ruby-changes:60088

https://git.ruby-lang.org/ruby.git/commit/?id=b99775b163

From b99775b163ce44079c1f8727ce9b4ed8bb03489d Mon Sep 17 00:00:00 2001
From: Hiroshi SHIBATA <hsbt@r...>
Date: Sun, 16 Feb 2020 15:21:29 +0900
Subject: Import openssl-2.2.0 (#2693)

Import the master branch of ruby/openssl for preparing to release openssl-2.2.0

diff --git a/ext/openssl/History.md b/ext/openssl/History.md
index db50500..cdb44b1 100644
--- a/ext/openssl/History.md
+++ b/ext/openssl/History.md
@@ -1,3 +1,56 @@ https://github.com/ruby/ruby/blob/trunk/ext/openssl/History.md#L1
+Version 2.2.0 (not yet released)
+=============
+
+* Change default `OpenSSL::SSL::SSLServer#listen` backlog argument from
+  5 to `Socket::SOMAXCONN`.
+* Make `OpenSSL::HMAC#==` use a timing safe string comparison.
+* Remove unsupported MDC2, DSS, DSS1, and SHA algorithms.
+* Add support for SHA3 and BLAKE digests.
+* Add `OpenSSL::SSL::SSLSocket.open` for opening a `TCPSocket` and
+  returning an `OpenSSL::SSL::SSLSocket` for it.
+* Support marshalling of `OpenSSL::X509` objects.
+* Add `OpenSSL.secure_compare` for timing safe string comparison for
+  strings of possibly unequal length.
+* Add `OpenSSL.fixed_length_secure_compare` for timing safe string
+  comparison for strings of equal length.
+* Add `OpenSSL::SSL::SSLSocket#{finished_message,peer_finished_message}`
+  for last finished message sent and received.
+* Add `OpenSSL::Timestamp` module for handing timestamp requests and
+  responses.
+* Add helper methods for `OpenSSL::X509::Certificate`:
+  `find_extension`, `subject_key_identifier`,
+  `authority_key_identifier`, `crl_uris`, `ca_issuer_uris` and
+  `ocsp_uris`.
+* Add helper methods for `OpenSSL::X509::CRL`:
+  `find_extension` and `subject_key_identifier`.
+* Remove `OpenSSL::PKCS7::SignerInfo#name` alias for `#issuer`.
+* Add `OpenSSL::ECPoint#add` for adding points to an elliptic curve
+  group.
+  [[GitHub #261]](https://github.com/ruby/openssl/pull/261)
+* Make `OpenSSL::PKey::RSA#{export,to_der}` correctly check `key`,
+  `factors`, and `crt_params`.
+  [[GitHub #258]](https://github.com/ruby/openssl/pull/258)
+* Add `OpenSSL::SSL::{SSLSocket,SSLServer}#fileno`, returning the
+  underlying socket file descriptor number.
+  [[GitHub #247]](https://github.com/ruby/openssl/pull/247)
+* Support client certificates with TLS 1.3, and support post-handshake
+  authentication with OpenSSL 1.1.1+.
+  [[GitHub #239]](https://github.com/ruby/openssl/pull/239)
+* Add `OpenSSL::ASN1::ObjectId#==` for equality testing.
+* Add `OpenSSL::X509::Extension#value_der` for the raw value of
+  the extension.
+  [[GitHub #234]](https://github.com/ruby/openssl/pull/234)
+* Signficantly reduce allocated memory in `OpenSSL::Buffering#do_write`.
+  [[GitHub #212]](https://github.com/ruby/openssl/pull/212)
+* Ensure all valid IPv6 addresses are considered valid as elements
+  of subjectAlternativeName in certificates.
+  [[GitHub #185]](https://github.com/ruby/openssl/pull/185)
+* Allow recipient's certificate to be omitted in PCKS7#decrypt.
+  [[GitHub #183]](https://github.com/ruby/openssl/pull/183)
+* Add support for reading keys in PKCS8 format and export via instance methods
+  added to `OpenSSL::PKey` classes: `private_to_der`, `private_to_pem`,
+  `public_to_der` and `public_to_pem`.
+
 Version 2.1.2
 =============
 
diff --git a/ext/openssl/depend b/ext/openssl/depend
index 68cf357..943f4f4 100644
--- a/ext/openssl/depend
+++ b/ext/openssl/depend
@@ -39,7 +39,7 @@ ossl.o: ossl_pkcs7.h https://github.com/ruby/ruby/blob/trunk/ext/openssl/depend#L39
 ossl.o: ossl_pkey.h
 ossl.o: ossl_rand.h
 ossl.o: ossl_ssl.h
-ossl.o: ossl_version.h
+ossl.o: ossl_ts.h
 ossl.o: ossl_x509.h
 ossl.o: ruby_missing.h
 ossl_asn1.o: $(RUBY_EXTCONF_H)
@@ -77,7 +77,7 @@ ossl_asn1.o: ossl_pkcs7.h https://github.com/ruby/ruby/blob/trunk/ext/openssl/depend#L77
 ossl_asn1.o: ossl_pkey.h
 ossl_asn1.o: ossl_rand.h
 ossl_asn1.o: ossl_ssl.h
-ossl_asn1.o: ossl_version.h
+ossl_asn1.o: ossl_ts.h
 ossl_asn1.o: ossl_x509.h
 ossl_asn1.o: ruby_missing.h
 ossl_bio.o: $(RUBY_EXTCONF_H)
@@ -115,7 +115,7 @@ ossl_bio.o: ossl_pkcs7.h https://github.com/ruby/ruby/blob/trunk/ext/openssl/depend#L115
 ossl_bio.o: ossl_pkey.h
 ossl_bio.o: ossl_rand.h
 ossl_bio.o: ossl_ssl.h
-ossl_bio.o: ossl_version.h
+ossl_bio.o: ossl_ts.h
 ossl_bio.o: ossl_x509.h
 ossl_bio.o: ruby_missing.h
 ossl_bn.o: $(RUBY_EXTCONF_H)
@@ -153,7 +153,7 @@ ossl_bn.o: ossl_pkcs7.h https://github.com/ruby/ruby/blob/trunk/ext/openssl/depend#L153
 ossl_bn.o: ossl_pkey.h
 ossl_bn.o: ossl_rand.h
 ossl_bn.o: ossl_ssl.h
-ossl_bn.o: ossl_version.h
+ossl_bn.o: ossl_ts.h
 ossl_bn.o: ossl_x509.h
 ossl_bn.o: ruby_missing.h
 ossl_cipher.o: $(RUBY_EXTCONF_H)
@@ -191,7 +191,7 @@ ossl_cipher.o: ossl_pkcs7.h https://github.com/ruby/ruby/blob/trunk/ext/openssl/depend#L191
 ossl_cipher.o: ossl_pkey.h
 ossl_cipher.o: ossl_rand.h
 ossl_cipher.o: ossl_ssl.h
-ossl_cipher.o: ossl_version.h
+ossl_cipher.o: ossl_ts.h
 ossl_cipher.o: ossl_x509.h
 ossl_cipher.o: ruby_missing.h
 ossl_config.o: $(RUBY_EXTCONF_H)
@@ -229,7 +229,7 @@ ossl_config.o: ossl_pkcs7.h https://github.com/ruby/ruby/blob/trunk/ext/openssl/depend#L229
 ossl_config.o: ossl_pkey.h
 ossl_config.o: ossl_rand.h
 ossl_config.o: ossl_ssl.h
-ossl_config.o: ossl_version.h
+ossl_config.o: ossl_ts.h
 ossl_config.o: ossl_x509.h
 ossl_config.o: ruby_missing.h
 ossl_digest.o: $(RUBY_EXTCONF_H)
@@ -267,7 +267,7 @@ ossl_digest.o: ossl_pkcs7.h https://github.com/ruby/ruby/blob/trunk/ext/openssl/depend#L267
 ossl_digest.o: ossl_pkey.h
 ossl_digest.o: ossl_rand.h
 ossl_digest.o: ossl_ssl.h
-ossl_digest.o: ossl_version.h
+ossl_digest.o: ossl_ts.h
 ossl_digest.o: ossl_x509.h
 ossl_digest.o: ruby_missing.h
 ossl_engine.o: $(RUBY_EXTCONF_H)
@@ -305,7 +305,7 @@ ossl_engine.o: ossl_pkcs7.h https://github.com/ruby/ruby/blob/trunk/ext/openssl/depend#L305
 ossl_engine.o: ossl_pkey.h
 ossl_engine.o: ossl_rand.h
 ossl_engine.o: ossl_ssl.h
-ossl_engine.o: ossl_version.h
+ossl_engine.o: ossl_ts.h
 ossl_engine.o: ossl_x509.h
 ossl_engine.o: ruby_missing.h
 ossl_hmac.o: $(RUBY_EXTCONF_H)
@@ -343,7 +343,7 @@ ossl_hmac.o: ossl_pkcs7.h https://github.com/ruby/ruby/blob/trunk/ext/openssl/depend#L343
 ossl_hmac.o: ossl_pkey.h
 ossl_hmac.o: ossl_rand.h
 ossl_hmac.o: ossl_ssl.h
-ossl_hmac.o: ossl_version.h
+ossl_hmac.o: ossl_ts.h
 ossl_hmac.o: ossl_x509.h
 ossl_hmac.o: ruby_missing.h
 ossl_kdf.o: $(RUBY_EXTCONF_H)
@@ -381,7 +381,7 @@ ossl_kdf.o: ossl_pkcs7.h https://github.com/ruby/ruby/blob/trunk/ext/openssl/depend#L381
 ossl_kdf.o: ossl_pkey.h
 ossl_kdf.o: ossl_rand.h
 ossl_kdf.o: ossl_ssl.h
-ossl_kdf.o: ossl_version.h
+ossl_kdf.o: ossl_ts.h
 ossl_kdf.o: ossl_x509.h
 ossl_kdf.o: ruby_missing.h
 ossl_ns_spki.o: $(RUBY_EXTCONF_H)
@@ -419,7 +419,7 @@ ossl_ns_spki.o: ossl_pkcs7.h https://github.com/ruby/ruby/blob/trunk/ext/openssl/depend#L419
 ossl_ns_spki.o: ossl_pkey.h
 ossl_ns_spki.o: ossl_rand.h
 ossl_ns_spki.o: ossl_ssl.h
-ossl_ns_spki.o: ossl_version.h
+ossl_ns_spki.o: ossl_ts.h
 ossl_ns_spki.o: ossl_x509.h
 ossl_ns_spki.o: ruby_missing.h
 ossl_ocsp.o: $(RUBY_EXTCONF_H)
@@ -457,7 +457,7 @@ ossl_ocsp.o: ossl_pkcs7.h https://github.com/ruby/ruby/blob/trunk/ext/openssl/depend#L457
 ossl_ocsp.o: ossl_pkey.h
 ossl_ocsp.o: ossl_rand.h
 ossl_ocsp.o: ossl_ssl.h
-ossl_ocsp.o: ossl_version.h
+ossl_ocsp.o: ossl_ts.h
 ossl_ocsp.o: ossl_x509.h
 ossl_ocsp.o: ruby_missing.h
 ossl_pkcs12.o: $(RUBY_EXTCONF_H)
@@ -495,7 +495,7 @@ ossl_pkcs12.o: ossl_pkcs7.h https://github.com/ruby/ruby/blob/trunk/ext/openssl/depend#L495
 ossl_pkcs12.o: ossl_pkey.h
 ossl_pkcs12.o: ossl_rand.h
 ossl_pkcs12.o: ossl_ssl.h
-ossl_pkcs12.o: ossl_version.h
+ossl_pkcs12.o: ossl_ts.h
 ossl_pkcs12.o: ossl_x509.h
 ossl_pkcs12.o: ruby_missing.h
 ossl_pkcs7.o: $(RUBY_EXTCONF_H)
@@ -533,7 +533,7 @@ ossl_pkcs7.o: ossl_pkcs7.h https://github.com/ruby/ruby/blob/trunk/ext/openssl/depend#L533
 ossl_pkcs7.o: ossl_pkey.h
 ossl_pkcs7.o: ossl_rand.h
 ossl_pkcs7.o: ossl_ssl.h
-ossl_pkcs7.o: ossl_version.h
+ossl_pkcs7.o: ossl_ts.h
 ossl_pkcs7.o: ossl_x509.h
 ossl_pkcs7.o: ruby_missing.h
 ossl_pkey.o: $(RUBY_EXTCONF_H)
@@ -571,7 +571,7 @@ ossl_pkey.o: ossl_pkey.c https://github.com/ruby/ruby/blob/trunk/ext/openssl/depend#L571
 ossl_pkey.o: ossl_pkey.h
 ossl_pkey.o: ossl_rand.h
 ossl_pkey.o: ossl_ssl.h
-ossl_pkey.o: ossl_version.h
+ossl_pkey.o: ossl_ts.h
 ossl_pkey.o: ossl_x509.h
 ossl_pkey.o: ruby_missing.h
 ossl_pkey_dh.o: $(RUBY_EXTCONF_H)
@@ -609,7 +609,7 @@ ossl_pkey_dh.o: ossl_pkey.h https://github.com/ruby/ruby/blob/trunk/ext/openssl/depend#L609
 ossl_pkey_dh.o: ossl_pkey_dh.c
 ossl_pkey_dh.o: ossl_rand.h
 ossl_pkey_dh.o: ossl_ssl.h
-ossl_pkey_dh.o: ossl_version.h
+ossl_pkey_dh.o: ossl_ts.h
 ossl_pkey_dh.o: ossl_x509.h
 ossl_pkey_dh.o: ruby_missing.h
 ossl_pkey_dsa.o: $(RUBY_EXTCONF_H)
@@ -647,7 +647,7 @@ ossl_pkey_dsa.o: ossl_pkey.h https://github.com/ruby/ruby/blob/trunk/ext/openssl/depend#L647
 ossl_pkey_dsa.o: ossl_pkey_dsa.c
 ossl_pkey_dsa.o: ossl_rand.h
 ossl_pkey_dsa.o: ossl_ssl.h
-ossl_pkey_dsa.o: ossl_version.h
+ossl_pkey_dsa.o: ossl_ts.h
 ossl_pkey_dsa.o: ossl_x509.h
 ossl_pkey_dsa.o: ruby_missing.h
 ossl_pkey_ec.o: $(RUBY_EXTCONF_H)
@@ -685,7 +685,7 @@ ossl_pkey_ec.o: ossl_pkey.h https://github.com/ruby/ruby/blob/trunk/ext/openssl/depend#L685
 ossl_pkey_ec.o: ossl_pkey_ec.c
 ossl_pkey_ec.o: ossl_rand.h
 ossl_pkey_ec.o: ossl_ssl.h
-ossl_pkey_ec.o: ossl_version.h
+ossl_pkey_ec.o: ossl_ts.h
 ossl_pkey_ec.o: ossl_x509.h
 ossl_pkey_ec.o: ruby_missing.h
 ossl_pkey_rsa.o: $(RUBY_EXTCONF_H)
@@ -723,7 +723,7 @@ ossl_pkey_rsa.o: ossl_pkey.h https://github.com/ruby/ruby/blob/trunk/ext/openssl/depend#L723
 ossl_pkey_rsa.o: ossl_pkey_rsa.c
 ossl_pkey_rsa.o: ossl_rand.h
 ossl_pkey_rsa.o: ossl_ssl.h
-ossl_pkey_rsa.o: ossl_version.h
+ossl_pkey_rsa.o: ossl_ts.h
 ossl_pkey_rsa.o: ossl_x509.h
 ossl_pkey_rsa.o: ruby_missing.h
 ossl_rand.o: $(RUBY_EXTCONF_H)
@@ -761,7 +761,7 @@ ossl_rand.o: ossl_pkey.h https://github.com/ruby/ruby/blob/trunk/ext/openssl/depend#L761
 ossl_rand.o: ossl_rand.c
 ossl_rand.o: ossl_rand.h
 ossl_rand.o: ossl_ssl.h
-ossl_rand.o:  (... truncated)

--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/