rubysl-openssl 1.0.2 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (74) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +5 -6
  3. data/ext/rubysl/openssl/.gitignore +3 -0
  4. data/ext/rubysl/openssl/deprecation.rb +21 -0
  5. data/ext/rubysl/openssl/extconf.rb +45 -32
  6. data/ext/rubysl/openssl/openssl_missing.c +20 -7
  7. data/ext/rubysl/openssl/openssl_missing.h +22 -15
  8. data/ext/rubysl/openssl/ossl.c +610 -61
  9. data/ext/rubysl/openssl/ossl.h +31 -17
  10. data/ext/rubysl/openssl/ossl_asn1.c +974 -183
  11. data/ext/rubysl/openssl/ossl_asn1.h +3 -3
  12. data/ext/rubysl/openssl/ossl_bio.c +4 -3
  13. data/ext/rubysl/openssl/ossl_bio.h +1 -1
  14. data/ext/rubysl/openssl/ossl_bn.c +32 -28
  15. data/ext/rubysl/openssl/ossl_bn.h +1 -1
  16. data/ext/rubysl/openssl/ossl_cipher.c +494 -93
  17. data/ext/rubysl/openssl/ossl_cipher.h +1 -1
  18. data/ext/rubysl/openssl/ossl_config.c +4 -5
  19. data/ext/rubysl/openssl/ossl_config.h +1 -1
  20. data/ext/rubysl/openssl/ossl_digest.c +206 -24
  21. data/ext/rubysl/openssl/ossl_digest.h +1 -1
  22. data/ext/rubysl/openssl/ossl_engine.c +48 -26
  23. data/ext/rubysl/openssl/ossl_engine.h +1 -1
  24. data/ext/rubysl/openssl/ossl_hmac.c +40 -38
  25. data/ext/rubysl/openssl/ossl_hmac.h +1 -1
  26. data/ext/rubysl/openssl/ossl_ns_spki.c +157 -25
  27. data/ext/rubysl/openssl/ossl_ns_spki.h +1 -1
  28. data/ext/rubysl/openssl/ossl_ocsp.c +57 -40
  29. data/ext/rubysl/openssl/ossl_ocsp.h +1 -1
  30. data/ext/rubysl/openssl/ossl_pkcs12.c +15 -13
  31. data/ext/rubysl/openssl/ossl_pkcs12.h +1 -1
  32. data/ext/rubysl/openssl/ossl_pkcs5.c +108 -18
  33. data/ext/rubysl/openssl/ossl_pkcs7.c +44 -37
  34. data/ext/rubysl/openssl/ossl_pkcs7.h +1 -1
  35. data/ext/rubysl/openssl/ossl_pkey.c +211 -15
  36. data/ext/rubysl/openssl/ossl_pkey.h +19 -9
  37. data/ext/rubysl/openssl/ossl_pkey_dh.c +180 -47
  38. data/ext/rubysl/openssl/ossl_pkey_dsa.c +184 -47
  39. data/ext/rubysl/openssl/ossl_pkey_ec.c +177 -93
  40. data/ext/rubysl/openssl/ossl_pkey_rsa.c +209 -102
  41. data/ext/rubysl/openssl/ossl_rand.c +15 -15
  42. data/ext/rubysl/openssl/ossl_rand.h +1 -1
  43. data/ext/rubysl/openssl/ossl_ssl.c +939 -192
  44. data/ext/rubysl/openssl/ossl_ssl.h +6 -6
  45. data/ext/rubysl/openssl/ossl_ssl_session.c +78 -62
  46. data/ext/rubysl/openssl/ossl_version.h +2 -2
  47. data/ext/rubysl/openssl/ossl_x509.c +1 -1
  48. data/ext/rubysl/openssl/ossl_x509.h +1 -1
  49. data/ext/rubysl/openssl/ossl_x509attr.c +20 -19
  50. data/ext/rubysl/openssl/ossl_x509cert.c +169 -67
  51. data/ext/rubysl/openssl/ossl_x509crl.c +41 -39
  52. data/ext/rubysl/openssl/ossl_x509ext.c +51 -38
  53. data/ext/rubysl/openssl/ossl_x509name.c +139 -29
  54. data/ext/rubysl/openssl/ossl_x509req.c +42 -40
  55. data/ext/rubysl/openssl/ossl_x509revoked.c +20 -20
  56. data/ext/rubysl/openssl/ossl_x509store.c +99 -47
  57. data/ext/rubysl/openssl/ruby_missing.h +3 -16
  58. data/lib/openssl/bn.rb +19 -19
  59. data/lib/openssl/buffering.rb +222 -14
  60. data/lib/openssl/cipher.rb +20 -20
  61. data/lib/openssl/config.rb +1 -4
  62. data/lib/openssl/digest.rb +47 -19
  63. data/lib/openssl/ssl.rb +197 -1
  64. data/lib/openssl/x509.rb +162 -1
  65. data/lib/rubysl/openssl.rb +4 -8
  66. data/lib/rubysl/openssl/version.rb +1 -1
  67. data/rubysl-openssl.gemspec +1 -2
  68. metadata +16 -34
  69. data/ext/rubysl/openssl/extconf.h +0 -50
  70. data/lib/openssl/net/ftptls.rb +0 -53
  71. data/lib/openssl/net/telnets.rb +0 -251
  72. data/lib/openssl/pkcs7.rb +0 -25
  73. data/lib/openssl/ssl-internal.rb +0 -187
  74. data/lib/openssl/x509-internal.rb +0 -153
@@ -1,5 +1,5 @@
1
1
  /*
2
- * $Id: ruby_missing.h 12496 2007-06-08 15:02:04Z technorama $
2
+ * $Id$
3
3
  * 'OpenSSL for Ruby' project
4
4
  * Copyright (C) 2001-2003 Michal Rokos <m.rokos@sh.cvut.cz>
5
5
  * All rights reserved.
@@ -12,11 +12,11 @@
12
12
  #define _OSSL_RUBY_MISSING_H_
13
13
 
14
14
  #define rb_define_copy_func(klass, func) \
15
- rb_define_method(klass, "initialize_copy", func, 1)
15
+ rb_define_method((klass), "initialize_copy", (func), 1)
16
16
 
17
17
 
18
18
  #ifndef GetReadFile
19
- #define FPTR_TO_FD(fptr) (fptr->fd)
19
+ #define FPTR_TO_FD(fptr) ((fptr)->fd)
20
20
  #else
21
21
  #define FPTR_TO_FD(fptr) (fileno(GetReadFile(fptr)))
22
22
  #endif
@@ -25,17 +25,4 @@
25
25
  #define rb_io_t OpenFile
26
26
  #endif
27
27
 
28
- #ifndef HAVE_RB_STR_SET_LEN
29
- /* these methods should probably be backported to 1.8 */
30
- #define rb_str_set_len(str, length) do { \
31
- RSTRING(str)->ptr[length] = 0; \
32
- RSTRING(str)->len = length; \
33
- } while(0)
34
- #endif /* ! HAVE_RB_STR_SET_LEN */
35
-
36
- #ifndef HAVE_RB_BLOCK_CALL
37
- /* the openssl module doesn't use arg[3-4] and arg2 is always rb_each */
38
- #define rb_block_call(arg1, arg2, arg3, arg4, arg5, arg6) rb_iterate(rb_each, arg1, arg5, arg6)
39
- #endif /* ! HAVE_RB_BLOCK_CALL */
40
-
41
28
  #endif /* _OSSL_RUBY_MISSING_H_ */
@@ -1,22 +1,22 @@
1
- =begin
2
- = $RCSfile$ -- Ruby-space definitions that completes C-space funcs for BN
3
-
4
- = Info
5
- 'OpenSSL for Ruby 2' project
6
- Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz>
7
- All rights reserved.
8
-
9
- = Licence
10
- This program is licenced under the same licence as Ruby.
11
- (See the file 'LICENCE'.)
12
-
13
- = Version
14
- $Id: bn.rb 31657 2011-05-20 22:25:35Z shyouhei $
15
- =end
16
-
17
- ##
18
- # Should we care what if somebody require this file directly?
19
- #require 'openssl'
1
+ #--
2
+ #
3
+ # $RCSfile$
4
+ #
5
+ # = Ruby-space definitions that completes C-space funcs for BN
6
+ #
7
+ # = Info
8
+ # 'OpenSSL for Ruby 2' project
9
+ # Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz>
10
+ # All rights reserved.
11
+ #
12
+ # = Licence
13
+ # This program is licenced under the same licence as Ruby.
14
+ # (See the file 'LICENCE'.)
15
+ #
16
+ # = Version
17
+ # $Id$
18
+ #
19
+ #++
20
20
 
21
21
  module OpenSSL
22
22
  class BN
@@ -11,13 +11,27 @@
11
11
  (See the file 'LICENCE'.)
12
12
 
13
13
  = Version
14
- $Id: buffering.rb 28004 2010-05-24 23:58:49Z shyouhei $
14
+ $Id$
15
15
  =end
16
16
 
17
- module OpenSSL
18
- module Buffering
17
+ ##
18
+ # OpenSSL IO buffering mix-in module.
19
+ #
20
+ # This module allows an OpenSSL::SSL::SSLSocket to behave like an IO.
21
+
22
+ module OpenSSL::Buffering
19
23
  include Enumerable
24
+
25
+ ##
26
+ # The "sync mode" of the SSLSocket.
27
+ #
28
+ # See IO#sync for full details.
29
+
20
30
  attr_accessor :sync
31
+
32
+ ##
33
+ # Default size to read from or write to the SSLSocket for buffer operations.
34
+
21
35
  BLOCK_SIZE = 1024*16
22
36
 
23
37
  def initialize(*args)
@@ -31,6 +45,9 @@ module Buffering
31
45
  #
32
46
  private
33
47
 
48
+ ##
49
+ # Fills the buffer from the underlying SSLSocket
50
+
34
51
  def fill_rbuff
35
52
  begin
36
53
  @rbuffer << self.sysread(BLOCK_SIZE)
@@ -41,6 +58,9 @@ module Buffering
41
58
  end
42
59
  end
43
60
 
61
+ ##
62
+ # Consumes +size+ bytes from the buffer
63
+
44
64
  def consume_rbuff(size=nil)
45
65
  if @rbuffer.empty?
46
66
  nil
@@ -54,14 +74,20 @@ module Buffering
54
74
 
55
75
  public
56
76
 
77
+ ##
78
+ # Reads +size+ bytes from the stream. If +buf+ is provided it must
79
+ # reference a string which will receive the data.
80
+ #
81
+ # See IO#read for full details.
82
+
57
83
  def read(size=nil, buf=nil)
58
84
  if size == 0
59
85
  if buf
60
86
  buf.clear
87
+ return buf
61
88
  else
62
- buf = ""
89
+ return ""
63
90
  end
64
- return @eof ? nil : buf
65
91
  end
66
92
  until @eof
67
93
  break if size && size <= @rbuffer.size
@@ -75,14 +101,20 @@ module Buffering
75
101
  (size && ret.empty?) ? nil : ret
76
102
  end
77
103
 
104
+ ##
105
+ # Reads at most +maxlen+ bytes from the stream. If +buf+ is provided it
106
+ # must reference a string which will receive the data.
107
+ #
108
+ # See IO#readpartial for full details.
109
+
78
110
  def readpartial(maxlen, buf=nil)
79
111
  if maxlen == 0
80
112
  if buf
81
113
  buf.clear
114
+ return buf
82
115
  else
83
- buf = ""
116
+ return ""
84
117
  end
85
- return @eof ? nil : buf
86
118
  end
87
119
  if @rbuffer.empty?
88
120
  begin
@@ -100,7 +132,68 @@ module Buffering
100
132
  ret
101
133
  end
102
134
 
103
- def gets(eol=$/)
135
+ ##
136
+ # Reads at most +maxlen+ bytes in the non-blocking manner.
137
+ #
138
+ # When no data can be read without blocking it raises
139
+ # OpenSSL::SSL::SSLError extended by IO::WaitReadable or IO::WaitWritable.
140
+ #
141
+ # IO::WaitReadable means SSL needs to read internally so read_nonblock
142
+ # should be called again when the underlying IO is readable.
143
+ #
144
+ # IO::WaitWritable means SSL needs to write internally so read_nonblock
145
+ # should be called again after the underlying IO is writable.
146
+ #
147
+ # OpenSSL::Buffering#read_nonblock needs two rescue clause as follows:
148
+ #
149
+ # # emulates blocking read (readpartial).
150
+ # begin
151
+ # result = ssl.read_nonblock(maxlen)
152
+ # rescue IO::WaitReadable
153
+ # IO.select([io])
154
+ # retry
155
+ # rescue IO::WaitWritable
156
+ # IO.select(nil, [io])
157
+ # retry
158
+ # end
159
+ #
160
+ # Note that one reason that read_nonblock writes to the underlying IO is
161
+ # when the peer requests a new TLS/SSL handshake. See openssl the FAQ for
162
+ # more details. http://www.openssl.org/support/faq.html
163
+
164
+ def read_nonblock(maxlen, buf=nil)
165
+ if maxlen == 0
166
+ if buf
167
+ buf.clear
168
+ return buf
169
+ else
170
+ return ""
171
+ end
172
+ end
173
+ if @rbuffer.empty?
174
+ return sysread_nonblock(maxlen, buf)
175
+ end
176
+ ret = consume_rbuff(maxlen)
177
+ if buf
178
+ buf.replace(ret)
179
+ ret = buf
180
+ end
181
+ raise EOFError if ret.empty?
182
+ ret
183
+ end
184
+
185
+ ##
186
+ # Reads the next "line+ from the stream. Lines are separated by +eol+. If
187
+ # +limit+ is provided the result will not be longer than the given number of
188
+ # bytes.
189
+ #
190
+ # +eol+ may be a String or Regexp.
191
+ #
192
+ # Unlike IO#gets the line read will not be assigned to +$_+.
193
+ #
194
+ # Unlike IO#gets the separator must be provided if a limit is provided.
195
+
196
+ def gets(eol=$/, limit=nil)
104
197
  idx = @rbuffer.index(eol)
105
198
  until @eof
106
199
  break if idx
@@ -112,9 +205,18 @@ module Buffering
112
205
  else
113
206
  size = idx ? idx+eol.size : nil
114
207
  end
208
+ if limit and limit >= 0
209
+ size = [size, limit].min
210
+ end
115
211
  consume_rbuff(size)
116
212
  end
117
213
 
214
+ ##
215
+ # Executes the block for every line in the stream where lines are separated
216
+ # by +eol+.
217
+ #
218
+ # See also #gets
219
+
118
220
  def each(eol=$/)
119
221
  while line = self.gets(eol)
120
222
  yield line
@@ -122,6 +224,11 @@ module Buffering
122
224
  end
123
225
  alias each_line each
124
226
 
227
+ ##
228
+ # Reads lines from the stream which are separated by +eol+.
229
+ #
230
+ # See also #gets
231
+
125
232
  def readlines(eol=$/)
126
233
  ary = []
127
234
  while line = self.gets(eol)
@@ -130,31 +237,58 @@ module Buffering
130
237
  ary
131
238
  end
132
239
 
240
+ ##
241
+ # Reads a line from the stream which is separated by +eol+.
242
+ #
243
+ # Raises EOFError if at end of file.
244
+
133
245
  def readline(eol=$/)
134
246
  raise EOFError if eof?
135
247
  gets(eol)
136
248
  end
137
249
 
250
+ ##
251
+ # Reads one character from the stream. Returns nil if called at end of
252
+ # file.
253
+
138
254
  def getc
139
- c = read(1)
140
- c ? c[0] : nil
255
+ read(1)
141
256
  end
142
257
 
143
- def each_byte
258
+ ##
259
+ # Calls the given block once for each byte in the stream.
260
+
261
+ def each_byte # :yields: byte
144
262
  while c = getc
145
- yield(c)
263
+ yield(c.ord)
146
264
  end
147
265
  end
148
266
 
267
+ ##
268
+ # Reads a one-character string from the stream. Raises an EOFError at end
269
+ # of file.
270
+
149
271
  def readchar
150
272
  raise EOFError if eof?
151
273
  getc
152
274
  end
153
275
 
276
+ ##
277
+ # Pushes character +c+ back onto the stream such that a subsequent buffered
278
+ # character read will return it.
279
+ #
280
+ # Unlike IO#getc multiple bytes may be pushed back onto the stream.
281
+ #
282
+ # Has no effect on unbuffered reads (such as #sysread).
283
+
154
284
  def ungetc(c)
155
285
  @rbuffer[0,0] = c.chr
156
286
  end
157
287
 
288
+ ##
289
+ # Returns true if the stream is at file which means there is no more data to
290
+ # be read.
291
+
158
292
  def eof?
159
293
  fill_rbuff if !@eof && @rbuffer.empty?
160
294
  @eof && @rbuffer.empty?
@@ -166,9 +300,14 @@ module Buffering
166
300
  #
167
301
  private
168
302
 
303
+ ##
304
+ # Writes +s+ to the buffer. When the buffer is full or #sync is true the
305
+ # buffer is flushed to the underlying socket.
306
+
169
307
  def do_write(s)
170
308
  @wbuffer = "" unless defined? @wbuffer
171
309
  @wbuffer << s
310
+ @wbuffer.force_encoding(Encoding::BINARY)
172
311
  @sync ||= false
173
312
  if @sync or @wbuffer.size > BLOCK_SIZE or idx = @wbuffer.rindex($/)
174
313
  remain = idx ? idx + $/.size : @wbuffer.length
@@ -189,16 +328,67 @@ module Buffering
189
328
 
190
329
  public
191
330
 
331
+ ##
332
+ # Writes +s+ to the stream. If the argument is not a string it will be
333
+ # converted using String#to_s. Returns the number of bytes written.
334
+
192
335
  def write(s)
193
336
  do_write(s)
194
- s.length
337
+ s.bytesize
338
+ end
339
+
340
+ ##
341
+ # Writes +str+ in the non-blocking manner.
342
+ #
343
+ # If there is buffered data, it is flushed first. This may block.
344
+ #
345
+ # write_nonblock returns number of bytes written to the SSL connection.
346
+ #
347
+ # When no data can be written without blocking it raises
348
+ # OpenSSL::SSL::SSLError extended by IO::WaitReadable or IO::WaitWritable.
349
+ #
350
+ # IO::WaitReadable means SSL needs to read internally so write_nonblock
351
+ # should be called again after the underlying IO is readable.
352
+ #
353
+ # IO::WaitWritable means SSL needs to write internally so write_nonblock
354
+ # should be called again after underlying IO is writable.
355
+ #
356
+ # So OpenSSL::Buffering#write_nonblock needs two rescue clause as follows.
357
+ #
358
+ # # emulates blocking write.
359
+ # begin
360
+ # result = ssl.write_nonblock(str)
361
+ # rescue IO::WaitReadable
362
+ # IO.select([io])
363
+ # retry
364
+ # rescue IO::WaitWritable
365
+ # IO.select(nil, [io])
366
+ # retry
367
+ # end
368
+ #
369
+ # Note that one reason that write_nonblock reads from the underlying IO
370
+ # is when the peer requests a new TLS/SSL handshake. See the openssl FAQ
371
+ # for more details. http://www.openssl.org/support/faq.html
372
+
373
+ def write_nonblock(s)
374
+ flush
375
+ syswrite_nonblock(s)
195
376
  end
196
377
 
378
+ ##
379
+ # Writes +s+ to the stream. +s+ will be converted to a String using
380
+ # String#to_s.
381
+
197
382
  def << (s)
198
383
  do_write(s)
199
384
  self
200
385
  end
201
386
 
387
+ ##
388
+ # Writes +args+ to the stream along with a record separator.
389
+ #
390
+ # See IO#puts for full details.
391
+
202
392
  def puts(*args)
203
393
  s = ""
204
394
  if args.empty?
@@ -214,6 +404,11 @@ module Buffering
214
404
  nil
215
405
  end
216
406
 
407
+ ##
408
+ # Writes +args+ to the stream.
409
+ #
410
+ # See IO#print for full details.
411
+
217
412
  def print(*args)
218
413
  s = ""
219
414
  args.each{ |arg| s << arg.to_s }
@@ -221,21 +416,34 @@ module Buffering
221
416
  nil
222
417
  end
223
418
 
419
+ ##
420
+ # Formats and writes to the stream converting parameters under control of
421
+ # the format string.
422
+ #
423
+ # See Kernel#sprintf for format string details.
424
+
224
425
  def printf(s, *args)
225
426
  do_write(s % args)
226
427
  nil
227
428
  end
228
429
 
430
+ ##
431
+ # Flushes buffered data to the SSLSocket.
432
+
229
433
  def flush
230
434
  osync = @sync
231
435
  @sync = true
232
436
  do_write ""
437
+ return self
438
+ ensure
233
439
  @sync = osync
234
440
  end
235
441
 
442
+ ##
443
+ # Closes the SSLSocket and flushes any unwritten data.
444
+
236
445
  def close
237
446
  flush rescue nil
238
447
  sysclose
239
448
  end
240
449
  end
241
- end