Ruby Issue Tracking System

11/18/2025

12:49 PM Ruby Revision 522b7d82 (git): [ruby/openssl] ssl: fix test_pqc_sigalg on RHEL 9.7

RHEL 9.7 ships OpenSSL 3.5.1 with ML-DSA support, but it is disabled
for TLS by default, according to the system configuration file:
/etc/crypto-policies/back-ends/opensslcnf.config
Specify SSLContext#sigalgs to override the default lis... rhenium (Kazuki Yamaguchi)

11/06/2025

04:19 PM Ruby Revision f7e7443a (git): Adjust OpenSSL specs for digest algorithm lookup

https://github.com/ruby/openssl/pull/958 changed the common logic for
digest algorithm lookup:
- If the argument is neither an OpenSSL::Digest instance nor a String,
it is now implicitly converted to String with #to_str. This is
... rhenium (Kazuki Yamaguchi)

01:40 PM Ruby Revision 87ae631b (git): [ruby/openssl] pkey/rsa: fix usage of eRSAError

This is a follow-up to commit https://github.com/ruby/openssl/commit/e74ff3e2722f, which missed the line added
in a different PR.
https://github.com/ruby/openssl/commit/1b01d19456 rhenium (Kazuki Yamaguchi)

01:33 PM Ruby Revision 16b1aa4e (git): [ruby/openssl] pkey: unify error classes into PKeyError

Remove the following subclasses of OpenSSL::PKey::PKeyError and make
them aliases of it.
- OpenSSL::PKey::DHError
- OpenSSL::PKey::DSAError
- OpenSSL::PKey::ECError
- OpenSSL::PKey::RSAError
Historically, methods defined on OpenSSL... rhenium (Kazuki Yamaguchi)

01:25 PM Ruby Revision 2612915c (git): [ruby/openssl] digest: refactor tests for name aliases

Use explicit strings instead of relying on OpenSSL::ASN1::ObjectId
methods. It is reduced to just SHA-256 because testing other algorithms
does not improve test coverage for ruby/openssl.
https://github.com/ruby/openssl/commit/dcfd2e7b97 rhenium (Kazuki Yamaguchi)

01:25 PM Ruby Revision 18ab5023 (git): [ruby/openssl] digest: raise DigestError for unsupported algorithm name

We generally raise OpenSSL::OpenSSLError or its subclass for errors
originating from the OpenSSL library, which may include extra details
appended by ossl_raise().
https://github.com/ruby/openssl/commit/9427a05ce5 rhenium (Kazuki Yamaguchi)

01:25 PM Ruby Revision 26751e40 (git): [ruby/openssl] cipher: raise CipherError for unsupported algorithm name

Raise OpenSSL::Cipher::CipherError instead of ArgumentError or
RuntimeError for consistency.
https://github.com/ruby/openssl/commit/78601c9c34 rhenium (Kazuki Yamaguchi)

01:25 PM Ruby Revision 10d2311e (git): [ruby/openssl] digest: use EVP_MD_fetch() if available

With the introduction of OpenSSL 3 providers, newly implemented
algorithms do not necessarily have a corresponding NID assigned. To use
such an algorithm, it has to be "fetched" from providers using the new
EVP_*_fetch() functions.
For ... rhenium (Kazuki Yamaguchi)

01:25 PM Ruby Revision 57aaf86b (git): [ruby/openssl] cipher: use EVP_CIPHER_fetch() if available

Likewise, use EVP_MD_fetch() if it is available.
This adds support for AES-GCM-SIV with OpenSSL 3.2 or later.
https://github.com/ruby/openssl/commit/0e565a215e rhenium (Kazuki Yamaguchi)

11/05/2025

06:01 AM Ruby Revision f979ef1f (git): sync_default_gems.rb: gracefully handle merge commits

Find interesting commits by following parents instead of relying on
"git log".
If we encounter a merge commit that may contain a conflict resolution,
fall back to cherry-picking the merge commit as a whole rather than
replaying each ind... rhenium (Kazuki Yamaguchi)