[#33511] [Ruby 1.9-Bug#4108][Open] irb hangs on Windows with trunk — Heesob Park <redmine@...>
Bug #4108: irb hangs on Windows with trunk
[#33521] [Ruby 1.9-Feature#4111][Open] Add XLIST support to Net::IMAP — Geoff Youngs <redmine@...>
Feature #4111: Add XLIST support to Net::IMAP
[#33530] [Ruby 1.9-Bug#4113][Open] Cannot build trunk with MSVC. — Heesob Park <redmine@...>
Bug #4113: Cannot build trunk with MSVC.
[#33583] Initialization time — SASADA Koichi <ko1@...>
Hi,
[#33605] Why is SyncEnumerator in REXML? — Asher <asher@...>
in 1.8 SyncEnumerator is in lib/generator.rb; in 1.9 it is in lib/rexml/syncenumerator.rb
On Dec 6, 2010, at 11:09 PM, Asher wrote:
If that is the case, it would make sense historically, but doesn't seem to make much sense now, as SyncEnumerator doesn't seem to have any relation to REXML, even if REXML utilizes it.
[#33628] [Ruby 1.8-Bug#4132][Open] Socket.close attempting to close the socket twice — Claudio Villalobos <redmine@...>
Bug #4132: Socket.close attempting to close the socket twice
[#33640] [Ruby 1.9-Bug#4136][Open] Enumerable#reject should not inherit the receiver's instance variables — Hiro Asari <redmine@...>
Bug #4136: Enumerable#reject should not inherit the receiver's instance variables
Issue #4136 has been updated by Marc-Andre Lafortune.
Hi,
[#33648] Why doesn’t StringIO implement #freeze? — Nikolai Weibull <now@...>
IO implements #freeze, but StringIO doesn’t. What’s up with that?
Hi,
On Fri, Dec 31, 2010 at 03:09, Nobuyoshi Nakada <nobu@ruby-lang.org> wrote:
[#33656] [Ruby 1.9-Bug#4141][Open] Tk extension is not accepting any type of parameter combination — Luis Lavena <redmine@...>
Bug #4141: Tk extension is not accepting any type of parameter combination
Hi,
On Sun, Dec 26, 2010 at 10:05 PM, Hidetoshi NAGAI
[#33661] [Ruby 1.9-Feature#4145][Open] The result of UTF-16 encoded string concatenation — Heesob Park <redmine@...>
Feature #4145: The result of UTF-16 encoded string concatenation
Issue #4145 has been updated by Yui NARUSE.
[#33667] [Ruby 1.9-Bug#4149][Open] Documentation submission: syslog standard library — mathew murphy <redmine@...>
Bug #4149: Documentation submission: syslog standard library
Issue #4149 has been updated by mathew murphy.
[#33683] [feature:trunk] Enumerable#categorize — Tanaka Akira <akr@...>
Hi.
2010/12/12 "Martin J. Dst" <duerst@it.aoyama.ac.jp>:
Hello Akira,
2010/12/20 "Martin J. Dst" <duerst@it.aoyama.ac.jp>:
Hi!
2010/12/27 Marc-Andre Lafortune <ruby-core-mailing-list@marc-andre.ca>:
Hi!
[#33687] Towards a standardized AST for Ruby code — Magnus Holm <judofyr@...>
Hey folks,
On Sun, Dec 12, 2010 at 9:55 AM, Magnus Holm <judofyr@gmail.com> wrote:
On Dec 12, 2010, at 17:46 , Charles Oliver Nutter wrote:
On Sun, Dec 12, 2010 at 7:09 PM, Ryan Davis <ryand-ruby@zenspider.com>wrote:
(2010/12/13 1:54), Haase, Konstantin wrote:
(2010/12/13 9:06), Ryan Davis wrote:
On Sun, Dec 12, 2010 at 6:33 PM, Ryan Davis <ryand-ruby@zenspider.com> wrote:
On Dec 14, 2010, at 09:47 , Charles Oliver Nutter wrote:
On Tue, Dec 14, 2010 at 2:54 AM, Haase, Konstantin
[#33690] [Ruby 1.9-Bug#4153][Open] Minitest or ruby bug - wrong return code — Robert Pankowecki <redmine@...>
Bug #4153: Minitest or ruby bug - wrong return code
[#33735] [Ruby 1.9-Bug#4163][Assigned] RubyGems uses deprecated API: YAML.quick_emit. — Yui NARUSE <redmine@...>
Bug #4163: RubyGems uses deprecated API: YAML.quick_emit.
On Thu, Dec 16, 2010 at 04:46:33AM +0900, Yui NARUSE wrote:
[#33763] [Ruby 1.9-Bug#4168][Open] WeakRef is unsafe to use in Ruby 1.9 — Brian Durand <redmine@...>
Bug #4168: WeakRef is unsafe to use in Ruby 1.9
Issue #4168 has been updated by Kurt Stephens.
[#33779] [Ruby 1.9-Bug#4174][Open] 1F1E on rdoc tests — Kouhei Yanagita <redmine@...>
Bug #4174: 1F1E on rdoc tests
[#33801] [Ruby 1.9-Feature#4183][Open] [ext/openssl] Timestamp support — Martin Bosslet <redmine@...>
Feature #4183: [ext/openssl] Timestamp support
On Wed, Dec 22, 2010 at 03:19:12AM +0900, Martin Bosslet wrote:
[#33815] trunk warnflags build issue with curb 0.7.9? — Jon <jon.forums@...>
As this may turn out to be a 3rd party issue rather than a bug, I'd like some feedback.
Hi,
[#33818] [Ruby 1.9-Bug#4188][Open] minitest warnings in 1.9.3 — Aaron Patterson <redmine@...>
Bug #4188: minitest warnings in 1.9.3
[#33825] PATCH: REE fast-thread.patch: stack_free() not called in rb_thread_die(). — Kurt Stephens <ks@...>
http://code.google.com/p/rubyenterpriseedition/issues/detail?id=57
Similar technique might be relevant in MRI 1.9 if fiber/continuation
> Similar technique might be relevant in MRI 1.9 if fiber/continuation stacks
[#33833] Ruby 1.9.2 is going to be released — "Yuki Sonoda (Yugui)" <yugui@...>
-----BEGIN PGP SIGNED MESSAGE-----
On Thu, Dec 23, 2010 at 9:47 AM, Yuki Sonoda (Yugui) <yugui@yugui.jp> wrote:
On Thu, Dec 23, 2010 at 9:47 AM, Yuki Sonoda (Yugui) <yugui@yugui.jp> wrote:
[#33845] Getting involved in Ruby — Benoit Daloze <eregontp@...>
Hi dear Ruby core team !
[#33846] [Ruby 1.9-Feature#4197][Open] Improvement of the benchmark library — Benoit Daloze <redmine@...>
Feature #4197: Improvement of the benchmark library
Issue #4197 has been updated by Yui NARUSE.
[#33852] [Ruby 1.9-Bug#4199][Open] make test ruby-1.9.2-p0 failed on Solaris10 x86 — Dmitry Perfilyev <redmine@...>
Bug #4199: make test ruby-1.9.2-p0 failed on Solaris10 x86
[#33864] [Backport92-Backport#4200][Open] minitest 2.0.2 on trunk — Ryan Davis <redmine@...>
Backport #4200: minitest 2.0.2 on trunk
Issue #4200 has been updated by Ryan Davis.
[#33880] As platform mantainer - what are my boundaries? — Luis Lavena <luislavena@...>
Hello,
Hello,
On Sun, Dec 26, 2010 at 9:50 PM, U.Nakamura <usa@garbagecollect.jp> wrote:
On Mon, Dec 27, 2010 at 11:05 AM, Luis Lavena <luislavena@gmail.com> wrote:
Luis,
On Wed, Dec 29, 2010 at 1:31 AM, Yugui <yugui@yugui.jp> wrote:
[#33910] [Ruby 1.9-Feature#4211][Open] Converting the Ruby and C API documentation to YARD syntax — Loren Segal <redmine@...>
Feature #4211: Converting the Ruby and C API documentation to YARD syntax
On Dec 26, 2010, at 13:00, Loren Segal wrote:
Issue #4211 has been updated by Yui NARUSE.
On Mon, Dec 27, 2010 at 12:01:00PM +0900, Yui NARUSE wrote:
[#33923] [Ruby 1.9-Bug#4214][Open] Fiddle::WINDOWS == false on Windows — Jon Forums <redmine@...>
Bug #4214: Fiddle::WINDOWS == false on Windows
Issue #4214 has been updated by Luis Lavena.
[#33948] Multi-line comments — Rodrigo Rosenfeld Rosas <rr.rosas@...>
I was always curious about the reasoning Ruby doesn't support
On Mon, Dec 27, 2010 at 8:55 PM, Rodrigo Rosenfeld Rosas <rr.rosas@gmail.com
On 28-12-2010 01:54, Joshua Ballanco wrote:
[#33951] [Ruby 1.9-Bug#4217][Open] irb exits unexpectedly with non-ascii Regexp on Windows — Heesob Park <redmine@...>
Bug #4217: irb exits unexpectedly with non-ascii Regexp on Windows
Issue #4217 has been updated by Heesob Park.
[#33953] my redmine login is not working and wanted to submit a bug — deepak kannan <kannan.deepak@...>
hi,
[#34011] [Backport92-Backport#4228][Open] Backward gemspec compatibility change in r29663 broke rake gems — Luis Lavena <redmine@...>
Backport #4228: Backward gemspec compatibility change in r29663 broke rake gems
[#34023] ruby -h doesn't include --disable-gems — Ryan Davis <ryand-ruby@...>
Is there a reason why ruby -h doesn't show --disable-gems ?
2011/1/4 Ryan Davis <ryand-ruby@zenspider.com>:
On Tue, Jan 4, 2011 at 12:14 AM, KOSAKI Motohiro
[ruby-core:33906] [Ruby 1.9-Feature#4183] [ext/openssl] Timestamp support
Issue #4183 has been updated by Martin Bosslet.
File ts2.tar.gz added
Thanks for the input! I updated the code with regard to Aaron's and Nobuyoshi's comments. Concerning Nobuyoshi's questions:
>Just curious for my eyes,
>In ossl_ts_verify():
>1068 if (!(ctx->store = X509_STORE_new())) {
>1069 ossl_raise(eTimestampError, NULL);
>1070 goto end;
>1071 }
>Jump to clean-up after raise?
>1109 end:
>1110 TS_VERIFY_CTX_free(ctx);
>1111 return ret;
I corrected this, cleanup is now performed before the raise.
>In ossl_tsfac_create_ts():
>1231 if (!(inter_certs = sk_X509_new_null())) goto end;
>When inter_certs can't get created, all the rest are just skipped?
I forgot to set the error message there. Corrected this, now an error is raised when allocation fails.
>1232 if (tsa_cert)
>1233 if (rb_obj_is_kind_of(additional_certs, rb_cArray)) {
>1234 for (i = 0; i < RARRAY_LEN(additional_certs); i++) {
>1235 cert = rb_ary_entry(additional_certs, i);
>1236 sk_X509_push(inter_certs, GetX509CertPtr(cert));
>1237 }
>1238 }
>1239 else {
>1240 sk_X509_push(inter_certs, GetX509CertPtr(additional_certs));
>1241 }
>Just indentation of 1233..1241 is wrong, or 1232 is misplaced?
No, you're right, it was simply misplaced, I removed it.
Regarding your patch, I already applied it in the update.
There is still some functionality that is not supported and some features I dislike about the way OpenSSL handles timestamp verification. Concerning the missing functionality - I'm planning to add this in case the feature will be accepted, I first wanted to get your reactions before I indulge too deeply in something nobody would want anyway :) Missing features right now are:
- Extensions are neither supported for Request nor for the Response
- Accuracy and TSAName are not supported for the Response.
- I'd like to add some factory methods, that create Responses indicating errors easily. E.g.
error_ts = OpenSSL::Timestamp::Response.create_fault_response(OpenSSL::Timestamp::Response::REJECTION,
:UNACCEPTED_POLICY,
"The policy you provided is not supported by this server")
This would simplify error creation for errors detected on the server side when manually analyzing the Request.
Things I would like different:
- I don't like the fact that for verification, you need to pass OpenSSL a BIO, even if you're still in possession of the TS_REQ*, as in our case (and I guess in most use cases). This forces encoding (and later decoding in OpenSSL) the TS_REQ*, which is unnecessary. I'll try to submit a patch to OpenSSL regarding this.
- The second thing I'm not really happy with is the fact that you cannot validate a timestamp solely based on the timestamp end entity certificate, verification always includes certificate validation of the entire chain. This is too tightly coupled in my opinion, certificate validation should only be an option (so that there is the possibility to perform it in a separate step). In addition, decoupling would also remove the necessity to provide intermediate certificates or root certificates. If the timestamp already contains the timestamp authority certificate(which it must if Request#cert_requested? is true), validation would be self-contained, no other external resources needed. I'll also try to submit a patch for this to OpenSSL.
@Hiroshi: thanks for the confidence, I'm happy to help :)
Regards,
Martin
----------------------------------------
http://redmine.ruby-lang.org/issues/show/4183
----------------------------------------
http://redmine.ruby-lang.org