ruby-changes:42354
From: nagachika <ko1@a...>
Date: Wed, 30 Mar 2016 05:37:05 +0900 (JST)
Subject: [ruby-changes:42354] nagachika:r54428 (ruby_2_2): merge revision(s) 54258: [Backport #12182]
nagachika 2016-03-30 05:36:59 +0900 (Wed, 30 Mar 2016) New Revision: 54428 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=54428 Log: merge revision(s) 54258: [Backport #12182] * ext/openssl/extconf.rb: check SSL_CTX_set_next_proto_select_cb function rather than OPENSSL_NPN_NEGOTIATED macro. it exists even if it is disabled by OpenSSL configuration. [ruby-core:74384] [Bug #12182] * ext/openssl/ossl_ssl.c: update #ifdef(s) as above. * test/openssl/test_ssl.rb: skip NPN tests if NPN is disabled. Modified directories: branches/ruby_2_2/ Modified files: branches/ruby_2_2/ChangeLog branches/ruby_2_2/ext/openssl/extconf.rb branches/ruby_2_2/ext/openssl/ossl_ssl.c branches/ruby_2_2/test/openssl/test_ssl.rb branches/ruby_2_2/version.h Index: ruby_2_2/ext/openssl/ossl_ssl.c =================================================================== --- ruby_2_2/ext/openssl/ossl_ssl.c (revision 54427) +++ ruby_2_2/ext/openssl/ossl_ssl.c (revision 54428) @@ -585,7 +585,7 @@ ssl_renegotiation_cb(const SSL *ssl) https://github.com/ruby/ruby/blob/trunk/ruby_2_2/ext/openssl/ossl_ssl.c#L585 (void) rb_funcall(cb, rb_intern("call"), 1, ssl_obj); } -#ifdef HAVE_OPENSSL_NPN_NEGOTIATED +#if defined(HAVE_SSL_CTX_SET_NEXT_PROTO_SELECT_CB) || defined(HAVE_SSL_CTX_SET_ALPN_SELECT_CB) static VALUE ssl_npn_encode_protocol_i(VALUE cur, VALUE encoded) { @@ -610,18 +610,6 @@ ssl_npn_encode_protocols(VALUE sslctx, V https://github.com/ruby/ruby/blob/trunk/ruby_2_2/ext/openssl/ossl_ssl.c#L610 } static int -ssl_npn_advertise_cb(SSL *ssl, const unsigned char **out, unsigned int *outlen, void *arg) -{ - VALUE sslctx_obj = (VALUE) arg; - VALUE protocols = rb_iv_get(sslctx_obj, "@_protocols"); - - *out = (const unsigned char *) RSTRING_PTR(protocols); - *outlen = RSTRING_LENINT(protocols); - - return SSL_TLSEXT_ERR_OK; -} - -static int ssl_npn_select_cb_common(VALUE cb, const unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen) { VALUE selected; @@ -653,6 +641,19 @@ ssl_npn_select_cb_common(VALUE cb, const https://github.com/ruby/ruby/blob/trunk/ruby_2_2/ext/openssl/ossl_ssl.c#L641 return SSL_TLSEXT_ERR_OK; } +#ifdef HAVE_SSL_CTX_SET_NEXT_PROTO_SELECT_CB +static int +ssl_npn_advertise_cb(SSL *ssl, const unsigned char **out, unsigned int *outlen, void *arg) +{ + VALUE sslctx_obj = (VALUE) arg; + VALUE protocols = rb_iv_get(sslctx_obj, "@_protocols"); + + *out = (const unsigned char *) RSTRING_PTR(protocols); + *outlen = RSTRING_LENINT(protocols); + + return SSL_TLSEXT_ERR_OK; +} + static int ssl_npn_select_cb(SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg) { @@ -663,8 +664,8 @@ ssl_npn_select_cb(SSL *s, unsigned char https://github.com/ruby/ruby/blob/trunk/ruby_2_2/ext/openssl/ossl_ssl.c#L664 return ssl_npn_select_cb_common(cb, (const unsigned char **)out, outlen, in, inlen); } - #endif +#endif /* HAVE_SSL_CTX_SET_NEXT_PROTO_SELECT_CB || HAVE_SSL_CTX_SET_ALPN_SELECT_CB */ /* This function may serve as the entry point to support further * callbacks. */ @@ -797,7 +798,7 @@ ossl_sslctx_setup(VALUE self) https://github.com/ruby/ruby/blob/trunk/ruby_2_2/ext/openssl/ossl_ssl.c#L798 SSL_CTX_set_options(ctx, SSL_OP_ALL); } -#ifdef HAVE_OPENSSL_NPN_NEGOTIATED +#ifdef HAVE_SSL_CTX_SET_NEXT_PROTO_SELECT_CB val = rb_iv_get(self, "@npn_protocols"); if (!NIL_P(val)) { ssl_npn_encode_protocols(self, val); @@ -1878,7 +1879,7 @@ ossl_ssl_get_client_ca_list(VALUE self) https://github.com/ruby/ruby/blob/trunk/ruby_2_2/ext/openssl/ossl_ssl.c#L1879 return ossl_x509name_sk2ary(ca); } -# ifdef HAVE_OPENSSL_NPN_NEGOTIATED +# ifdef HAVE_SSL_CTX_SET_NEXT_PROTO_SELECT_CB /* * call-seq: * ssl.npn_protocol => String @@ -2120,7 +2121,7 @@ Init_ossl_ssl(void) https://github.com/ruby/ruby/blob/trunk/ruby_2_2/ext/openssl/ossl_ssl.c#L2121 * end */ rb_attr(cSSLContext, rb_intern("renegotiation_cb"), 1, 1, Qfalse); -#ifdef HAVE_OPENSSL_NPN_NEGOTIATED +#ifdef HAVE_SSL_CTX_SET_NEXT_PROTO_SELECT_CB /* * An Enumerable of Strings. Each String represents a protocol to be * advertised as the list of supported protocols for Next Protocol @@ -2264,7 +2265,7 @@ Init_ossl_ssl(void) https://github.com/ruby/ruby/blob/trunk/ruby_2_2/ext/openssl/ossl_ssl.c#L2265 rb_define_method(cSSLSocket, "session=", ossl_ssl_set_session, 1); rb_define_method(cSSLSocket, "verify_result", ossl_ssl_get_verify_result, 0); rb_define_method(cSSLSocket, "client_ca", ossl_ssl_get_client_ca_list, 0); -# ifdef HAVE_OPENSSL_NPN_NEGOTIATED +# ifdef HAVE_SSL_CTX_SET_NEXT_PROTO_SELECT_CB rb_define_method(cSSLSocket, "npn_protocol", ossl_ssl_npn_protocol, 0); # endif #endif Index: ruby_2_2/ext/openssl/extconf.rb =================================================================== --- ruby_2_2/ext/openssl/extconf.rb (revision 54427) +++ ruby_2_2/ext/openssl/extconf.rb (revision 54428) @@ -112,7 +112,7 @@ have_func("TLSv1_1_client_method") https://github.com/ruby/ruby/blob/trunk/ruby_2_2/ext/openssl/extconf.rb#L112 have_func("TLSv1_2_method") have_func("TLSv1_2_server_method") have_func("TLSv1_2_client_method") -have_macro("OPENSSL_NPN_NEGOTIATED", ['openssl/ssl.h']) && $defs.push("-DHAVE_OPENSSL_NPN_NEGOTIATED") +have_func("SSL_CTX_set_next_proto_select_cb") unless have_func("SSL_set_tlsext_host_name", ['openssl/ssl.h']) have_macro("SSL_set_tlsext_host_name", ['openssl/ssl.h']) && $defs.push("-DHAVE_SSL_SET_TLSEXT_HOST_NAME") end Index: ruby_2_2/ChangeLog =================================================================== --- ruby_2_2/ChangeLog (revision 54427) +++ ruby_2_2/ChangeLog (revision 54428) @@ -1,3 +1,14 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_2/ChangeLog#L1 +Wed Mar 30 05:15:04 2016 Kazuki Yamaguchi <k@r...> + + * ext/openssl/extconf.rb: check SSL_CTX_set_next_proto_select_cb + function rather than OPENSSL_NPN_NEGOTIATED macro. it exists + even if it is disabled by OpenSSL configuration. + [ruby-core:74384] [Bug #12182] + + * ext/openssl/ossl_ssl.c: update #ifdef(s) as above. + + * test/openssl/test_ssl.rb: skip NPN tests if NPN is disabled. + Wed Mar 30 05:13:25 2016 Nobuyoshi Nakada <nobu@r...> * lib/uri/http.rb (URI::HTTP#initialize): [DOC] fix example, Index: ruby_2_2/version.h =================================================================== --- ruby_2_2/version.h (revision 54427) +++ ruby_2_2/version.h (revision 54428) @@ -1,6 +1,6 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_2/version.h#L1 #define RUBY_VERSION "2.2.5" #define RUBY_RELEASE_DATE "2016-03-30" -#define RUBY_PATCHLEVEL 286 +#define RUBY_PATCHLEVEL 287 #define RUBY_RELEASE_YEAR 2016 #define RUBY_RELEASE_MONTH 3 Index: ruby_2_2/test/openssl/test_ssl.rb =================================================================== --- ruby_2_2/test/openssl/test_ssl.rb (revision 54427) +++ ruby_2_2/test/openssl/test_ssl.rb (revision 54428) @@ -809,7 +809,9 @@ end https://github.com/ruby/ruby/blob/trunk/ruby_2_2/test/openssl/test_ssl.rb#L809 } end -if OpenSSL::OPENSSL_VERSION_NUMBER > 0x10001000 +if OpenSSL::OPENSSL_VERSION_NUMBER > 0x10001000 && + OpenSSL::SSL::SSLContext.method_defined?(:npn_select_cb) + # NPN may be disabled by OpenSSL configure option def test_npn_protocol_selection_ary advertised = ["http/1.1", "spdy/2"] Property changes on: ruby_2_2 ___________________________________________________________________ Modified: svn:mergeinfo Merged /trunk:r54258 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/