Module: OpenSSL
- Defined in:
- lib/openssl/bn.rb,
lib/openssl/ssl.rb,
lib/openssl/pkey.rb,
lib/openssl/x509.rb,
lib/openssl/cipher.rb,
lib/openssl/config.rb,
lib/openssl/digest.rb,
ext/openssl/ossl.c,
ext/openssl/ossl_bn.c,
ext/openssl/ossl_ssl.c,
ext/openssl/ossl_asn1.c,
ext/openssl/ossl_hmac.c,
ext/openssl/ossl_ocsp.c,
ext/openssl/ossl_pkey.c,
ext/openssl/ossl_rand.c,
ext/openssl/ossl_x509.c,
ext/openssl/ossl_pkcs5.c,
ext/openssl/ossl_pkcs7.c,
ext/openssl/ossl_cipher.c,
ext/openssl/ossl_config.c,
ext/openssl/ossl_digest.c,
ext/openssl/ossl_engine.c,
ext/openssl/ossl_pkcs12.c,
ext/openssl/deprecation.rb,
ext/openssl/ossl_x509crl.c,
ext/openssl/ossl_x509ext.c,
ext/openssl/ossl_x509req.c,
ext/openssl/ossl_x509attr.c,
ext/openssl/ossl_x509cert.c,
ext/openssl/ossl_x509name.c,
ext/openssl/ossl_x509store.c,
ext/openssl/ossl_ssl_session.c,
ext/openssl/ossl_x509revoked.c,
ext/openssl/ossl_ns_spki.c
Overview
–
Ruby-space predefined Digest subclasses
Info
‘OpenSSL for Ruby 2’ project Copyright © 2002 Michal Rokos <[email protected]> All rights reserved.
Licence
This program is licensed under the same licence as Ruby. (See the file ‘LICENCE’.) ++
Defined Under Namespace
Modules: ASN1, Buffering, ExtConfig, Netscape, OCSP, PKey, Random, SSL, X509 Classes: BN, BNError, Cipher, Config, ConfigError, Digest, Engine, HMAC, HMACError, OpenSSLError, PKCS12, PKCS5, PKCS7
Constant Summary collapse
- VERSION =
OpenSSL ruby extension version
rb_str_new2(OSSL_VERSION)
- OPENSSL_VERSION =
Version of OpenSSL the ruby OpenSSL extension was built with
rb_str_new2(OPENSSL_VERSION_TEXT)
- OPENSSL_LIBRARY_VERSION =
Version of OpenSSL the ruby OpenSSL extension is running with
rb_str_new2(SSLeay_version(SSLEAY_VERSION))
- OPENSSL_VERSION_NUMBER =
Version number of OpenSSL the ruby OpenSSL extension was built with (base 16)
INT2NUM(OPENSSL_VERSION_NUMBER)
- OPENSSL_FIPS =
#ifdef OPENSSL_FIPS Qtrue #else Qfalse #endif
Class Method Summary collapse
- .check_func(func, header) ⇒ Object
- .check_func_or_macro(func, header) ⇒ Object
- .debug ⇒ Object
-
.debug=(boolean) ⇒ Boolean
Turns on or off debug mode.
- .deprecated_warning_flag ⇒ Object
-
.Digest(name) ⇒ Object
Returns a Digest subclass by
name
. -
.errors ⇒ Array
See any remaining errors held in queue.
-
.fips_mode=(boolean) ⇒ Boolean
Turns FIPS mode on or off.
-
.mem_check_start ⇒ nil
Calls CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON).
-
.print_mem_leaks ⇒ Object
For debugging the Ruby/OpenSSL library.
Class Method Details
.check_func(func, header) ⇒ Object
18 19 20 |
# File 'ext/openssl/deprecation.rb', line 18 def self.check_func(func, header) have_func(func, header, deprecated_warning_flag) end |
.check_func_or_macro(func, header) ⇒ Object
22 23 24 25 |
# File 'ext/openssl/deprecation.rb', line 22 def self.check_func_or_macro(func, header) check_func(func, header) or have_macro(func, header) && $defs.push("-DHAVE_#{func.upcase}") end |
.debug ⇒ Object
363 364 365 366 367 |
# File 'ext/openssl/ossl.c', line 363
static VALUE
ossl_debug_get(VALUE self)
{
return dOSSL;
}
|
.debug=(boolean) ⇒ Boolean
Turns on or off debug mode. With debug mode, all erros added to the OpenSSL error queue will be printed to stderr.
376 377 378 379 380 381 382 |
# File 'ext/openssl/ossl.c', line 376
static VALUE
ossl_debug_set(VALUE self, VALUE val)
{
dOSSL = RTEST(val) ? Qtrue : Qfalse;
return val;
}
|
.deprecated_warning_flag ⇒ Object
3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
# File 'ext/openssl/deprecation.rb', line 3 def self.deprecated_warning_flag unless flag = (@deprecated_warning_flag ||= nil) if try_compile("", flag = "-Werror=deprecated-declarations") if /darwin/ =~ RUBY_PLATFORM and with_config("broken-apple-openssl") flag = "-Wno-deprecated-declarations" end $warnflags << " #{flag}" else flag = "" end @deprecated_warning_flag = flag end flag end |
.Digest(name) ⇒ Object
72 73 74 |
# File 'lib/openssl/digest.rb', line 72 def Digest(name) OpenSSL::Digest.const_get(name) end |
.errors ⇒ Array
See any remaining errors held in queue.
Any errors you see here are probably due to a bug in ruby’s OpenSSL implementation.
324 325 326 327 328 329 330 331 332 333 334 335 336 |
# File 'ext/openssl/ossl.c', line 324
VALUE
ossl_get_errors(void)
{
VALUE ary;
long e;
ary = rb_ary_new();
while ((e = ERR_get_error()) != 0){
rb_ary_push(ary, rb_str_new2(ERR_error_string(e, NULL)));
}
return ary;
}
|
.fips_mode=(boolean) ⇒ Boolean
396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 |
# File 'ext/openssl/ossl.c', line 396
static VALUE
ossl_fips_mode_set(VALUE self, VALUE enabled)
{
#ifdef OPENSSL_FIPS
if (RTEST(enabled)) {
int mode = FIPS_mode();
if(!mode && !FIPS_mode_set(1)) /* turning on twice leads to an error */
ossl_raise(eOSSLError, "Turning on FIPS mode failed");
} else {
if(!FIPS_mode_set(0)) /* turning off twice is OK */
ossl_raise(eOSSLError, "Turning off FIPS mode failed");
}
return enabled;
#else
if (RTEST(enabled))
ossl_raise(eOSSLError, "This version of OpenSSL does not support FIPS mode");
return enabled;
#endif
}
|
.mem_check_start ⇒ nil
Calls CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON). Starts tracking memory allocations. See also OpenSSL.print_mem_leaks.
This is available only when built with a capable OpenSSL and –enable-debug configure option.
431 432 433 434 435 436 |
# File 'ext/openssl/ossl.c', line 431
static VALUE
mem_check_start(VALUE self)
{
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
return Qnil;
}
|
.print_mem_leaks ⇒ Object
For debugging the Ruby/OpenSSL library. Calls CRYPTO_mem_leaks_fp(stderr). Prints detected memory leaks to standard error. This cleans the global state up thus you cannot use any methods of the library after calling this.
Returns true if leaks detected, false otherwise.
This is available only when built with a capable OpenSSL and –enable-debug configure option.
Example
OpenSSL.mem_check_start
NOT_GCED = OpenSSL::PKey::RSA.new(256)
END {
GC.start
OpenSSL.print_mem_leaks # will print the leakage
}
460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 |
# File 'ext/openssl/ossl.c', line 460
static VALUE
print_mem_leaks(VALUE self)
{
#if OPENSSL_VERSION_NUMBER >= 0x10100000
int ret;
#endif
BN_CTX_free(ossl_bn_ctx);
ossl_bn_ctx = NULL;
#if OPENSSL_VERSION_NUMBER >= 0x10100000
ret = CRYPTO_mem_leaks_fp(stderr);
if (ret < 0)
ossl_raise(eOSSLError, "CRYPTO_mem_leaks_fp");
return ret ? Qfalse : Qtrue;
#else
CRYPTO_mem_leaks_fp(stderr);
return Qnil;
#endif
}
|