Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: jruby/jruby-openssl
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: bb8d0743ddd3
Choose a base ref
...
head repository: jruby/jruby-openssl
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 5e4f2c4de3a2
Choose a head ref
  • 2 commits
  • 2 files changed
  • 1 contributor

Commits on Dec 31, 2015

  1. Copy the full SHA
    8c0889f View commit details
  2. Copy the full SHA
    5e4f2c4 View commit details
Showing with 19 additions and 6 deletions.
  1. +5 −1 History.md
  2. +14 −5 src/main/java/org/jruby/ext/openssl/SSL.java
6 changes: 5 additions & 1 deletion History.md
Original file line number Diff line number Diff line change
@@ -16,14 +16,18 @@ JRuby-OpenSSL is the first release that aims to be Ruby **2.3** compatible.

## 0.9.12

* avoid verifying the security provider when creating a cipher instance (#73)
* when the Cipher/Signature needs to be created via java reflection use a constructor
which avoids verifying the bouncy-castle jars (which is the main reason for using
reflection since some classloader setups fails to verify those jars) (#73)
* force US locale for date formatting
otherwise it uses system locale, which is inconsistent with MRI.
* X509::Store.set_default_paths ignores FileNotFound errors like MRI does (#68)
* check type on X509::Store.verify
throw a TypeError if the argument is not a OpenSSL::X509::Certificate (#69)
* keep the default x509 certs and directories in line with MRI, only if
they do not exists fallback on cacerts from the java.home/lib/security/cacerts
* bring the default ca-certs paths/location more in line with MRI and fallback on
jvm truststore (java.home/lib/security/cacerts) when needed

## 0.9.11

19 changes: 14 additions & 5 deletions src/main/java/org/jruby/ext/openssl/SSL.java
Original file line number Diff line number Diff line change
@@ -171,18 +171,27 @@ private static RaiseException newSSLError(Ruby runtime, String message, Exceptio
}

public static RaiseException newSSLErrorWaitReadable(Ruby runtime, String message) {
return newCustomSSLError(runtime, "SSLErrorWaitReadable", message);
return newWaitSSLError(runtime, "SSLErrorWaitReadable", message);
}

public static RaiseException newSSLErrorWaitWritable(Ruby runtime, String message) {
return newCustomSSLError(runtime, "SSLErrorWaitWritable", message);
return newWaitSSLError(runtime, "SSLErrorWaitWritable", message);
}

// -Djruby.openssl.ssl.error_wait_nonblock.backtrace=false disables backtrace for WaitReadable/Writable
private static final boolean waitErrorBacktrace =
SafePropertyAccessor.getBoolean("jruby.openssl.ssl.error_wait_nonblock.backtrace", false);
private static final boolean waitErrorBacktrace;

static {
String backtrace = SafePropertyAccessor.getProperty("jruby.openssl.ssl.error_wait_nonblock.backtrace");
if (backtrace == null) {
// default to JRuby's Option<Boolean> ERRNO_BACKTRACE =
// ... "Generate backtraces for heavily-used Errno exceptions (EAGAIN)."
backtrace = SafePropertyAccessor.getProperty("jruby.errno.backtrace", "false");
}
waitErrorBacktrace = Boolean.parseBoolean(backtrace);
}

private static RaiseException newCustomSSLError(final Ruby runtime, final String name,
private static RaiseException newWaitSSLError(final Ruby runtime, final String name,
final String message) {
RubyClass errorClass = _SSL(runtime).getClass(name);
if ( errorClass == null ) { // < Ruby 2.0