delta/ruby.git/ext/openssl, branch ruby_2_1 github.com: ruby/ruby.git merge revision(s) 54258: [Backport #12182] 2016-03-29T12:17:03+00:00 usa usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-03-29T12:17:03+00:00 289889a654c25174faa7093ff8d3162e92f41806 * ext/openssl/extconf.rb: check SSL_CTX_set_next_proto_select_cb function rather than OPENSSL_NPN_NEGOTIATED macro. it exists even if it is disabled by OpenSSL configuration. [ruby-core:74384] [Bug #12182] * ext/openssl/ossl_ssl.c: update #ifdef(s) as above. * test/openssl/test_ssl.rb: skip NPN tests if NPN is disabled. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@54397 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/extconf.rb: check SSL_CTX_set_next_proto_select_cb
	  function rather than OPENSSL_NPN_NEGOTIATED macro. it exists
	  even if it is disabled by OpenSSL configuration.
	  [ruby-core:74384] [Bug #12182]

	* ext/openssl/ossl_ssl.c: update #ifdef(s) as above.

	* test/openssl/test_ssl.rb: skip NPN tests if NPN is disabled.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@54397 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 54097: [Backport #12069] 2016-03-25T09:36:13+00:00 usa usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-03-25T09:36:13+00:00 32299d987b69d02cdd3ca4a8c33c68233cfad4cd * ext/openssl/ossl_ssl.c (ossl_sslctx_setup): document as MT-unsafe [ruby-core:73803] [Bug #12069] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@54282 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/ossl_ssl.c (ossl_sslctx_setup): document as MT-unsafe
	  [ruby-core:73803] [Bug #12069]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@54282 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 46108,46209,46223,46297,48223,48224: [Backport #12168] 2016-03-25T09:06:16+00:00 usa usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-03-25T09:06:16+00:00 d82440ff9cb17b8a32a5eeb7dd838588468b39f4 * test/openssl: Join threads. * ext/openssl/ossl_ssl.c (ossl_ssl_close): Fix sync_close to work when SSL is not started. This fix the fd leak by test_https_proxy_authentication in test/net/http/test_https_proxy.rb. * ext/openssl/lib/openssl/ssl.rb (SSLServer#accept): Close a socket if any exception occur. * test/ruby/envutil.rb (assert_join_threads): New assertion to join multiple threads without exceptions. * test/openssl/utils.rb (start_server, server_loop): Use a pipe to stop server instead of shutdown/close a listening socket. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@54272 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* test/openssl: Join threads.

	* ext/openssl/ossl_ssl.c (ossl_ssl_close): Fix sync_close to work
	  when SSL is not started.
	  This fix the fd leak by test_https_proxy_authentication in
	  test/net/http/test_https_proxy.rb.

	* ext/openssl/lib/openssl/ssl.rb (SSLServer#accept): Close a socket
	  if any exception occur. 

	* test/ruby/envutil.rb (assert_join_threads): New assertion to
	  join multiple threads without exceptions.

	* test/openssl/utils.rb (start_server, server_loop): Use a
	  pipe to stop server instead of shutdown/close a listening socket.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@54272 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 52556,52557: [Backport #10735] 2015-11-18T11:39:53+00:00 usa usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2015-11-18T11:39:53+00:00 dacb9169c3fc92a6827ab8d1a16e34c341612f48 * ext/openssl/ossl_pkey.c: Merge ruby/openssl@b9ea8ef [Bug #10735] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@52643 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/ossl_pkey.c: Merge ruby/openssl@b9ea8ef [Bug #10735]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@52643 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 51722,51724: [Backport #11376] 2015-11-18T11:34:19+00:00 usa usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2015-11-18T11:34:19+00:00 936a27758f02aad434aee2f40e216c96091bd671 * ext/openssl/ossl_ssl.c (static const struct): Only add SSLv3 support if the SSL library supports it. Thanks Kurt Roeckx <kurt@roeckx.be> [Bug #11376] * ext/openssl/extconf.rb: check for SSLv3 support in the SSL implementation. * test/openssl/test_ssl.rb (class OpenSSL): Skip tests that need SSLv3 if there is no support. * ext/openssl/ossl_ssl.c (ossl_ssl_method_tab): Only add SSLv3 support git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@52642 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/ossl_ssl.c (static const struct): Only add SSLv3 support
	  if the SSL library supports it.  Thanks Kurt Roeckx <kurt@roeckx.be>
	  [Bug #11376]

	* ext/openssl/extconf.rb: check for SSLv3 support in the SSL
	  implementation.

	* test/openssl/test_ssl.rb (class OpenSSL): Skip tests that need SSLv3
	  if there is no support.

	* ext/openssl/ossl_ssl.c (ossl_ssl_method_tab): Only add SSLv3 support


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@52642 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 52227,52228: [Backport #11369] 2015-10-29T14:07:59+00:00 usa usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2015-10-29T14:07:59+00:00 9008fda66f28a28074088fb711488ae06ab72eba * ext/openssl/ossl_ssl.c (ssl_npn_select_cb): explicitly raise error in ext/openssl instead of OpenSSL itself because LibreSSL silently truncate the selected protocol name by casting the length from int to unsigned char. [Bug #11369] Patch by Jeremy Evans <merch-redmine@jeremyevans.net> git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@52356 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/ossl_ssl.c (ssl_npn_select_cb): explicitly raise error
	  in ext/openssl instead of OpenSSL itself because LibreSSL
	  silently truncate the selected protocol name by casting the length
	  from int to unsigned char. [Bug #11369]
	  Patch by Jeremy Evans <merch-redmine@jeremyevans.net>


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@52356 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 51409,51453: [Backport #10910] 2015-08-17T08:30:08+00:00 usa usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2015-08-17T08:30:08+00:00 d3cd7b4813dcaf4022d8d70b8dd9f2bd17812d56 * ext/openssl/lib/openssl/ssl.rb (module OpenSSL): raise a more helpful exception when verifying the peer connection and an anonymous cipher has been selected. [ruby-core:68330] [Bug #10910] Thanks to Chris Sinjakli <chris@sinjakli.co.uk> for the patch. * test/openssl/test_ssl.rb (class OpenSSL): test for change * .travis.yml: update libssl before running tests. Thanks to Chris Sinjakli <chris@sinjakli.co.uk> for figuring out the travis settings! git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@51608 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/lib/openssl/ssl.rb (module OpenSSL): raise a more
	  helpful exception when verifying the peer connection and an
	  anonymous cipher has been selected. [ruby-core:68330] [Bug #10910]
	  Thanks to Chris Sinjakli <chris@sinjakli.co.uk> for the patch.

	* test/openssl/test_ssl.rb (class OpenSSL): test for change

	* .travis.yml: update libssl before running tests. 
	  Thanks to Chris Sinjakli <chris@sinjakli.co.uk> for figuring out the
	  travis settings!


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@51608 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 50646: [Backport #11185] 2015-06-09T07:28:56+00:00 usa usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2015-06-09T07:28:56+00:00 7d7ed2c23116b8f2c0bfcd902eaf8a2a15301bb3 * ext/openssl/ossl_asn1.c (ossl_asn1_traverse, ossl_asn1_decode, ossl_asn1_decode_all): use RB_GC_GUARD instead of volatile [ruby-core:69371] [Bug #11185] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@50808 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/ossl_asn1.c (ossl_asn1_traverse, ossl_asn1_decode,
	  ossl_asn1_decode_all): use RB_GC_GUARD instead of volatile
	  [ruby-core:69371] [Bug #11185]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@50808 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 50292: [Backport #9644] 2015-04-13T13:20:40+00:00 usa usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2015-04-13T13:20:40+00:00 e3252606afe73a7085ce8b92bd0c0a5eccd918d4 * ext/openssl/lib/openssl/ssl.rb: stricter hostname verification following RFC 6125. with the patch provided by Tony Arcieri and Hiroshi Nakamura [ruby-core:61545] [Bug #9644] * test/openssl/test_ssl.rb: add tests for above. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@50296 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/lib/openssl/ssl.rb: stricter hostname verification
	  following RFC 6125. with the patch provided by Tony Arcieri and
	  Hiroshi Nakamura [ruby-core:61545] [Bug #9644]

	* test/openssl/test_ssl.rb: add tests for above.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@50296 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) r48923: [Backport #10633] 2015-01-22T11:51:16+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2015-01-22T11:51:16+00:00 2558571db146e6463501db9b006436d8e22ba6f3 * ext/openssl/ossl_cipher.c (ossl_cipher_update_long): update huge data gradually not to exceed INT_MAX. workaround of OpenSSL API limitation. [ruby-core:67043] [Bug #10633] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@49383 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/ossl_cipher.c (ossl_cipher_update_long): update huge
	  data gradually not to exceed INT_MAX.  workaround of OpenSSL API
	  limitation.  [ruby-core:67043] [Bug #10633]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@49383 b2dd03c8-39d4-4d8f-98ff-823fe69b080e