Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

This branch has only the CMS code #1

Open
wants to merge 17 commits into
base: master
Choose a base branch
from
Open

This branch has only the CMS code #1

wants to merge 17 commits into from

Conversation

mcr
Copy link
Owner

@mcr mcr commented Feb 11, 2019

No description provided.

rhenium and others added 17 commits February 11, 2019 14:40
@rhenium @mcr
pkcs7: allow recipient's certificate to be omitted for PKCS7#decrypt
c7ae916 
The recipient's certificate is not mandatory for PKCS7_decrypt(). Make
it possible to call OpenSSL::PKCS7#decrypt with only the private key to
match the functionality.

Reference: ruby#182
@cunnie @mcr
Correctly verify abbreviated IPv6 SANs
23f9650 
IPv6 SAN-verification accommodates
["zero-compression"](https://tools.ietf.org/html/rfc5952#section-2.2).
It also accommodates non-compressed addresses.

Previously the verification of IPv6 addresses would fail unless the
address syntax matched a specific format (no zero-compression, no
leading zeroes).

As an example, the IPv6 loopback address, if represented as `::1`, would
not verify.  Nor would it verify if represented as
`0000:0000:0000:0000:0000:0000:0000:0001`; however, both representations
are valid, RFC-compliant representations.  The library would only accept
a very specific representation (i.e.  `0:0:0:0:0:0:0:1`).

This commit addresses that shortcoming, and ensures that any valid IPv6
representation will correctly verify.
@ahadc @mcr
Update CONTRIBUTING.md
c94599a 
Created a list format for the items required for a bug report. 
Also fixed a minor grammatical issue in the paragraph below the list.
@jeremyevans @mcr
Move rb_global_variable call to directly after assignment
fda02bb 
While I'm guessing the INT2NUM calls all generate Fixnums and not Bignums,
it's unwise to rely on that.  Calling rb_global_variable directly after
assignment is the pattern used in ossl.c, and it's probably best to do
that here as well.
@nobu @mcr
openssl/buffering.rb: no RS when output
217b378 
* ext/openssl/lib/openssl/buffering.rb (do_write, puts): output
  methods should not be affected by the input record separator.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62038 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Sync-with-trunk: r62038
@janko @mcr
Reduce memory allocation when writing to SSLSocket
7428f9c 
At the moment OpenSSL::Buffering#do_write allocates some additional
strings, and in my profiling writing 5MB of data allocates additional
7.7MB of strings.

This patch greatly reduces memory allocations, and now writing 5MB of
data allocates only additional 0.2MB of strings. This means that large
file uploads would effectively not allocate additional memory anymore.

Reference: https://bugs.ruby-lang.org/issues/14426
Reference: ruby/ruby#1924
@nobu @mcr
Remove -Wno-parentheses flag.
9890617 
[Fix GH-1958]

From: Jun Aruga <[email protected]>

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64806 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

* expand tabs.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64807 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Suppress more -Wparentheses warnings

[Fix GH-1958]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64808 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
[ky: this is a combined patch of r64806-r64808.]
Sync-with-trunk: r64808
@janko @mcr
Fix typo in docs
0c3ec4d
@mcr
initial work creating the most basic CMS_ContentInfo object
963507d 
CMS_SignedInfo structure can not be created or freed, as it is just a pointer into CMS_ContentInfo stack.
@mcr
remove pending test cases, clean up debug statments
d5e066b
@mcr
do not include CMS code with LIBRESSL, as it has no CMS code
07f7fdf
@mcr
bump version and point at correct version of openssl
0063882
@mcr
added notes about building with DTLS support
690d437
@mcr
instead of looking of NIDs and then using X509V3_EXT_nconf_nid,
533adb2 
instead just pass strings to X509V3_EXT_nconf, which has all the logic for
processing dealing with generic extensions
also process the oid through ln2nid() to retain compatibility.
@mcr
added NO_SIGNER_CERT_VERIFY and NOINTERN constants
84b51cd
@mcr
added read_derpub, to only attempt to load DER encoded public keys
2862335
@mcr
updated comments about documentation strings
f00f1ea
rhenium pushed a commit that referenced this pull request Aug 31, 2023
@bdewater
Call out insecure PKCS #1 v1.5 default padding for RSA
fd5eaa6
rhenium added a commit that referenced this pull request Aug 31, 2023
@rhenium
Merge pull request ruby#549 from bdewater/rsa-pkcs1v15-doc
ff9af07 
Call out insecure PKCS #1 v1.5 default padding for RSA
@rhenium rhenium force-pushed the master branch 3 times, most recently from 3b55428 to 9f15741 Compare August 31, 2023 06:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@mcr @rhenium @cunnie @ahadc @jeremyevans @nobu @janko