions diffs - 3.3.2-java → 4.0.0-java - Mend

openssl 3.3.2-java → 4.0.0-java

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bf9522ee11a31ec94832d43bc4c2ce1a39da5b441c90cebe6c7815ecb23ca00c
-  data.tar.gz: b13e65b9d6b6e90b0b0fa7d537c588895812e2179e0e10d3adb665a727bd8d84
+  metadata.gz: 2b967c76683184d75678e4af5039f2c090e371a7b959de0e688a110aca3389b7
+  data.tar.gz: e0ff2f9b4ea73289a5849650998eeb06e0516fd73f3d32482a4c50fedd154f0a
 SHA512:
-  metadata.gz: 0bb619e1823453ccdc51253f42d23c5214e8410041d122c1114ae54eb389096715a873e2253c1a76b89475636d3e51b6d25b81ed33662d7ce19aae00a45506f2
-  data.tar.gz: b0f133dd8e31b31b383a61c1c8cc93300fc5b182c33c05eb12db725652b12397f6b5c3e50a0812595b48d7e650d365acae48d9c1e577755db429e4d7e41d6e8d
+  metadata.gz: 11741bae344dd5f2a7d66774a595ebdd388f2b449fe46a538fce3067a1e22c49304f05316f7009d7d7728909846d3888a82a43c55437c0f4c8e094b9db91ba93
+  data.tar.gz: b41f010f681e515a59ed35fc5013743e0fef315ea31f412c434e0d29d367e5488bd7b9ae9dad65c324e04f35350032ffd1b0e77df7466823a6a948ce61d76fa7

data/CONTRIBUTING.md CHANGED Viewed

@@ -224,6 +224,9 @@ $ OPENSSL_CONF=$OPENSSL_DIR/ssl/openssl_fips.cnf \
 The GitHub Actions workflow file [`test.yml`][GitHub test.yml] contains useful
 information for building OpenSSL/LibreSSL and testing against them.
+## Debugging
+You can use the `OpenSSL.debug = true` to print additional error strings.
 ## Relation with Ruby source tree

data/History.md CHANGED Viewed

@@ -1,3 +1,88 @@
+Version 4.0.0
+=============
+Compatibility
+-------------
+* Ruby >= 2.7
+* OpenSSL >= 1.1.1, LibreSSL >= 3.9, and AWS-LC 1.66.0
+  - Removed support for OpenSSL 1.0.2-1.1.0 and LibreSSL 3.1-3.8.
+    [[GitHub #835]](https://github.com/ruby/openssl/issues/835)
+  - Added support for AWS-LC.
+    [[GitHub #833]](https://github.com/ruby/openssl/issues/833)
+Notable changes
+---------------
+* `OpenSSL::SSL`
+  - Reduce overhead when writing to `OpenSSL::SSL::SSLSocket`. `#syswrite` no
+    longer creates a temporary String object.
+    [[GitHub #831]](https://github.com/ruby/openssl/pull/831)
+  - Make `OpenSSL::SSL::SSLContext#min_version=` and `#max_version=` wrap the
+    corresponding OpenSSL APIs directly, and remove the fallback to SSL options.
+    [[GitHub #849]](https://github.com/ruby/openssl/pull/849)
+  - Add `OpenSSL::SSL::SSLContext#sigalgs=` and `#client_sigalgs=` for
+    specifying signature algorithms to use for connections.
+    [[GitHub #895]](https://github.com/ruby/openssl/pull/895)
+  - Rename `OpenSSL::SSL::SSLContext#ecdh_curves=` to `#groups=` following
+    the underlying OpenSSL API rename. This method is no longer specific to
+    ECDHE. The old method remains as an alias.
+    [[GitHub #900]](https://github.com/ruby/openssl/pull/900)
+  - Add `OpenSSL::SSL::SSLSocket#sigalg`, `#peer_sigalg`, and `#group` for
+    getting the signature algorithm and the key agreement group used in the
+    current connection.
+    [[GitHub #908]](https://github.com/ruby/openssl/pull/908)
+  - Enable `SSL_CTX_set_dh_auto()` for servers by default.
+    [[GitHub #924]](https://github.com/ruby/openssl/pull/924)
+  - Improve Ractor compatibility. Note that the internal-use constant
+    `OpenSSL::SSL::SSLContext::DEFAULT_PARAMS` is now frozen.
+    [[GitHub #925]](https://github.com/ruby/openssl/pull/925)
+* `OpenSSL::PKey`
+  - Remove `OpenSSL::PKey::EC::Point#mul` support with array arguments. The
+    underlying OpenSSL API has been removed, and the method has been deprecated
+    since ruby/openssl v3.0.0.
+    [[GitHub #843]](https://github.com/ruby/openssl/pull/843)
+  - `OpenSSL::PKey::{RSA,DSA,DH}#params` uses `nil` to indicate missing fields
+    instead of the number `0`.
+    [[GitHub #774]](https://github.com/ruby/openssl/pull/774)
+  - Unify `OpenSSL::PKey::PKeyError` classes. The former subclasses
+    `OpenSSL::PKey::DHError`, `OpenSSL::PKey::DSAError`,
+    `OpenSSL::PKey::ECError`, and `OpenSSL::PKey::RSAError` have been merged
+    into a single class.
+    [[GitHub #929]](https://github.com/ruby/openssl/pull/929)
+* `OpenSSL::Cipher`
+  - `OpenSSL::Cipher#encrypt` and `#decrypt` no longer accept arguments.
+    Passing passwords has been deprecated since Ruby 1.8.2 (released in 2004).
+    [[GitHub #887]](https://github.com/ruby/openssl/pull/887)
+  - `OpenSSL::Cipher#final` raises `OpenSSL::Cipher::AuthTagError` when the
+    integrity check fails for AEAD ciphers. `OpenSSL::Cipher::AuthTagError` is a
+    new subclass of `OpenSSL::Cipher::CipherError`, which was previously raised.
+    [[GitHub #939]](https://github.com/ruby/openssl/pull/939)
+  - `OpenSSL::Cipher.new` now raises `OpenSSL::Cipher::CipherError` instead of
+    `RuntimeError` when OpenSSL does not recognize the algorithm.
+    [[GitHub #958]](https://github.com/ruby/openssl/pull/958)
+  - Add support for "fetched" cipher algorithms with OpenSSL 3.0 or later.
+    [[GitHub #958]](https://github.com/ruby/openssl/pull/958)
+* `OpenSSL::Digest`
+  - `OpenSSL::Digest.new` now raises `OpenSSL::Digest::DigestError` instead of
+    `RuntimeError` when OpenSSL does not recognize the algorithm.
+    [[GitHub #958]](https://github.com/ruby/openssl/pull/958)
+  - Add support for "fetched" digest algorithms with OpenSSL 3.0 or later.
+    [[GitHub #958]](https://github.com/ruby/openssl/pull/958)
+* `OpenSSL::ASN1.decode` now assumes a 1950-2049 year range for `UTCTime`
+  according to RFC 5280. It previously used a 1969-2068 range. The encoder
+  has always used the 1950-2049 range.
+  [[GitHub #909]](https://github.com/ruby/openssl/pull/909)
+* `OpenSSL::OpenSSLError`, the base class for all ruby/openssl errors, carry
+  an additional attribute `#errors` to keep the content of OpenSSL's error
+  queue. Also, add `#detailed_message` for Ruby 3.2 or later.
+  [[GitHub #976]](https://github.com/ruby/openssl/pull/976)
+* `OpenSSL::PKCS7.new` raises `OpenSSL::PKCS7::PKCS7Error` instead of
+  `ArgumentError` on error to be consistent with other constructors.
+  [[GitHub #983]](https://github.com/ruby/openssl/pull/983)
 Version 3.3.2
 =============

data/README.md CHANGED Viewed

@@ -16,17 +16,18 @@ the standard library of Ruby. This is called a [default gem].
 Each stable branch of OpenSSL for Ruby will remain supported as long as it is
 included as a default gem in [supported Ruby branches][Ruby Maintenance Branches].
-|Version|Maintenance status             |Ruby compatibility|OpenSSL compatibility                       |
-|-------|-------------------------------|------------------|--------------------------------------------|
-|3.3.x  |normal maintenance (Ruby 3.4)  |Ruby 2.7+         |OpenSSL 1.0.2-3.4 (current) or LibreSSL 3.1+|
-|3.2.x  |normal maintenance (Ruby 3.3)  |Ruby 2.7+         |OpenSSL 1.0.2-3.4 (current) or LibreSSL 3.1+|
-|3.1.x  |normal maintenance (Ruby 3.2)  |Ruby 2.6+         |OpenSSL 1.0.2-3.4 (current) or LibreSSL 3.1+|
-|3.0.x  |security maintenance (Ruby 3.1)|Ruby 2.6+         |OpenSSL 1.0.2-3.4 (current) or LibreSSL 3.1+|
-|2.2.x  |end-of-life (Ruby 3.0)         |Ruby 2.3+         |OpenSSL 1.0.1-1.1.1 or LibreSSL 2.9+        |
-|2.1.x  |end-of-life (Ruby 2.5-2.7)     |Ruby 2.3+         |OpenSSL 1.0.1-1.1.1 or LibreSSL 2.5+        |
-|2.0.x  |end-of-life (Ruby 2.4)         |Ruby 2.3+         |OpenSSL 0.9.8-1.1.1 or LibreSSL 2.3+        |
-[default gem]: https://docs.ruby-lang.org/en/master/standard_library_rdoc.html
+|Version|Minimum Ruby|OpenSSL compatibility                    |Bundled with|Maintenance  |
+|-------|------------|-----------------------------------------|------------|-------------|
+|4.0.x  |Ruby 2.7    |OpenSSL 1.1.1-3.x, LibreSSL 3.9+, AWS-LC |Ruby 4.0    |bug fixes    |
+|3.3.x  |Ruby 2.7    |OpenSSL 1.0.2-3.x, LibreSSL 3.1+         |Ruby 3.4    |bug fixes    |
+|3.2.x  |Ruby 2.7    |OpenSSL 1.0.2-3.x, LibreSSL 3.1+         |Ruby 3.3    |bug fixes    |
+|3.1.x  |Ruby 2.6    |OpenSSL 1.0.2-3.x, LibreSSL 3.1+         |Ruby 3.2    |security only|
+|3.0.x  |Ruby 2.6    |OpenSSL 1.0.2-3.x, LibreSSL 3.1+         |Ruby 3.1    |end-of-life  |
+|2.2.x  |Ruby 2.3    |OpenSSL 1.0.1-1.1.1, LibreSSL 2.9+       |Ruby 3.0    |end-of-life  |
+|2.1.x  |Ruby 2.3    |OpenSSL 1.0.1-1.1.1, LibreSSL 2.5+       |Ruby 2.5-2.7|end-of-life  |
+|2.0.x  |Ruby 2.3    |OpenSSL 0.9.8-1.1.1, LibreSSL 2.3+       |Ruby 2.4    |end-of-life  |
+[default gem]: https://docs.ruby-lang.org/en/master/standard_library_md.html
 [Ruby Maintenance Branches]: https://www.ruby-lang.org/en/downloads/branches/
 ## Installation

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: openssl
 version: !ruby/object:Gem::Version
-  version: 3.3.2
+  version: 4.0.0
 platform: java
 authors:
 - Martin Bosslet