14 #define numberof(ary) (int)(sizeof(ary)/sizeof((ary)[0])) 17 # define TO_SOCKET(s) _get_osfhandle(s) 19 # define TO_SOCKET(s) (s) 22 #define GetSSLCTX(obj, ctx) do { \ 23 TypedData_Get_Struct((obj), SSL_CTX, &ossl_sslctx_type, (ctx)); \ 54 SSL_METHOD *(*func)(void);
57 #if defined(HAVE_SSL_CTX_SET_MIN_PROTO_VERSION) 58 #define OSSL_SSL_METHOD_ENTRY(name, version) \ 59 { #name, (SSL_METHOD *(*)(void))TLS_method, version }, \ 60 { #name"_server", (SSL_METHOD *(*)(void))TLS_server_method, version }, \ 61 { #name"_client", (SSL_METHOD *(*)(void))TLS_client_method, version } 63 #define OSSL_SSL_METHOD_ENTRY(name, version) \ 64 { #name, (SSL_METHOD *(*)(void))name##_method, version }, \ 65 { #name"_server", (SSL_METHOD *(*)(void))name##_server_method, version }, \ 66 { #name"_client", (SSL_METHOD *(*)(void))name##_client_method, version } 68 #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL2_METHOD) && defined(HAVE_SSLV2_METHOD) 71 #if !defined(OPENSSL_NO_SSL3) && !defined(OPENSSL_NO_SSL3_METHOD) && defined(HAVE_SSLV3_METHOD) 74 #if !defined(OPENSSL_NO_TLS1) && !defined(OPENSSL_NO_TLS1_METHOD) 77 #if !defined(OPENSSL_NO_TLS1_1) && !defined(OPENSSL_NO_TLS1_1_METHOD) && defined(HAVE_TLSV1_1_METHOD) 80 #if !defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_TLS1_2_METHOD) && defined(HAVE_TLSV1_2_METHOD) 84 #undef OSSL_SSL_METHOD_ENTRY 95 #if !defined(HAVE_X509_STORE_UP_REF) 97 ctx->cert_store =
NULL;
114 long mode = SSL_MODE_ENABLE_PARTIAL_WRITE |
115 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER;
118 #ifdef SSL_MODE_RELEASE_BUFFERS 119 mode |= SSL_MODE_RELEASE_BUFFERS;
123 ctx = SSL_CTX_new(SSLv23_method());
127 SSL_CTX_set_mode(ctx, mode);
131 #if !defined(OPENSSL_NO_EC) && defined(HAVE_SSL_CTX_SET_ECDH_AUTO) 139 if (!SSL_CTX_set_ecdh_auto(ctx, 1))
161 VALUE m = ssl_method;
170 #if defined(HAVE_SSL_CTX_SET_MIN_PROTO_VERSION) 175 if (SSL_CTX_set_ssl_version(ctx, method) != 1)
178 #if defined(HAVE_SSL_CTX_SET_MIN_PROTO_VERSION) 179 if (!SSL_CTX_set_min_proto_version(ctx, version))
181 if (!SSL_CTX_set_max_proto_version(ctx, version))
225 #if !defined(OPENSSL_NO_DH) || \ 226 !defined(OPENSSL_NO_EC) && defined(HAVE_SSL_CTX_SET_TMP_ECDH_CALLBACK) 254 #if !defined(OPENSSL_NO_DH) 268 args.
type = EVP_PKEY_DH;
271 (
VALUE)&args, &state);
279 return EVP_PKEY_get0_DH(pkey);
283 #if !defined(OPENSSL_NO_EC) && defined(HAVE_SSL_CTX_SET_TMP_ECDH_CALLBACK) 297 args.
type = EVP_PKEY_EC;
300 (
VALUE)&args, &state);
308 return EVP_PKEY_get0_EC_KEY(pkey);
315 X509_STORE_CTX *ctx = (X509_STORE_CTX *)ctx_v;
319 ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
323 if (!
RTEST(hostname)) {
324 rb_warning(
"verify_hostname requires hostname to be set");
328 cert_obj =
ossl_x509_new(X509_STORE_CTX_get_current_cert(ctx));
340 ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
347 !X509_STORE_CTX_get_error_depth(ctx)) {
353 preverify_ok = ret ==
Qtrue;
375 #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) 386 OSSL_Debug(
"SSL SESSION get callback entered");
389 ssl_obj = (
VALUE)ptr;
430 OSSL_Debug(
"SSL SESSION new callback entered");
434 ssl_obj = (
VALUE)ptr;
475 VALUE ary, sslctx_obj, sess_obj;
479 OSSL_Debug(
"SSL SESSION remove callback entered");
483 sslctx_obj = (
VALUE)ptr;
510 if(!SSL_CTX_add_extra_chain_cert(ctx, x509)){
519 #ifdef HAVE_SSL_SET_TLSEXT_HOST_NAME 521 ossl_call_servername_cb(
VALUE ary)
540 SSL_set_SSL_CTX(ssl, ctx2);
542 }
else if (!
NIL_P(ret_obj)) {
544 "OpenSSL::SSL::SSLContext object or nil");
551 ssl_servername_cb(SSL *ssl,
int *ad,
void *arg)
556 const char *servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
559 return SSL_TLSEXT_ERR_OK;
562 return SSL_TLSEXT_ERR_ALERT_FATAL;
563 ssl_obj = (
VALUE)ptr;
568 rb_protect(ossl_call_servername_cb, ary, &state);
571 return SSL_TLSEXT_ERR_ALERT_FATAL;
574 return SSL_TLSEXT_ERR_OK;
586 ssl_obj = (
VALUE)ptr;
590 if (
NIL_P(cb))
return;
595 #if defined(HAVE_SSL_CTX_SET_NEXT_PROTO_SELECT_CB) || \ 596 defined(HAVE_SSL_CTX_SET_ALPN_SELECT_CB) 598 ssl_npn_encode_protocol_i(
VALUE cur,
VALUE encoded)
602 if (len < 1 || len > 255)
612 ssl_encode_npn_protocols(
VALUE protocols)
619 struct npn_select_cb_common_args {
621 const unsigned char *in;
626 npn_select_cb_common_i(
VALUE tmp)
628 struct npn_select_cb_common_args *args = (
void *)tmp;
629 const unsigned char *in = args->in, *in_end = in + args->inlen;
636 while (in < in_end) {
645 if (len < 1 || len >= 256) {
653 ssl_npn_select_cb_common(SSL *ssl,
VALUE cb,
const unsigned char **out,
654 unsigned char *outlen,
const unsigned char *in,
659 struct npn_select_cb_common_args args;
670 return SSL_TLSEXT_ERR_ALERT_FATAL;
676 return SSL_TLSEXT_ERR_OK;
680 #ifdef HAVE_SSL_CTX_SET_NEXT_PROTO_SELECT_CB 682 ssl_npn_advertise_cb(SSL *ssl,
const unsigned char **out,
unsigned int *outlen,
687 *out = (
const unsigned char *)
RSTRING_PTR(protocols);
690 return SSL_TLSEXT_ERR_OK;
694 ssl_npn_select_cb(SSL *ssl,
unsigned char **out,
unsigned char *outlen,
695 const unsigned char *in,
unsigned int inlen,
void *arg)
699 sslctx_obj = (
VALUE) arg;
702 return ssl_npn_select_cb_common(ssl, cb, (
const unsigned char **)out,
707 #ifdef HAVE_SSL_CTX_SET_ALPN_SELECT_CB 709 ssl_alpn_select_cb(SSL *ssl,
const unsigned char **out,
unsigned char *outlen,
710 const unsigned char *in,
unsigned int inlen,
void *arg)
714 sslctx_obj = (
VALUE) arg;
717 return ssl_npn_select_cb_common(ssl, cb, out, outlen, in, inlen);
727 if (is_server && where & SSL_CB_HANDSHAKE_START) {
740 return LONG2NUM(SSL_CTX_get_options(ctx));
756 if (
NIL_P(options)) {
757 SSL_CTX_set_options(ctx, SSL_OP_ALL);
759 SSL_CTX_set_options(ctx,
NUM2LONG(options));
778 X509 *cert =
NULL, *client_ca =
NULL;
780 char *ca_path =
NULL, *ca_file =
NULL;
788 #if !defined(OPENSSL_NO_DH) 792 #if !defined(OPENSSL_NO_EC) 796 # if defined(HAVE_SSL_CTX_SET_TMP_ECDH_CALLBACK) 797 rb_warn(
"#tmp_ecdh_callback= is deprecated; use #ecdh_curves= instead");
798 SSL_CTX_set_tmp_ecdh_callback(ctx, ossl_tmp_ecdh_callback);
799 # if defined(HAVE_SSL_CTX_SET_ECDH_AUTO) 802 if (!SSL_CTX_set_ecdh_auto(ctx, 0))
807 "use #ecdh_curves= instead");
815 SSL_CTX_set_cert_store(ctx, store);
816 #if !defined(HAVE_X509_STORE_UP_REF) 840 if (!SSL_CTX_use_certificate(ctx, cert)) {
844 if (!SSL_CTX_use_PrivateKey(ctx, key)) {
848 if (!SSL_CTX_check_private_key(ctx)) {
858 if (!SSL_CTX_add_client_CA(ctx, client_ca)){
866 if (!SSL_CTX_add_client_CA(ctx, client_ca)){
877 if(ca_file || ca_path){
878 if (!SSL_CTX_load_verify_locations(ctx, ca_file, ca_path))
883 verify_mode =
NIL_P(val) ? SSL_VERIFY_NONE :
NUM2INT(val);
892 if(!
NIL_P(val)) SSL_CTX_set_verify_depth(ctx,
NUM2INT(val));
894 #ifdef HAVE_SSL_CTX_SET_NEXT_PROTO_SELECT_CB 897 VALUE encoded = ssl_encode_npn_protocols(val);
899 SSL_CTX_set_next_protos_advertised_cb(ctx, ssl_npn_advertise_cb, (
void *)encoded);
900 OSSL_Debug(
"SSL NPN advertise callback added");
903 SSL_CTX_set_next_proto_select_cb(ctx, ssl_npn_select_cb, (
void *)
self);
908 #ifdef HAVE_SSL_CTX_SET_ALPN_SELECT_CB 911 VALUE rprotos = ssl_encode_npn_protocols(val);
914 if (SSL_CTX_set_alpn_protos(ctx, (
unsigned char *)
RSTRING_PTR(rprotos),
920 SSL_CTX_set_alpn_select_cb(ctx, ssl_alpn_select_cb, (
void *)
self);
930 if (!SSL_CTX_set_session_id_context(ctx, (
unsigned char *)
RSTRING_PTR(val),
946 OSSL_Debug(
"SSL SESSION remove callback added");
949 #ifdef HAVE_SSL_SET_TLSEXT_HOST_NAME 952 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
953 OSSL_Debug(
"SSL TLSEXT servername callback added");
969 bits = SSL_CIPHER_get_bits(cipher, &alg_bits);
987 const SSL_CIPHER *cipher;
1001 num = sk_SSL_CIPHER_num(ciphers);
1003 for(i = 0; i < num; i++){
1004 cipher = sk_SSL_CIPHER_value(ciphers, i);
1056 #if !defined(OPENSSL_NO_EC) 1093 #if defined(HAVE_SSL_CTX_SET1_CURVES_LIST) 1094 if (!SSL_CTX_set1_curves_list(ctx,
RSTRING_PTR(arg)))
1100 VALUE curve, splitted;
1112 if (nid == NID_undef)
1114 if (nid == NID_undef)
1117 ec = EC_KEY_new_by_curve_name(nid);
1120 EC_KEY_set_asn1_flag(ec, OPENSSL_EC_NAMED_CURVE);
1121 if (!SSL_CTX_set_tmp_ecdh(ctx, ec)) {
1126 # if defined(HAVE_SSL_CTX_SET_ECDH_AUTO) 1129 if (!SSL_CTX_set_ecdh_auto(ctx, 0))
1138 #define ossl_sslctx_set_ecdh_curves rb_f_notimplement 1156 #if defined(HAVE_SSL_CTX_GET_SECURITY_LEVEL) 1157 return INT2NUM(SSL_CTX_get_security_level(ctx));
1191 #if defined(HAVE_SSL_CTX_GET_SECURITY_LEVEL) 1192 SSL_CTX_set_security_level(ctx,
NUM2INT(value));
1197 "not supported in this version of OpenSSL");
1218 return SSL_CTX_add_session(ctx, sess) == 1 ?
Qtrue :
Qfalse;
1236 return SSL_CTX_remove_session(ctx, sess) == 1 ?
Qtrue :
Qfalse;
1252 return LONG2NUM(SSL_CTX_get_session_cache_mode(ctx));
1270 SSL_CTX_set_session_cache_mode(ctx,
NUM2LONG(arg));
1289 return LONG2NUM(SSL_CTX_sess_get_cache_size(ctx));
1306 SSL_CTX_sess_set_cache_size(ctx,
NUM2LONG(arg));
1384 SSL_CTX_flush_sessions(ctx, (
long)tm);
1392 #ifndef OPENSSL_NO_SOCK 1397 return SSL_get_fd(ssl) >= 0;
1439 VALUE io, v_ctx, verify_cb;
1495 #define ssl_get_error(ssl, ret) (errno = rb_w32_map_errno(WSAGetLastError()), SSL_get_error((ssl), (ret))) 1497 #define ssl_get_error(ssl, ret) SSL_get_error((ssl), (ret)) 1530 int nonblock = opts !=
Qfalse;
1541 if (!
NIL_P(cb_state)) {
1551 case SSL_ERROR_WANT_WRITE:
1556 case SSL_ERROR_WANT_READ:
1561 case SSL_ERROR_SYSCALL:
1563 ossl_raise(
eSSLError,
"%s SYSCALL returned=%d errno=%d state=%s", funcname, ret2,
errno, SSL_state_string_long(ssl));
1672 int ilen, nread = 0;
1690 if(ilen == 0)
return str;
1696 if(!nonblock && SSL_pending(ssl) <= 0)
1701 case SSL_ERROR_NONE:
1703 case SSL_ERROR_ZERO_RETURN:
1706 case SSL_ERROR_WANT_WRITE:
1711 case SSL_ERROR_WANT_READ:
1716 case SSL_ERROR_SYSCALL:
1717 if (!ERR_peek_error()) {
1740 rb_warning(
"SSL session is not started yet.");
1742 return rb_funcall(io, meth, 3, len, str, opts);
1793 int nonblock = opts !=
Qfalse;
1810 case SSL_ERROR_NONE:
1812 case SSL_ERROR_WANT_WRITE:
1817 case SSL_ERROR_WANT_READ:
1822 case SSL_ERROR_SYSCALL:
1830 ID meth = nonblock ?
1833 rb_warning(
"SSL session is not started yet.");
1889 ret = SSL_shutdown(ssl);
1923 cert = SSL_get_certificate(ssl);
1946 cert = SSL_get_peer_certificate(ssl);
1974 chain = SSL_get_peer_cert_chain(ssl);
1975 if(!chain)
return Qnil;
1976 num = sk_X509_num(chain);
1978 for (i = 0; i < num; i++){
1979 cert = sk_X509_value(chain, i);
2017 cipher = (SSL_CIPHER *)SSL_get_current_cipher(ssl);
2058 return INT2NUM(SSL_pending(ssl));
2092 if (SSL_set_session(ssl, sess) != 1)
2098 #ifdef HAVE_SSL_SET_TLSEXT_HOST_NAME 2110 char *hostname =
NULL;
2117 if (!SSL_set_tlsext_host_name(ssl, hostname))
2143 return INT2NUM(SSL_get_verify_result(ssl));
2165 ca = SSL_get_client_CA_list(ssl);
2169 # ifdef HAVE_SSL_CTX_SET_NEXT_PROTO_SELECT_CB 2178 ossl_ssl_npn_protocol(
VALUE self)
2181 const unsigned char *out;
2182 unsigned int outlen;
2186 SSL_get0_next_proto_negotiated(ssl, &out, &outlen);
2190 return rb_str_new((
const char *) out, outlen);
2194 # ifdef HAVE_SSL_CTX_SET_ALPN_SELECT_CB 2203 ossl_ssl_alpn_protocol(
VALUE self)
2206 const unsigned char *out;
2207 unsigned int outlen;
2211 SSL_get0_alpn_selected(ssl, &out, &outlen);
2215 return rb_str_new((
const char *) out, outlen);
2219 # ifdef HAVE_SSL_GET_SERVER_TMP_KEY 2227 ossl_ssl_tmp_key(
VALUE self)
2233 if (!SSL_get_server_tmp_key(ssl, &key))
2241 #define rb_intern(s) rb_intern_const(s) 2398 #if !defined(OPENSSL_NO_EC) && defined(HAVE_SSL_CTX_SET_TMP_ECDH_CALLBACK) 2443 #ifdef HAVE_SSL_SET_TLSEXT_HOST_NAME 2449 #ifdef TLS_DH_anon_WITH_AES_256_GCM_SHA384 2477 #ifdef HAVE_SSL_CTX_SET_NEXT_PROTO_SELECT_CB 2509 #ifdef HAVE_SSL_CTX_SET_ALPN_SELECT_CB 2623 #ifdef OPENSSL_NO_SOCK 2652 #ifdef HAVE_SSL_SET_TLSEXT_HOST_NAME 2656 # ifdef HAVE_SSL_GET_SERVER_TMP_KEY 2659 # ifdef HAVE_SSL_CTX_SET_ALPN_SELECT_CB 2662 # ifdef HAVE_SSL_CTX_SET_NEXT_PROTO_SELECT_CB 2667 #define ossl_ssl_def_const(x) rb_define_const(mSSL, #x, LONG2NUM(SSL_##x)) 2697 #if defined(SSL_OP_NO_TLSv1_1) 2700 #if defined(SSL_OP_NO_TLSv1_2) 2703 #if defined(SSL_OP_NO_TICKET) 2706 #if defined(SSL_OP_NO_COMPRESSION) 2722 #define DefIVarID(name) do \ 2723 id_i_##name = rb_intern("@"#name); while (0) #define OSSL_SSL_METHOD_ENTRY(name, version)
static VALUE ossl_ssl_get_cipher(VALUE self)
static ID ID_callback_state
static VALUE ossl_sslctx_session_add(VALUE self, VALUE arg)
static VALUE ossl_sslctx_get_session_cache_stats(VALUE self)
static VALUE ossl_ssl_stop(VALUE self)
static DH * ossl_tmp_dh_callback(SSL *ssl, int is_export, int keylength)
VALUE rb_ary_entry(VALUE ary, long offset)
#define RUBY_TYPED_FREE_IMMEDIATELY
#define ssl_get_error(ssl, ret)
void rb_io_check_readable(rb_io_t *)
static int ossl_ssl_ex_store_p
static ID id_npn_protocols_encoded
const rb_data_type_t ossl_ssl_type
static unsigned int hash(str, len) register const char *str
static VALUE ossl_ssl_s_alloc(VALUE klass)
static VALUE ossl_ssl_read(int argc, VALUE *argv, VALUE self)
static VALUE eSSLErrorWaitReadable
EVP_PKEY * GetPrivPKeyPtr(VALUE obj)
#define TypedData_Wrap_Struct(klass, data_type, sval)
#define TypedData_Get_Struct(obj, type, data_type, sval)
void rb_define_private_method(VALUE klass, const char *name, VALUE(*func)(ANYARGS), int argc)
VALUE rb_iterate(VALUE(*)(VALUE), VALUE, VALUE(*)(ANYARGS), VALUE)
static int ossl_ssl_ex_vcb_idx
VALUE rb_ary_push(VALUE ary, VALUE item)
static VALUE ossl_ssl_get_cert(VALUE self)
SSL_METHOD *(* func)(void)
static void ossl_sslctx_free(void *ptr)
static int ossl_ssl_ex_ptr_idx
static ID id_i_servername_cb
VALUE rb_funcall(VALUE, ID, int,...)
Calls a method.
VALUE ossl_x509name_sk2ary(const STACK_OF(X509_NAME) *names)
void rb_str_set_len(VALUE, long)
VALUE rb_protect(VALUE(*proc)(VALUE), VALUE data, int *state)
VALUE rb_define_class_under(VALUE outer, const char *name, VALUE super)
Defines a class under the namespace of outer.
void rb_define_alloc_func(VALUE, rb_alloc_func_t)
VALUE rb_obj_is_kind_of(VALUE, VALUE)
STACK_OF(X509) *ossl_x509_ary2sk0(VALUE)
static EVP_PKEY * ossl_call_tmp_dh_callback(struct tmp_dh_callback_args *args)
#define SSL_SESSION_up_ref(x)
void rb_include_module(VALUE klass, VALUE module)
VALUE rb_block_call(VALUE, ID, int, const VALUE *, rb_block_call_func_t, VALUE)
static VALUE call_verify_certificate_identity(VALUE ctx_v)
static VALUE ossl_sslctx_get_options(VALUE self)
static VALUE ossl_ssl_read_nonblock(int argc, VALUE *argv, VALUE self)
static ID id_i_renegotiation_cb
static VALUE ossl_ssl_accept_nonblock(int argc, VALUE *argv, VALUE self)
VALUE ossl_pkey_new(EVP_PKEY *pkey)
void rb_undef_method(VALUE klass, const char *name)
#define GetSSLCTX(obj, ctx)
VALUE rb_f_notimplement(int argc, const VALUE *argv, VALUE obj)
#define GetOpenFile(obj, fp)
static ID id_i_client_cert_cb
static VALUE sym_exception
VALUE rb_str_buf_cat(VALUE, const char *, long)
static VALUE ossl_ssl_write(VALUE self, VALUE str)
static VALUE ossl_call_client_cert_cb(VALUE obj)
static VALUE ossl_ssl_connect_nonblock(int argc, VALUE *argv, VALUE self)
static const struct @49 ossl_ssl_method_tab[]
#define RB_BLOCK_CALL_FUNC_ARGLIST(yielded_arg, callback_arg)
void Init_ossl_ssl_session(void)
static ID id_i_npn_protocols
#define RB_TYPE_P(obj, type)
#define EC_curve_nist2nid
X509 * GetX509CertPtr(VALUE)
RUBY_EXTERN VALUE rb_mWaitReadable
static VALUE ossl_ssl_accept(VALUE self)
static VALUE ossl_sslctx_get_ciphers(VALUE self)
static int ssl_started(SSL *ssl)
void ossl_clear_error(void)
VALUE rb_hash_aset(VALUE hash, VALUE key, VALUE val)
RUBY_EXTERN VALUE rb_cObject
static ID id_i_session_get_cb
static VALUE ossl_ssl_session_reused(VALUE self)
void rb_attr(VALUE, ID, int, int, int)
static VALUE ossl_call_session_remove_cb(VALUE ary)
static VALUE ossl_sslctx_add_extra_chain_cert_i(RB_BLOCK_CALL_FUNC_ARGLIST(i, arg))
static ID id_i_verify_hostname
VALUE rb_str_cat2(VALUE, const char *)
static void ossl_ssl_free(void *ssl)
static ID id_i_alpn_select_cb
static ID id_i_tmp_ecdh_callback
void rb_define_const(VALUE, const char *, VALUE)
int rb_io_wait_writable(int)
static VALUE ossl_ssl_pending(VALUE self)
static VALUE ossl_sslctx_setup(VALUE self)
static VALUE ossl_sslctx_set_security_level(VALUE self, VALUE value)
VALUE ossl_x509_new(X509 *)
static VALUE ossl_ssl_read_internal(int argc, VALUE *argv, VALUE self, int nonblock)
VALUE rb_obj_alloc(VALUE)
VALUE rb_str_split(VALUE, const char *)
static VALUE ossl_ssl_set_session(VALUE self, VALUE arg1)
static VALUE ossl_sslctx_set_options(VALUE self, VALUE options)
static VALUE ossl_ssl_get_verify_result(VALUE self)
static VALUE ossl_ssl_get_state(VALUE self)
static const rb_data_type_t ossl_sslctx_type
static VALUE ossl_sslctx_get_session_cache_mode(VALUE self)
static SSL_SESSION * ossl_sslctx_session_get_cb(SSL *ssl, unsigned char *buf, int len, int *copy)
VALUE rb_str_resize(VALUE, long)
static ID id_i_verify_depth
void rb_define_alias(VALUE klass, const char *name1, const char *name2)
Defines an alias of a method.
static ID id_i_session_new_cb
static VALUE ossl_ssl_get_client_ca_list(VALUE self)
static void write_would_block(int nonblock)
static VALUE ossl_ssl_setup(VALUE self)
static VALUE ossl_ssl_initialize(int argc, VALUE *argv, VALUE self)
RUBY_EXTERN VALUE rb_mWaitWritable
static VALUE ossl_sslctx_session_remove(VALUE self, VALUE arg)
int rb_scan_args(int argc, const VALUE *argv, const char *fmt,...)
int ossl_verify_cb_call(VALUE, int, X509_STORE_CTX *)
VALUE rb_ivar_set(VALUE, ID, VALUE)
unsigned char buf[MIME_BUF_SIZE]
void rb_thread_wait_fd(int)
static VALUE ossl_ssl_write_nonblock(int argc, VALUE *argv, VALUE self)
static int options(unsigned char *cp)
static VALUE ossl_call_session_new_cb(VALUE ary)
static VALUE ossl_sslctx_set_ciphers(VALUE self, VALUE v)
static int ossl_client_cert_cb(SSL *ssl, X509 **x509, EVP_PKEY **pkey)
static VALUE ossl_sslctx_set_session_cache_mode(VALUE self, VALUE arg)
static VALUE ossl_start_ssl(VALUE self, int(*func)(), const char *funcname, VALUE opts)
VALUE rb_call_super(int, const VALUE *)
static VALUE eSSLErrorWaitWritable
static VALUE ossl_sslctx_set_ecdh_curves(VALUE self, VALUE arg)
static void ssl_renegotiation_cb(const SSL *ssl)
void rb_sys_fail(const char *mesg)
void rb_jump_tag(int tag)
static ID id_i_session_remove_cb
X509_STORE * GetX509StorePtr(VALUE)
int rb_respond_to(VALUE, ID)
register unsigned int len
VALUE rb_define_module_under(VALUE outer, const char *name)
#define X509_STORE_up_ref(x)
#define StringValueCStr(v)
VALUE rb_obj_is_instance_of(VALUE, VALUE)
static VALUE ossl_ssl_get_peer_cert(VALUE self)
void rb_str_modify(VALUE)
static ID id_tmp_ecdh_callback
static VALUE sym_wait_writable
static ID id_tmp_dh_callback
static VALUE ossl_call_session_get_cb(VALUE ary)
VALUE rb_hash_lookup2(VALUE hash, VALUE key, VALUE def)
#define RARRAY_AREF(a, i)
static void ssl_info_cb(const SSL *ssl, int where, int val)
static VALUE mSSLExtConfig
#define ossl_ssl_def_const(x)
static VALUE ossl_ssl_write_internal(VALUE self, VALUE str, VALUE opts)
static int no_exception_p(VALUE opts)
static ID id_i_npn_select_cb
void ossl_raise(VALUE exc, const char *fmt,...)
static int ossl_ssl_verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
EVP_PKEY * GetPKeyPtr(VALUE obj)
static VALUE ossl_ssl_cipher_to_ary(const SSL_CIPHER *cipher)
static VALUE ossl_ssl_get_version(VALUE self)
static VALUE ossl_sslctx_set_session_cache_size(VALUE self, VALUE arg)
EVP_PKEY * DupPKeyPtr(VALUE obj)
X509 * DupX509CertPtr(VALUE)
static ID id_i_session_id_context
void rb_io_check_writable(rb_io_t *)
static VALUE sym_wait_readable
static ID id_i_verify_callback
static VALUE ossl_ssl_get_peer_cert_chain(VALUE self)
static ID id_i_extra_chain_cert
static VALUE ossl_sslctx_flush_sessions(int argc, VALUE *argv, VALUE self)
#define SSL_CTX_get_ciphers(ctx)
static ID id_i_alpn_protocols
#define RTYPEDDATA_DATA(v)
#define EVP_PKEY_base_id(pkey)
void rb_warning(const char *fmt,...)
#define RSTRING_LENINT(str)
#define SafeGetSSLSession(obj, sess)
#define rb_check_frozen(obj)
VALUE rb_obj_freeze(VALUE)
static void ossl_sslctx_session_remove_cb(SSL_CTX *ctx, SSL_SESSION *sess)
static VALUE ossl_sslctx_set_ssl_version(VALUE self, VALUE ssl_method)
static VALUE ossl_sslctx_get_security_level(VALUE self)
VALUE rb_define_module(const char *name)
static int ossl_sslctx_session_new_cb(SSL *ssl, SSL_SESSION *sess)
static void read_would_block(int nonblock)
static VALUE ossl_ssl_connect(VALUE self)
int rb_io_wait_readable(int)
RUBY_EXTERN VALUE rb_cTime
static VALUE ossl_sslctx_s_alloc(VALUE klass)
void rb_define_method(VALUE klass, const char *name, VALUE(*func)(ANYARGS), int argc)
VALUE rb_str_append(VALUE, VALUE)
void rb_warn(const char *fmt,...)
#define SSL_CTX_clear_options(ctx, op)
static ID id_i_verify_mode
VALUE rb_attr_get(VALUE, ID)
static VALUE ossl_sslctx_get_session_cache_size(VALUE self)
static ID id_i_cert_store
VALUE rb_str_new(const char *, long)