[#83096] File.setuid? on IO (Re: [ruby-cvs:67289] normal:r60108 (trunk): file.c: release GVL in File.{setuid?, setgid?, sticky?}) — Nobuyoshi Nakada <nobu@...>
On 2017/10/04 8:47, normal@ruby-lang.org wrote:
5 messages
2017/10/04
[#83100] Re: File.setuid? on IO (Re: [ruby-cvs:67289] normal:r60108 (trunk): file.c: release GVL in File.{setuid?, setgid?, sticky?})
— Eric Wong <normalperson@...>
2017/10/04
Nobuyoshi Nakada <nobu@ruby-lang.org> wrote:
[#83105] Re: File.setuid? on IO (Re: [ruby-cvs:67289] normal:r60108 (trunk): file.c: release GVL in File.{setuid?, setgid?, sticky?})
— Nobuyoshi Nakada <nobu@...>
2017/10/04
On 2017/10/04 15:55, Eric Wong wrote:
[#83107] Alias Enumerable#include? to Enumerable#includes? — Alberto Almagro <albertoalmagro@...>
Hello,
9 messages
2017/10/04
[#83113] Re: Alias Enumerable#include? to Enumerable#includes?
— "Urabe, Shyouhei" <shyouhei@...>
2017/10/05
This has been requested countless times, then rejected each and every time.
[#83129] Re: Alias Enumerable#include? to Enumerable#includes?
— Alberto Almagro <albertoalmagro@...>
2017/10/05
Sorry I didn't found it on the core mail list's archive.
[#83138] Re: Alias Enumerable#include? to Enumerable#includes?
— "Urabe, Shyouhei" <shyouhei@...>
2017/10/06
Ruby has not been made of popular votes so far. You have to show us
[#83149] Re: Alias Enumerable#include? to Enumerable#includes?
— Eric Wong <normalperson@...>
2017/10/06
Alberto Almagro <albertoalmagro@gmail.com> wrote:
[#83200] [Ruby trunk Feature#13996] [PATCH] file.c: apply2files releases GVL — normalperson@...
Issue #13996 has been reported by normalperson (Eric Wong).
4 messages
2017/10/10
[ruby-core:83491] Re: [ruby-cvs:67491] naruse:r60310 (trunk): fix OpenSSL::SSL::SSLContext#min_version doesn't work
From:
Kazuki Yamaguchi <k@...>
Date:
2017-10-22 03:58:37 UTC
List:
ruby-core #83491
On 10/22/2017 01:25 AM, naruse@ruby-lang.org wrote:
> naruse 2017-10-22 01:25:19 +0900 (Sun, 22 Oct 2017)
>
> New Revision: 60310
>
> https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=60310
>
> Log:
> fix OpenSSL::SSL::SSLContext#min_version doesn't work
>
> Modified files:
> trunk/ext/openssl/lib/openssl/ssl.rb
> trunk/test/openssl/test_ssl.rb
>
> diff --git a/ext/openssl/lib/openssl/ssl.rb b/ext/openssl/lib/openssl/ssl.rb
> index fb143c94087a..4bbbcf6c26aa 100644
> --- a/ext/openssl/lib/openssl/ssl.rb
> +++ b/ext/openssl/lib/openssl/ssl.rb
> @@ -136,6 +136,7 @@ def initialize(version = nil)
> # used.
> def set_params(params={})
> params = DEFAULT_PARAMS.merge(params)
> + self.options = params.delete(:options) # set before min_version/max_version
> params.each{|name, value| self.__send__("#{name}=", value) }
> if self.verify_mode != OpenSSL::SSL::VERIFY_NONE
> unless self.ca_file or self.ca_path or self.cert_store
Oops, good catch! The min_version value in SSLContext::DEFAULT_PARAMS
was effectively ignored. It's cherry-picked to upstream, with a new test
case that passes successfully with OpenSSL >= 1.1.0 and
LibreSSL >= 2.6.0.
https://github.com/ruby/openssl/commit/62af0446569ae842de67b636b0bd0bb84ec2c8be
> @@ -147,7 +148,7 @@ def set_params(params={})
>
> # call-seq:
> # ctx.min_version = OpenSSL::SSL::TLS1_2_VERSION
> - # ctx.min_version = :TLS1_2
> + # ctx.min_version = :TLSv1_2
> # ctx.min_version = nil
> #
> # Sets the lower bound on the supported SSL/TLS protocol version. The
> @@ -166,18 +167,30 @@ def set_params(params={})
> # sock = OpenSSL::SSL::SSLSocket.new(tcp_sock, ctx)
> # sock.connect # Initiates a connection using either TLS 1.1 or TLS 1.2
> def min_version=(version)
> + case version
> + when nil, Integer
> + else
> + version = (METHODS_MAP[version] or
> + raise ArgumentError, "unknown SSL version `#{version.inspect}'")
> + end
> set_minmax_proto_version(version, @max_proto_version ||= nil)
> @min_proto_version = version
> end
'TLS1_2' comes from "TLS1_2_VERSION".sub(/_VERSION$/, ""), where
TLS1_2_VERSION is a value defined by OpenSSL and can be passed to
SSL_CTX_set_min_proto_version(). On the other hand, 'TLSv1_2' comes
from the name of a deprecated SSL method, TLSv1_2_method().
It was natural that SSLContext#ssl_version= takes names with 'v' since
it was a method that actually sets an SSL method used by the SSL
context. However, as SSLContext#{min,max}_version have nothing to do
with those SSL methods, I don't think it makes sense to follow their
naming convention. At least, it is odd that they now accept 'SSLv23'.
Unsubscribe: <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>