ruby-tls 2.3.3 → 2.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/ruby-tls/ssl.rb +74 -46
- data/lib/ruby-tls/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7c9c124353ba1b6a23290984f4c5056d9b329ec1
|
|
4
|
+
data.tar.gz: 430655662c8f8431463ba77c902b2f9adb28ab64
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4994faf8f0fc967c12419b2a998017f9a2a738525ccdfb5ae09c6dad5442b0eec2851c852a3342c6ad62264313f653e461a6403f449216f4aae438a562ea7e1b
|
|
7
|
+
data.tar.gz: 0a090301d6ebc62c2719120cb55164ad05bee8dbf09e1cda9ee85779ed6f7affa5092c90d609c28e3cd2a795c6dca7bcd7420106e708c2585444593f05116652
|
data/lib/ruby-tls/ssl.rb
CHANGED
|
@@ -10,16 +10,15 @@ module RubyTls
|
|
|
10
10
|
module SSL
|
|
11
11
|
extend FFI::Library
|
|
12
12
|
if FFI::Platform.windows?
|
|
13
|
-
|
|
13
|
+
begin
|
|
14
|
+
ffi_lib 'libeay32', 'ssleay32'
|
|
15
|
+
rescue LoadError
|
|
16
|
+
ffi_lib 'libcrypto-1_1-x64', 'libssl-1_1-x64'
|
|
17
|
+
end
|
|
14
18
|
else
|
|
15
19
|
ffi_lib 'ssl'
|
|
16
20
|
end
|
|
17
21
|
|
|
18
|
-
attach_function :SSL_library_init, [], :int
|
|
19
|
-
attach_function :SSL_load_error_strings, [], :void
|
|
20
|
-
attach_function :ERR_load_crypto_strings, [], :void
|
|
21
|
-
|
|
22
|
-
|
|
23
22
|
# Common structures
|
|
24
23
|
typedef :pointer, :user_data
|
|
25
24
|
typedef :pointer, :bio
|
|
@@ -33,14 +32,36 @@ module RubyTls
|
|
|
33
32
|
typedef :int, :pass_length
|
|
34
33
|
typedef :int, :read_write_flag
|
|
35
34
|
|
|
35
|
+
SSL_ST_OK = 0x03
|
|
36
|
+
begin
|
|
37
|
+
attach_function :SSL_library_init, [], :int
|
|
38
|
+
attach_function :SSL_load_error_strings, [], :void
|
|
39
|
+
attach_function :ERR_load_crypto_strings, [], :void
|
|
36
40
|
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
41
|
+
attach_function :SSL_state, [:ssl], :int
|
|
42
|
+
def self.SSL_is_init_finished(ssl)
|
|
43
|
+
SSL_state(ssl) == SSL_ST_OK
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
OPENSSL_V1_1 = false
|
|
47
|
+
rescue FFI::NotFoundError
|
|
48
|
+
OPENSSL_V1_1 = true
|
|
49
|
+
OPENSSL_INIT_LOAD_SSL_STRINGS = 0x200000
|
|
50
|
+
OPENSSL_INIT_NO_LOAD_SSL_STRINGS = 0x100000
|
|
51
|
+
attach_function :OPENSSL_init_ssl, [:uint64_t, :pointer], :int
|
|
52
|
+
|
|
53
|
+
attach_function :SSL_get_state, [:ssl], :int
|
|
54
|
+
def self.SSL_is_init_finished(ssl)
|
|
55
|
+
SSL_get_state(ssl) == SSL_ST_OK
|
|
56
|
+
end
|
|
57
|
+
end
|
|
43
58
|
|
|
59
|
+
# Multi-threaded support
|
|
60
|
+
#callback :locking_cb, [:int, :int, :string, :int], :void
|
|
61
|
+
#callback :thread_id_cb, [], :ulong
|
|
62
|
+
#attach_function :CRYPTO_num_locks, [], :int
|
|
63
|
+
#attach_function :CRYPTO_set_locking_callback, [:locking_cb], :void
|
|
64
|
+
#attach_function :CRYPTO_set_id_callback, [:thread_id_cb], :void
|
|
44
65
|
|
|
45
66
|
# InitializeDefaultCredentials
|
|
46
67
|
attach_function :BIO_new_mem_buf, [:string, :buffer_length], :bio
|
|
@@ -54,13 +75,6 @@ module RubyTls
|
|
|
54
75
|
|
|
55
76
|
attach_function :BIO_free, [:bio], :int
|
|
56
77
|
|
|
57
|
-
# CONSTANTS
|
|
58
|
-
SSL_ST_OK = 0x03
|
|
59
|
-
attach_function :SSL_state, [:ssl], :int
|
|
60
|
-
def self.SSL_is_init_finished(ssl)
|
|
61
|
-
SSL_state(ssl) == SSL_ST_OK
|
|
62
|
-
end
|
|
63
|
-
|
|
64
78
|
# GetPeerCert
|
|
65
79
|
attach_function :SSL_get_peer_certificate, [:ssl], :x509
|
|
66
80
|
|
|
@@ -120,6 +134,21 @@ module RubyTls
|
|
|
120
134
|
begin
|
|
121
135
|
attach_function :TLS_server_method, [], :pointer
|
|
122
136
|
attach_function :TLS_client_method, [], :pointer
|
|
137
|
+
rescue FFI::NotFoundError
|
|
138
|
+
attach_function :SSLv23_server_method, [], :pointer
|
|
139
|
+
attach_function :SSLv23_client_method, [], :pointer
|
|
140
|
+
|
|
141
|
+
def self.TLS_server_method; self.SSLv23_server_method; end
|
|
142
|
+
def self.TLS_client_method; self.SSLv23_client_method; end
|
|
143
|
+
end
|
|
144
|
+
|
|
145
|
+
# Version can be one of:
|
|
146
|
+
# :SSL3, :TLS1, :TLS1_1, :TLS1_2, :TLS1_3, :TLS_MAX
|
|
147
|
+
begin
|
|
148
|
+
attach_function :SSL_CTX_set_min_proto_version, [:ssl_ctx, :int], :int
|
|
149
|
+
attach_function :SSL_CTX_set_max_proto_version, [:ssl_ctx, :int], :int
|
|
150
|
+
|
|
151
|
+
VERSION_SUPPORTED = true
|
|
123
152
|
|
|
124
153
|
SSL3_VERSION = 0x0300
|
|
125
154
|
TLS1_VERSION = 0x0301
|
|
@@ -128,18 +157,11 @@ module RubyTls
|
|
|
128
157
|
TLS1_3_VERSION = 0x0304
|
|
129
158
|
TLS_MAX_VERSION = TLS1_3_VERSION
|
|
130
159
|
ANY_VERSION = 0
|
|
131
|
-
attach_function :SSL_CTX_set_min_proto_version, [:ssl_ctx, :int], :int
|
|
132
|
-
attach_function :SSL_CTX_set_max_proto_version, [:ssl_ctx, :int], :int
|
|
133
|
-
VERSION_SUPPORTED = true
|
|
134
160
|
rescue FFI::NotFoundError
|
|
135
|
-
attach_function :SSLv23_server_method, [], :pointer
|
|
136
|
-
attach_function :SSLv23_client_method, [], :pointer
|
|
137
|
-
|
|
138
|
-
def self.TLS_server_method; self.SSLv23_server_method; end
|
|
139
|
-
def self.TLS_client_method; self.SSLv23_client_method; end
|
|
140
|
-
|
|
141
161
|
VERSION_SUPPORTED = false
|
|
142
162
|
end
|
|
163
|
+
|
|
164
|
+
|
|
143
165
|
attach_function :SSL_CTX_new, [:pointer], :ssl_ctx
|
|
144
166
|
|
|
145
167
|
attach_function :SSL_CTX_ctrl, [:ssl_ctx, :int, :ulong, :pointer], :long
|
|
@@ -287,10 +309,13 @@ keystr
|
|
|
287
309
|
# INIT CODE
|
|
288
310
|
@init_required ||= false
|
|
289
311
|
unless @init_required
|
|
290
|
-
|
|
291
|
-
|
|
292
|
-
|
|
293
|
-
|
|
312
|
+
if OPENSSL_V1_1
|
|
313
|
+
self.OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, ::FFI::Pointer::NULL)
|
|
314
|
+
else
|
|
315
|
+
self.SSL_load_error_strings
|
|
316
|
+
self.SSL_library_init
|
|
317
|
+
self.ERR_load_crypto_strings
|
|
318
|
+
end
|
|
294
319
|
|
|
295
320
|
# Setup multi-threaded support
|
|
296
321
|
#SSL_LOCKS = []
|
|
@@ -401,20 +426,23 @@ keystr
|
|
|
401
426
|
|
|
402
427
|
# Version can be one of:
|
|
403
428
|
# :SSL3, :TLS1, :TLS1_1, :TLS1_2, :TLS1_3, :TLS_MAX
|
|
404
|
-
|
|
405
|
-
|
|
406
|
-
|
|
407
|
-
|
|
408
|
-
|
|
409
|
-
|
|
410
|
-
|
|
411
|
-
|
|
412
|
-
|
|
413
|
-
|
|
414
|
-
|
|
415
|
-
|
|
416
|
-
|
|
417
|
-
|
|
429
|
+
if SSL::VERSION_SUPPORTED
|
|
430
|
+
def set_min_proto_version(version)
|
|
431
|
+
num = SSL.const_get("#{version}_VERSION")
|
|
432
|
+
SSL.SSL_CTX_set_min_proto_version(@ssl_ctx, num) == 1
|
|
433
|
+
rescue NameError
|
|
434
|
+
false
|
|
435
|
+
end
|
|
436
|
+
|
|
437
|
+
def set_max_proto_version(version)
|
|
438
|
+
num = SSL.const_get("#{version}_VERSION")
|
|
439
|
+
SSL.SSL_CTX_set_max_proto_version(@ssl_ctx, num) == 1
|
|
440
|
+
rescue NameError
|
|
441
|
+
false
|
|
442
|
+
end
|
|
443
|
+
else
|
|
444
|
+
def set_min_proto_version(version); false; end
|
|
445
|
+
def set_max_proto_version(version); false; end
|
|
418
446
|
end
|
|
419
447
|
|
|
420
448
|
def cleanup
|
data/lib/ruby-tls/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ruby-tls
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Stephen von Takach
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-11-12 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: ffi-compiler
|
|
@@ -115,8 +115,8 @@ signing_key:
|
|
|
115
115
|
specification_version: 4
|
|
116
116
|
summary: Abstract TLS for Ruby
|
|
117
117
|
test_files:
|
|
118
|
-
- spec/alpn_spec.rb
|
|
119
118
|
- spec/client.crt
|
|
120
|
-
- spec/client.key
|
|
121
119
|
- spec/comms_spec.rb
|
|
122
120
|
- spec/verify_spec.rb
|
|
121
|
+
- spec/alpn_spec.rb
|
|
122
|
+
- spec/client.key
|