rubysl-openssl 1.0.2 → 2.0.0

data/lib/openssl/pkcs7.rb

@@ -1,25 +0,0 @@
-=begin
-= $RCSfile$ -- PKCS7
-
-= Licence
-  This program is licenced under the same licence as Ruby.
-  (See the file 'LICENCE'.)
-
-= Version
-  $Id: digest.rb 12148 2007-04-05 05:59:22Z technorama $
-=end
-
-module OpenSSL
-  class PKCS7
-    # This class is only provided for backwards compatibility.  Use OpenSSL::PKCS7 in the future.
-    class PKCS7 < PKCS7
-      def initialize(*args)
-        super(*args)
-
-        warn("Warning: OpenSSL::PKCS7::PKCS7 is deprecated after Ruby 1.9; use OpenSSL::PKCS7 instead")
-      end
-    end
-
-  end # PKCS7
-end # OpenSSL
-

data/lib/openssl/ssl-internal.rb

@@ -1,187 +0,0 @@
-=begin
-= $RCSfile$ -- Ruby-space definitions that completes C-space funcs for SSL
-
-= Info
-  'OpenSSL for Ruby 2' project
-  Copyright (C) 2001 GOTOU YUUZOU <gotoyuzo@notwork.org>
-  All rights reserved.
-
-= Licence
-  This program is licenced under the same licence as Ruby.
-  (See the file 'LICENCE'.)
-
-= Version
-  $Id$
-=end
-
-require "openssl/buffering"
-require "fcntl"
-
-module OpenSSL
-  module SSL
-    class SSLContext
-      DEFAULT_PARAMS = {
-        :ssl_version => "SSLv23",
-        :verify_mode => OpenSSL::SSL::VERIFY_PEER,
-        :ciphers => "ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW",
-        :options => OpenSSL::SSL::OP_ALL,
-      }
-
-      DEFAULT_CERT_STORE = OpenSSL::X509::Store.new
-      DEFAULT_CERT_STORE.set_default_paths
-      if defined?(OpenSSL::X509::V_FLAG_CRL_CHECK_ALL)
-        DEFAULT_CERT_STORE.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
-      end
-
-      def set_params(params={})
-        params = DEFAULT_PARAMS.merge(params)
-        # ssl_version need to be set at first.
-        self.ssl_version = params.delete(:ssl_version)
-        params.each{|name, value| self.__send__("#{name}=", value) }
-        if self.verify_mode != OpenSSL::SSL::VERIFY_NONE
-          unless self.ca_file or self.ca_path or self.cert_store
-            self.cert_store = DEFAULT_CERT_STORE
-          end
-        end
-        return params
-      end
-    end
-
-    module SocketForwarder
-      def addr
-        to_io.addr
-      end
-
-      def peeraddr
-        to_io.peeraddr
-      end
-
-      def setsockopt(level, optname, optval)
-        to_io.setsockopt(level, optname, optval)
-      end
-
-      def getsockopt(level, optname)
-        to_io.getsockopt(level, optname)
-      end
-
-      def fcntl(*args)
-        to_io.fcntl(*args)
-      end
-
-      def closed?
-        to_io.closed?
-      end
-
-      def do_not_reverse_lookup=(flag)
-        to_io.do_not_reverse_lookup = flag
-      end
-    end
-
-    module Nonblock
-      def initialize(*args)
-        flag = File::NONBLOCK
-        flag |= @io.fcntl(Fcntl::F_GETFL) if defined?(Fcntl::F_GETFL)
-        @io.fcntl(Fcntl::F_SETFL, flag)
-        super
-      end
-    end
-
-    def verify_certificate_identity(cert, hostname)
-      should_verify_common_name = true
-      cert.extensions.each{|ext|
-        next if ext.oid != "subjectAltName"
-        ostr = OpenSSL::ASN1.decode(ext.to_der).value.last
-        sequence = OpenSSL::ASN1.decode(ostr.value)
-        sequence.value.each{|san|
-          case san.tag
-          when 2 # dNSName in GeneralName (RFC5280)
-            should_verify_common_name = false
-            reg = Regexp.escape(san.value).gsub(/\\\*/, "[^.]+")
-            return true if /\A#{reg}\z/i =~ hostname
-          when 7 # iPAddress in GeneralName (RFC5280)
-            should_verify_common_name = false
-            # follows GENERAL_NAME_print() in x509v3/v3_alt.c
-            if san.value.size == 4
-              return true if san.value.unpack('C*').join('.') == hostname
-            elsif san.value.size == 16
-              return true if san.value.unpack('n*').map { |e| sprintf("%X", e) }.join(':') == hostname
-            end
-          end
-        }
-      }
-      if should_verify_common_name
-        cert.subject.to_a.each{|oid, value|
-          if oid == "CN"
-            reg = Regexp.escape(value).gsub(/\\\*/, "[^.]+")
-            return true if /\A#{reg}\z/i =~ hostname
-          end
-        }
-      end
-      return false
-    end
-    module_function :verify_certificate_identity
-
-    class SSLSocket
-      include Buffering
-      include SocketForwarder
-      include Nonblock
-
-      def post_connection_check(hostname)
-        unless OpenSSL::SSL.verify_certificate_identity(peer_cert, hostname)
-          raise SSLError, "hostname was not match with the server certificate"
-        end
-        return true
-      end
-
-      def session
-        SSL::Session.new(self)
-      rescue SSL::Session::SessionError
-        nil
-      end
-    end
-
-    class SSLServer
-      include SocketForwarder
-      attr_accessor :start_immediately
-
-      def initialize(svr, ctx)
-        @svr = svr
-        @ctx = ctx
-        unless ctx.session_id_context
-          session_id = OpenSSL::Digest::MD5.hexdigest($0)
-          @ctx.session_id_context = session_id
-        end
-        @start_immediately = true
-      end
-
-      def to_io
-        @svr
-      end
-
-      def listen(backlog=5)
-        @svr.listen(backlog)
-      end
-
-      def shutdown(how=Socket::SHUT_RDWR)
-        @svr.shutdown(how)
-      end
-
-      def accept
-        sock = @svr.accept
-        begin
-          ssl = OpenSSL::SSL::SSLSocket.new(sock, @ctx)
-          ssl.sync_close = true
-          ssl.accept if @start_immediately
-          ssl
-        rescue SSLError => ex
-          sock.close
-          raise ex
-        end
-      end
-
-      def close
-        @svr.close
-      end
-    end
-  end
-end

data/lib/openssl/x509-internal.rb

@@ -1,153 +0,0 @@
-=begin
-= $RCSfile$ -- Ruby-space definitions that completes C-space funcs for X509 and subclasses
-
-= Info
-  'OpenSSL for Ruby 2' project
-  Copyright (C) 2002  Michal Rokos <m.rokos@sh.cvut.cz>
-  All rights reserved.
-
-= Licence
-  This program is licenced under the same licence as Ruby.
-  (See the file 'LICENCE'.)
-
-= Version
-  $Id$
-=end
-
-module OpenSSL
-  module X509
-    class ExtensionFactory
-      def create_extension(*arg)
-        if arg.size > 1
-          create_ext(*arg)
-        else
-          send("create_ext_from_"+arg[0].class.name.downcase, arg[0])
-        end
-      end
-
-      def create_ext_from_array(ary)
-        raise ExtensionError, "unexpected array form" if ary.size > 3
-        create_ext(ary[0], ary[1], ary[2])
-      end
-
-      def create_ext_from_string(str) # "oid = critical, value"
-        oid, value = str.split(/=/, 2)
-        oid.strip!
-        value.strip!
-        create_ext(oid, value)
-      end
-
-      def create_ext_from_hash(hash)
-        create_ext(hash["oid"], hash["value"], hash["critical"])
-      end
-    end
-
-    class Extension
-      def to_s # "oid = critical, value"
-        str = self.oid
-        str << " = "
-        str << "critical, " if self.critical?
-        str << self.value.gsub(/\n/, ", ")
-      end
-
-      def to_h # {"oid"=>sn|ln, "value"=>value, "critical"=>true|false}
-        {"oid"=>self.oid,"value"=>self.value,"critical"=>self.critical?}
-      end
-
-      def to_a
-        [ self.oid, self.value, self.critical? ]
-      end
-    end
-
-    class Name
-      module RFC2253DN
-        Special = ',=+<>#;'
-        HexChar = /[0-9a-fA-F]/
-        HexPair = /#{HexChar}#{HexChar}/
-        HexString = /#{HexPair}+/
-        Pair = /\\(?:[#{Special}]|\\|"|#{HexPair})/
-        StringChar = /[^#{Special}\\"]/
-        QuoteChar = /[^\\"]/
-        AttributeType = /[a-zA-Z][0-9a-zA-Z]*|[0-9]+(?:\.[0-9]+)*/
-        AttributeValue = /
-          (?!["#])((?:#{StringChar}|#{Pair})*)|
-          \#(#{HexString})|
-          "((?:#{QuoteChar}|#{Pair})*)"
-        /x
-        TypeAndValue = /\A(#{AttributeType})=#{AttributeValue}/
-
-        module_function
-
-        def expand_pair(str)
-          return nil unless str
-          return str.gsub(Pair){
-            pair = $&
-            case pair.size
-            when 2 then pair[1,1]
-            when 3 then Integer("0x#{pair[1,2]}").chr
-            else raise OpenSSL::X509::NameError, "invalid pair: #{str}"
-            end
-          }
-        end
-
-        def expand_hexstring(str)
-          return nil unless str
-          der = str.gsub(HexPair){$&.to_i(16).chr }
-          a1 = OpenSSL::ASN1.decode(der)
-          return a1.value, a1.tag
-        end
-
-        def expand_value(str1, str2, str3)
-          value = expand_pair(str1)
-          value, tag = expand_hexstring(str2) unless value
-          value = expand_pair(str3) unless value
-          return value, tag
-        end
-
-        def scan(dn)
-          str = dn
-          ary = []
-          while true
-            if md = TypeAndValue.match(str)
-              matched = md.to_s
-              remain = md.post_match
-              type = md[1]
-              value, tag = expand_value(md[2], md[3], md[4]) rescue nil
-              if value
-                type_and_value = [type, value]
-                type_and_value.push(tag) if tag
-                ary.unshift(type_and_value)
-                if remain.length > 2 && remain[0] == ?,
-                  str = remain[1..-1]
-                  next
-                elsif remain.length > 2 && remain[0] == ?+
-                  raise OpenSSL::X509::NameError,
-                    "multi-valued RDN is not supported: #{dn}"
-                elsif remain.empty?
-                  break
-                end
-              end
-            end
-            msg_dn = dn[0, dn.length - str.length] + " =>" + str
-            raise OpenSSL::X509::NameError, "malformed RDN: #{msg_dn}"
-          end
-          return ary
-        end
-      end
-
-      class <<self
-        def parse_rfc2253(str, template=OBJECT_TYPE_TEMPLATE)
-          ary = OpenSSL::X509::Name::RFC2253DN.scan(str)
-          self.new(ary, template)
-        end
-
-        def parse_openssl(str, template=OBJECT_TYPE_TEMPLATE)
-          ary = str.scan(/\s*([^\/,]+)\s*/).collect{|i| i[0].split("=", 2) }
-          self.new(ary, template)
-        end
-
-        alias parse parse_openssl
-      end
-    end
-  end
-end