rubysl-openssl 1.0.2 → 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +5 -6
- data/ext/rubysl/openssl/.gitignore +3 -0
- data/ext/rubysl/openssl/deprecation.rb +21 -0
- data/ext/rubysl/openssl/extconf.rb +45 -32
- data/ext/rubysl/openssl/openssl_missing.c +20 -7
- data/ext/rubysl/openssl/openssl_missing.h +22 -15
- data/ext/rubysl/openssl/ossl.c +610 -61
- data/ext/rubysl/openssl/ossl.h +31 -17
- data/ext/rubysl/openssl/ossl_asn1.c +974 -183
- data/ext/rubysl/openssl/ossl_asn1.h +3 -3
- data/ext/rubysl/openssl/ossl_bio.c +4 -3
- data/ext/rubysl/openssl/ossl_bio.h +1 -1
- data/ext/rubysl/openssl/ossl_bn.c +32 -28
- data/ext/rubysl/openssl/ossl_bn.h +1 -1
- data/ext/rubysl/openssl/ossl_cipher.c +494 -93
- data/ext/rubysl/openssl/ossl_cipher.h +1 -1
- data/ext/rubysl/openssl/ossl_config.c +4 -5
- data/ext/rubysl/openssl/ossl_config.h +1 -1
- data/ext/rubysl/openssl/ossl_digest.c +206 -24
- data/ext/rubysl/openssl/ossl_digest.h +1 -1
- data/ext/rubysl/openssl/ossl_engine.c +48 -26
- data/ext/rubysl/openssl/ossl_engine.h +1 -1
- data/ext/rubysl/openssl/ossl_hmac.c +40 -38
- data/ext/rubysl/openssl/ossl_hmac.h +1 -1
- data/ext/rubysl/openssl/ossl_ns_spki.c +157 -25
- data/ext/rubysl/openssl/ossl_ns_spki.h +1 -1
- data/ext/rubysl/openssl/ossl_ocsp.c +57 -40
- data/ext/rubysl/openssl/ossl_ocsp.h +1 -1
- data/ext/rubysl/openssl/ossl_pkcs12.c +15 -13
- data/ext/rubysl/openssl/ossl_pkcs12.h +1 -1
- data/ext/rubysl/openssl/ossl_pkcs5.c +108 -18
- data/ext/rubysl/openssl/ossl_pkcs7.c +44 -37
- data/ext/rubysl/openssl/ossl_pkcs7.h +1 -1
- data/ext/rubysl/openssl/ossl_pkey.c +211 -15
- data/ext/rubysl/openssl/ossl_pkey.h +19 -9
- data/ext/rubysl/openssl/ossl_pkey_dh.c +180 -47
- data/ext/rubysl/openssl/ossl_pkey_dsa.c +184 -47
- data/ext/rubysl/openssl/ossl_pkey_ec.c +177 -93
- data/ext/rubysl/openssl/ossl_pkey_rsa.c +209 -102
- data/ext/rubysl/openssl/ossl_rand.c +15 -15
- data/ext/rubysl/openssl/ossl_rand.h +1 -1
- data/ext/rubysl/openssl/ossl_ssl.c +939 -192
- data/ext/rubysl/openssl/ossl_ssl.h +6 -6
- data/ext/rubysl/openssl/ossl_ssl_session.c +78 -62
- data/ext/rubysl/openssl/ossl_version.h +2 -2
- data/ext/rubysl/openssl/ossl_x509.c +1 -1
- data/ext/rubysl/openssl/ossl_x509.h +1 -1
- data/ext/rubysl/openssl/ossl_x509attr.c +20 -19
- data/ext/rubysl/openssl/ossl_x509cert.c +169 -67
- data/ext/rubysl/openssl/ossl_x509crl.c +41 -39
- data/ext/rubysl/openssl/ossl_x509ext.c +51 -38
- data/ext/rubysl/openssl/ossl_x509name.c +139 -29
- data/ext/rubysl/openssl/ossl_x509req.c +42 -40
- data/ext/rubysl/openssl/ossl_x509revoked.c +20 -20
- data/ext/rubysl/openssl/ossl_x509store.c +99 -47
- data/ext/rubysl/openssl/ruby_missing.h +3 -16
- data/lib/openssl/bn.rb +19 -19
- data/lib/openssl/buffering.rb +222 -14
- data/lib/openssl/cipher.rb +20 -20
- data/lib/openssl/config.rb +1 -4
- data/lib/openssl/digest.rb +47 -19
- data/lib/openssl/ssl.rb +197 -1
- data/lib/openssl/x509.rb +162 -1
- data/lib/rubysl/openssl.rb +4 -8
- data/lib/rubysl/openssl/version.rb +1 -1
- data/rubysl-openssl.gemspec +1 -2
- metadata +16 -34
- data/ext/rubysl/openssl/extconf.h +0 -50
- data/lib/openssl/net/ftptls.rb +0 -53
- data/lib/openssl/net/telnets.rb +0 -251
- data/lib/openssl/pkcs7.rb +0 -25
- data/lib/openssl/ssl-internal.rb +0 -187
- data/lib/openssl/x509-internal.rb +0 -153
@@ -1,5 +1,5 @@
|
|
1
1
|
/*
|
2
|
-
* $Id
|
2
|
+
* $Id$
|
3
3
|
* 'OpenSSL for Ruby' project
|
4
4
|
* Copyright (C) 2001-2003 Michal Rokos <m.rokos@sh.cvut.cz>
|
5
5
|
* All rights reserved.
|
@@ -12,11 +12,11 @@
|
|
12
12
|
#define _OSSL_RUBY_MISSING_H_
|
13
13
|
|
14
14
|
#define rb_define_copy_func(klass, func) \
|
15
|
-
rb_define_method(klass, "initialize_copy", func, 1)
|
15
|
+
rb_define_method((klass), "initialize_copy", (func), 1)
|
16
16
|
|
17
17
|
|
18
18
|
#ifndef GetReadFile
|
19
|
-
#define FPTR_TO_FD(fptr) (fptr->fd)
|
19
|
+
#define FPTR_TO_FD(fptr) ((fptr)->fd)
|
20
20
|
#else
|
21
21
|
#define FPTR_TO_FD(fptr) (fileno(GetReadFile(fptr)))
|
22
22
|
#endif
|
@@ -25,17 +25,4 @@
|
|
25
25
|
#define rb_io_t OpenFile
|
26
26
|
#endif
|
27
27
|
|
28
|
-
#ifndef HAVE_RB_STR_SET_LEN
|
29
|
-
/* these methods should probably be backported to 1.8 */
|
30
|
-
#define rb_str_set_len(str, length) do { \
|
31
|
-
RSTRING(str)->ptr[length] = 0; \
|
32
|
-
RSTRING(str)->len = length; \
|
33
|
-
} while(0)
|
34
|
-
#endif /* ! HAVE_RB_STR_SET_LEN */
|
35
|
-
|
36
|
-
#ifndef HAVE_RB_BLOCK_CALL
|
37
|
-
/* the openssl module doesn't use arg[3-4] and arg2 is always rb_each */
|
38
|
-
#define rb_block_call(arg1, arg2, arg3, arg4, arg5, arg6) rb_iterate(rb_each, arg1, arg5, arg6)
|
39
|
-
#endif /* ! HAVE_RB_BLOCK_CALL */
|
40
|
-
|
41
28
|
#endif /* _OSSL_RUBY_MISSING_H_ */
|
data/lib/openssl/bn.rb
CHANGED
@@ -1,22 +1,22 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
#
|
19
|
-
|
1
|
+
#--
|
2
|
+
#
|
3
|
+
# $RCSfile$
|
4
|
+
#
|
5
|
+
# = Ruby-space definitions that completes C-space funcs for BN
|
6
|
+
#
|
7
|
+
# = Info
|
8
|
+
# 'OpenSSL for Ruby 2' project
|
9
|
+
# Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz>
|
10
|
+
# All rights reserved.
|
11
|
+
#
|
12
|
+
# = Licence
|
13
|
+
# This program is licenced under the same licence as Ruby.
|
14
|
+
# (See the file 'LICENCE'.)
|
15
|
+
#
|
16
|
+
# = Version
|
17
|
+
# $Id$
|
18
|
+
#
|
19
|
+
#++
|
20
20
|
|
21
21
|
module OpenSSL
|
22
22
|
class BN
|
data/lib/openssl/buffering.rb
CHANGED
@@ -11,13 +11,27 @@
|
|
11
11
|
(See the file 'LICENCE'.)
|
12
12
|
|
13
13
|
= Version
|
14
|
-
$Id
|
14
|
+
$Id$
|
15
15
|
=end
|
16
16
|
|
17
|
-
|
18
|
-
module
|
17
|
+
##
|
18
|
+
# OpenSSL IO buffering mix-in module.
|
19
|
+
#
|
20
|
+
# This module allows an OpenSSL::SSL::SSLSocket to behave like an IO.
|
21
|
+
|
22
|
+
module OpenSSL::Buffering
|
19
23
|
include Enumerable
|
24
|
+
|
25
|
+
##
|
26
|
+
# The "sync mode" of the SSLSocket.
|
27
|
+
#
|
28
|
+
# See IO#sync for full details.
|
29
|
+
|
20
30
|
attr_accessor :sync
|
31
|
+
|
32
|
+
##
|
33
|
+
# Default size to read from or write to the SSLSocket for buffer operations.
|
34
|
+
|
21
35
|
BLOCK_SIZE = 1024*16
|
22
36
|
|
23
37
|
def initialize(*args)
|
@@ -31,6 +45,9 @@ module Buffering
|
|
31
45
|
#
|
32
46
|
private
|
33
47
|
|
48
|
+
##
|
49
|
+
# Fills the buffer from the underlying SSLSocket
|
50
|
+
|
34
51
|
def fill_rbuff
|
35
52
|
begin
|
36
53
|
@rbuffer << self.sysread(BLOCK_SIZE)
|
@@ -41,6 +58,9 @@ module Buffering
|
|
41
58
|
end
|
42
59
|
end
|
43
60
|
|
61
|
+
##
|
62
|
+
# Consumes +size+ bytes from the buffer
|
63
|
+
|
44
64
|
def consume_rbuff(size=nil)
|
45
65
|
if @rbuffer.empty?
|
46
66
|
nil
|
@@ -54,14 +74,20 @@ module Buffering
|
|
54
74
|
|
55
75
|
public
|
56
76
|
|
77
|
+
##
|
78
|
+
# Reads +size+ bytes from the stream. If +buf+ is provided it must
|
79
|
+
# reference a string which will receive the data.
|
80
|
+
#
|
81
|
+
# See IO#read for full details.
|
82
|
+
|
57
83
|
def read(size=nil, buf=nil)
|
58
84
|
if size == 0
|
59
85
|
if buf
|
60
86
|
buf.clear
|
87
|
+
return buf
|
61
88
|
else
|
62
|
-
|
89
|
+
return ""
|
63
90
|
end
|
64
|
-
return @eof ? nil : buf
|
65
91
|
end
|
66
92
|
until @eof
|
67
93
|
break if size && size <= @rbuffer.size
|
@@ -75,14 +101,20 @@ module Buffering
|
|
75
101
|
(size && ret.empty?) ? nil : ret
|
76
102
|
end
|
77
103
|
|
104
|
+
##
|
105
|
+
# Reads at most +maxlen+ bytes from the stream. If +buf+ is provided it
|
106
|
+
# must reference a string which will receive the data.
|
107
|
+
#
|
108
|
+
# See IO#readpartial for full details.
|
109
|
+
|
78
110
|
def readpartial(maxlen, buf=nil)
|
79
111
|
if maxlen == 0
|
80
112
|
if buf
|
81
113
|
buf.clear
|
114
|
+
return buf
|
82
115
|
else
|
83
|
-
|
116
|
+
return ""
|
84
117
|
end
|
85
|
-
return @eof ? nil : buf
|
86
118
|
end
|
87
119
|
if @rbuffer.empty?
|
88
120
|
begin
|
@@ -100,7 +132,68 @@ module Buffering
|
|
100
132
|
ret
|
101
133
|
end
|
102
134
|
|
103
|
-
|
135
|
+
##
|
136
|
+
# Reads at most +maxlen+ bytes in the non-blocking manner.
|
137
|
+
#
|
138
|
+
# When no data can be read without blocking it raises
|
139
|
+
# OpenSSL::SSL::SSLError extended by IO::WaitReadable or IO::WaitWritable.
|
140
|
+
#
|
141
|
+
# IO::WaitReadable means SSL needs to read internally so read_nonblock
|
142
|
+
# should be called again when the underlying IO is readable.
|
143
|
+
#
|
144
|
+
# IO::WaitWritable means SSL needs to write internally so read_nonblock
|
145
|
+
# should be called again after the underlying IO is writable.
|
146
|
+
#
|
147
|
+
# OpenSSL::Buffering#read_nonblock needs two rescue clause as follows:
|
148
|
+
#
|
149
|
+
# # emulates blocking read (readpartial).
|
150
|
+
# begin
|
151
|
+
# result = ssl.read_nonblock(maxlen)
|
152
|
+
# rescue IO::WaitReadable
|
153
|
+
# IO.select([io])
|
154
|
+
# retry
|
155
|
+
# rescue IO::WaitWritable
|
156
|
+
# IO.select(nil, [io])
|
157
|
+
# retry
|
158
|
+
# end
|
159
|
+
#
|
160
|
+
# Note that one reason that read_nonblock writes to the underlying IO is
|
161
|
+
# when the peer requests a new TLS/SSL handshake. See openssl the FAQ for
|
162
|
+
# more details. http://www.openssl.org/support/faq.html
|
163
|
+
|
164
|
+
def read_nonblock(maxlen, buf=nil)
|
165
|
+
if maxlen == 0
|
166
|
+
if buf
|
167
|
+
buf.clear
|
168
|
+
return buf
|
169
|
+
else
|
170
|
+
return ""
|
171
|
+
end
|
172
|
+
end
|
173
|
+
if @rbuffer.empty?
|
174
|
+
return sysread_nonblock(maxlen, buf)
|
175
|
+
end
|
176
|
+
ret = consume_rbuff(maxlen)
|
177
|
+
if buf
|
178
|
+
buf.replace(ret)
|
179
|
+
ret = buf
|
180
|
+
end
|
181
|
+
raise EOFError if ret.empty?
|
182
|
+
ret
|
183
|
+
end
|
184
|
+
|
185
|
+
##
|
186
|
+
# Reads the next "line+ from the stream. Lines are separated by +eol+. If
|
187
|
+
# +limit+ is provided the result will not be longer than the given number of
|
188
|
+
# bytes.
|
189
|
+
#
|
190
|
+
# +eol+ may be a String or Regexp.
|
191
|
+
#
|
192
|
+
# Unlike IO#gets the line read will not be assigned to +$_+.
|
193
|
+
#
|
194
|
+
# Unlike IO#gets the separator must be provided if a limit is provided.
|
195
|
+
|
196
|
+
def gets(eol=$/, limit=nil)
|
104
197
|
idx = @rbuffer.index(eol)
|
105
198
|
until @eof
|
106
199
|
break if idx
|
@@ -112,9 +205,18 @@ module Buffering
|
|
112
205
|
else
|
113
206
|
size = idx ? idx+eol.size : nil
|
114
207
|
end
|
208
|
+
if limit and limit >= 0
|
209
|
+
size = [size, limit].min
|
210
|
+
end
|
115
211
|
consume_rbuff(size)
|
116
212
|
end
|
117
213
|
|
214
|
+
##
|
215
|
+
# Executes the block for every line in the stream where lines are separated
|
216
|
+
# by +eol+.
|
217
|
+
#
|
218
|
+
# See also #gets
|
219
|
+
|
118
220
|
def each(eol=$/)
|
119
221
|
while line = self.gets(eol)
|
120
222
|
yield line
|
@@ -122,6 +224,11 @@ module Buffering
|
|
122
224
|
end
|
123
225
|
alias each_line each
|
124
226
|
|
227
|
+
##
|
228
|
+
# Reads lines from the stream which are separated by +eol+.
|
229
|
+
#
|
230
|
+
# See also #gets
|
231
|
+
|
125
232
|
def readlines(eol=$/)
|
126
233
|
ary = []
|
127
234
|
while line = self.gets(eol)
|
@@ -130,31 +237,58 @@ module Buffering
|
|
130
237
|
ary
|
131
238
|
end
|
132
239
|
|
240
|
+
##
|
241
|
+
# Reads a line from the stream which is separated by +eol+.
|
242
|
+
#
|
243
|
+
# Raises EOFError if at end of file.
|
244
|
+
|
133
245
|
def readline(eol=$/)
|
134
246
|
raise EOFError if eof?
|
135
247
|
gets(eol)
|
136
248
|
end
|
137
249
|
|
250
|
+
##
|
251
|
+
# Reads one character from the stream. Returns nil if called at end of
|
252
|
+
# file.
|
253
|
+
|
138
254
|
def getc
|
139
|
-
|
140
|
-
c ? c[0] : nil
|
255
|
+
read(1)
|
141
256
|
end
|
142
257
|
|
143
|
-
|
258
|
+
##
|
259
|
+
# Calls the given block once for each byte in the stream.
|
260
|
+
|
261
|
+
def each_byte # :yields: byte
|
144
262
|
while c = getc
|
145
|
-
yield(c)
|
263
|
+
yield(c.ord)
|
146
264
|
end
|
147
265
|
end
|
148
266
|
|
267
|
+
##
|
268
|
+
# Reads a one-character string from the stream. Raises an EOFError at end
|
269
|
+
# of file.
|
270
|
+
|
149
271
|
def readchar
|
150
272
|
raise EOFError if eof?
|
151
273
|
getc
|
152
274
|
end
|
153
275
|
|
276
|
+
##
|
277
|
+
# Pushes character +c+ back onto the stream such that a subsequent buffered
|
278
|
+
# character read will return it.
|
279
|
+
#
|
280
|
+
# Unlike IO#getc multiple bytes may be pushed back onto the stream.
|
281
|
+
#
|
282
|
+
# Has no effect on unbuffered reads (such as #sysread).
|
283
|
+
|
154
284
|
def ungetc(c)
|
155
285
|
@rbuffer[0,0] = c.chr
|
156
286
|
end
|
157
287
|
|
288
|
+
##
|
289
|
+
# Returns true if the stream is at file which means there is no more data to
|
290
|
+
# be read.
|
291
|
+
|
158
292
|
def eof?
|
159
293
|
fill_rbuff if !@eof && @rbuffer.empty?
|
160
294
|
@eof && @rbuffer.empty?
|
@@ -166,9 +300,14 @@ module Buffering
|
|
166
300
|
#
|
167
301
|
private
|
168
302
|
|
303
|
+
##
|
304
|
+
# Writes +s+ to the buffer. When the buffer is full or #sync is true the
|
305
|
+
# buffer is flushed to the underlying socket.
|
306
|
+
|
169
307
|
def do_write(s)
|
170
308
|
@wbuffer = "" unless defined? @wbuffer
|
171
309
|
@wbuffer << s
|
310
|
+
@wbuffer.force_encoding(Encoding::BINARY)
|
172
311
|
@sync ||= false
|
173
312
|
if @sync or @wbuffer.size > BLOCK_SIZE or idx = @wbuffer.rindex($/)
|
174
313
|
remain = idx ? idx + $/.size : @wbuffer.length
|
@@ -189,16 +328,67 @@ module Buffering
|
|
189
328
|
|
190
329
|
public
|
191
330
|
|
331
|
+
##
|
332
|
+
# Writes +s+ to the stream. If the argument is not a string it will be
|
333
|
+
# converted using String#to_s. Returns the number of bytes written.
|
334
|
+
|
192
335
|
def write(s)
|
193
336
|
do_write(s)
|
194
|
-
s.
|
337
|
+
s.bytesize
|
338
|
+
end
|
339
|
+
|
340
|
+
##
|
341
|
+
# Writes +str+ in the non-blocking manner.
|
342
|
+
#
|
343
|
+
# If there is buffered data, it is flushed first. This may block.
|
344
|
+
#
|
345
|
+
# write_nonblock returns number of bytes written to the SSL connection.
|
346
|
+
#
|
347
|
+
# When no data can be written without blocking it raises
|
348
|
+
# OpenSSL::SSL::SSLError extended by IO::WaitReadable or IO::WaitWritable.
|
349
|
+
#
|
350
|
+
# IO::WaitReadable means SSL needs to read internally so write_nonblock
|
351
|
+
# should be called again after the underlying IO is readable.
|
352
|
+
#
|
353
|
+
# IO::WaitWritable means SSL needs to write internally so write_nonblock
|
354
|
+
# should be called again after underlying IO is writable.
|
355
|
+
#
|
356
|
+
# So OpenSSL::Buffering#write_nonblock needs two rescue clause as follows.
|
357
|
+
#
|
358
|
+
# # emulates blocking write.
|
359
|
+
# begin
|
360
|
+
# result = ssl.write_nonblock(str)
|
361
|
+
# rescue IO::WaitReadable
|
362
|
+
# IO.select([io])
|
363
|
+
# retry
|
364
|
+
# rescue IO::WaitWritable
|
365
|
+
# IO.select(nil, [io])
|
366
|
+
# retry
|
367
|
+
# end
|
368
|
+
#
|
369
|
+
# Note that one reason that write_nonblock reads from the underlying IO
|
370
|
+
# is when the peer requests a new TLS/SSL handshake. See the openssl FAQ
|
371
|
+
# for more details. http://www.openssl.org/support/faq.html
|
372
|
+
|
373
|
+
def write_nonblock(s)
|
374
|
+
flush
|
375
|
+
syswrite_nonblock(s)
|
195
376
|
end
|
196
377
|
|
378
|
+
##
|
379
|
+
# Writes +s+ to the stream. +s+ will be converted to a String using
|
380
|
+
# String#to_s.
|
381
|
+
|
197
382
|
def << (s)
|
198
383
|
do_write(s)
|
199
384
|
self
|
200
385
|
end
|
201
386
|
|
387
|
+
##
|
388
|
+
# Writes +args+ to the stream along with a record separator.
|
389
|
+
#
|
390
|
+
# See IO#puts for full details.
|
391
|
+
|
202
392
|
def puts(*args)
|
203
393
|
s = ""
|
204
394
|
if args.empty?
|
@@ -214,6 +404,11 @@ module Buffering
|
|
214
404
|
nil
|
215
405
|
end
|
216
406
|
|
407
|
+
##
|
408
|
+
# Writes +args+ to the stream.
|
409
|
+
#
|
410
|
+
# See IO#print for full details.
|
411
|
+
|
217
412
|
def print(*args)
|
218
413
|
s = ""
|
219
414
|
args.each{ |arg| s << arg.to_s }
|
@@ -221,21 +416,34 @@ module Buffering
|
|
221
416
|
nil
|
222
417
|
end
|
223
418
|
|
419
|
+
##
|
420
|
+
# Formats and writes to the stream converting parameters under control of
|
421
|
+
# the format string.
|
422
|
+
#
|
423
|
+
# See Kernel#sprintf for format string details.
|
424
|
+
|
224
425
|
def printf(s, *args)
|
225
426
|
do_write(s % args)
|
226
427
|
nil
|
227
428
|
end
|
228
429
|
|
430
|
+
##
|
431
|
+
# Flushes buffered data to the SSLSocket.
|
432
|
+
|
229
433
|
def flush
|
230
434
|
osync = @sync
|
231
435
|
@sync = true
|
232
436
|
do_write ""
|
437
|
+
return self
|
438
|
+
ensure
|
233
439
|
@sync = osync
|
234
440
|
end
|
235
441
|
|
442
|
+
##
|
443
|
+
# Closes the SSLSocket and flushes any unwritten data.
|
444
|
+
|
236
445
|
def close
|
237
446
|
flush rescue nil
|
238
447
|
sysclose
|
239
448
|
end
|
240
449
|
end
|
241
|
-
end
|