Ruby Issue Tracking System

Today

12:18 PM Ruby Revision 08e7b5f2 (git): [ruby/openssl] Revert "pkey: stop retrying after non-retryable error from OSSL_DECODER"

This reverts commit https://github.com/ruby/openssl/commit/5347880c6eb0 and
https://github.com/ruby/openssl/commit/98... rhenium (Kazuki Yamaguchi)

09/12/2025

02:22 PM Ruby Revision 8a30594d (git): [ruby/openssl] pkey: fix loading public keys with early OpenSSL 3.0.x releases

Treat an empty error queue after calling OSSL_DECODER_from_bio() as a
retryable error.
This is a follow-up to the pr... rhenium (Kazuki Yamaguchi)

12:26 PM Ruby Revision 8af8582d (git): [ruby/openssl] pkey: pass pem_password_cb to OSSL_DECODER only when it is needed

Specify OSSL_DECODER_CTX_set_pem_password_cb() only when we expect a
passphrase-protected private key.
OSSL_DECODER ... rhenium (Kazuki Yamaguchi)

12:26 PM Ruby Revision c0820058 (git): [ruby/openssl] pkey: stop retrying after non-retryable error from OSSL_DECODER

Continue processing only when OSSL_DECODER_from_bio() returns the error
code ERR_R_UNSUPPORTED. Otherwise, raise an e... rhenium (Kazuki Yamaguchi)

12:26 PM Ruby Revision aca0faf5 (git): [ruby/openssl] pkey: add more tests for OpenSSL::PKey.read

Add tests covering edge cases in the current behavior to prevent
accidental regressions. The next patches will update... rhenium (Kazuki Yamaguchi)

08/12/2025

06:08 PM Ruby Revision 507b1e4b (git): [ruby/openssl] pkey: skip tests using invalid keys in the FIPS mode

In OpenSSL's master branch, importing/loading a key in the FIPS mode
automatically performs a pair-wise consistency c... rhenium (Kazuki Yamaguchi)

08/10/2025

05:31 PM Ruby Bug #21537 (Open): rb_ractor_sched_barrier_start() hangs on Windows

The following script hangs at `GC.start` indefinitely. Pressing Ctrl+C on the terminal interrupts the `sleep` and it ... rhenium (Kazuki Yamaguchi)

08/01/2025

12:04 PM Ruby Revision 04678017 (git): [ruby/openssl] pkcs7: refactor error handling in PKCS7#add_data

Raise an exception right after an OpenSSL function returns an error.
Checking ERR_peek_error() is not reliable way to... rhenium (Kazuki Yamaguchi)

12:04 PM Ruby Revision 49778285 (git): [ruby/openssl] pkcs7: make PKCS7#add_recipient actually useful

Add a simple test case that creates an enveloped-data structure without
using the shorthand method, and fix two issue... rhenium (Kazuki Yamaguchi)

12:03 PM Ruby Revision 3fe4ab0d (git): [ruby/openssl] pkcs7: fix error queue leak in OpenSSL::PKCS7#detached

Only call PKCS7_get_detached() if the PKCS7 object is a signed-data.
This is only useful for the content type, and le... rhenium (Kazuki Yamaguchi)