Ruby Issue Tracking System

08/01/2025

12:04 PM Ruby Revision 04678017 (git): [ruby/openssl] pkcs7: refactor error handling in PKCS7#add_data

Raise an exception right after an OpenSSL function returns an error.
Checking ERR_peek_error() is not reliable way to... rhenium (Kazuki Yamaguchi)

12:04 PM Ruby Revision 49778285 (git): [ruby/openssl] pkcs7: make PKCS7#add_recipient actually useful

Add a simple test case that creates an enveloped-data structure without
using the shorthand method, and fix two issue... rhenium (Kazuki Yamaguchi)

12:03 PM Ruby Revision 3fe4ab0d (git): [ruby/openssl] pkcs7: fix error queue leak in OpenSSL::PKCS7#detached

Only call PKCS7_get_detached() if the PKCS7 object is a signed-data.
This is only useful for the content type, and le... rhenium (Kazuki Yamaguchi)

07/31/2025

05:38 PM Ruby Revision 865a6191 (git): [ruby/openssl] pkcs7: clean up tests

This includes:
- Update test keys to the generic rsa-{1,2,3}.pem.
- Add omissions for enveloped-data tests so that... rhenium (Kazuki Yamaguchi)

05:38 PM Ruby Revision 69ff8f73 (git): [ruby/openssl] pkcs7: only set error_string in the error path

Set the error_string attribute to nil if PKCS7_verify() succeeds, since
the error queue should be empty in that case.... rhenium (Kazuki Yamaguchi)

09:45 AM Ruby Revision 0d3d296b (git): Reapply "[ruby/openssl] x509: disallow ossl_x509{,attr,crl,ext,revoked,name}*_new(NULL)"

This reverts commit ec01cd9bbbaf3e6f324e0a6769b8383857d2bc07.
This should no longer break the tests, now that the fo... rhenium (Kazuki Yamaguchi)

09:45 AM Ruby Revision e8261963 (git): [ruby/openssl] x509store: fix StoreContext#current_cert

Commit https://github.com/ruby/openssl/commit/ef277083ba76 overlooked a caller of ossl_x509_new() with NULL
argument.... rhenium (Kazuki Yamaguchi)

07/28/2025

08:02 AM Ruby Revision 32977f38 (git): [rubygems/rubygems] Avoid openssl bug in test_verify_certificate_extra_message

OpenSSL::X509::StoreContext#current_cert returns an empty and invalid
OpenSSL::X509::Certificate instance if it is ca... rhenium (Kazuki Yamaguchi)

07/27/2025

01:56 PM Ruby Revision ec01cd9b (git): Revert "[ruby/openssl] x509: disallow ossl_x509{,attr,crl,ext,revoked,name}*_new(NULL)"

This reverts commit 4e8bbb07dd4936b97a6b39d54a6977a107518e1f.
It broke RubyGems tests:
https://rubyci.s3.amazonaws.c... rhenium (Kazuki Yamaguchi)

12:17 PM Ruby Revision 1c18ab81 (git): [ruby/openssl] pkey: rename ossl_pkey_new() to ossl_pkey_wrap()

Among functions named ossl_*_new(), ossl_pkey_new() is now the only one
that takes ownership of the passed OpenSSL ob... rhenium (Kazuki Yamaguchi)