Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: jruby/jruby-openssl
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: a3b6494ea998
Choose a base ref
...
head repository: jruby/jruby-openssl
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 3cbd503c902f
Choose a head ref
  • 2 commits
  • 2 files changed
  • 1 contributor

Commits on Dec 11, 2016

  1. Copy the full SHA
    dd204ec View commit details
  2. Copy the full SHA
    3cbd503 View commit details
Showing with 24 additions and 4 deletions.
  1. +3 −0 Gemfile
  2. +21 −4 README.md
3 changes: 3 additions & 0 deletions Gemfile
Original file line number Diff line number Diff line change
@@ -3,5 +3,8 @@ source 'https://rubygems.org'
# Specify your gem's dependencies in the gemspec
gemspec

# for less surprises with newer releases
gem 'jar-dependencies', '<= 0.3.7', :require => nil

# for the rake task
gem 'ruby-maven', ENV['RUBY_MAVEN_VERSION'] || '~> 3.3.8'
25 changes: 21 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
@@ -5,16 +5,33 @@

Under the hood uses the [Bouncy Castle Crypto APIs](http://www.bouncycastle.org/).

Each jruby-openssl gem release includes a certain version, usually the latest available,
of the library (namely BC Provider and PKIX/CMS/EAC/PKCS/OCSP/TSP/OPENSSL jars).

Please report bugs and incompatibilities (preferably with test-cases) to either
the JRuby [mailing list][1] or the [bug tracker][2].

## Compatibility

Since version **0.9.6** jruby-openssl aims to be compatible with all JRuby versions
**>= 1.6.8** (including 1.7 and 9k), if it's not we consider that a bug, report.

We currently (for 0.9.x) require the Bouncy Castle Java APIs to be **>= 1.49**,
for JRuby-OpenSSL **gem <= 0.9.6** you also need to make sure BC jars <= 1.50 !
| JRuby-OpenSSL | JRuby compat | JVM compat | supported BC |
| ------------- |:-------------:| ----------:| ------------:|
| 0.9.6 | 1.6.8-9.0.2 | Java 6-8 | 1.47-1.50 |
| 0.9.12 | 1.6.8-9.0.5 | Java 6-8 | 1.47-1.52 |
| 0.9.13 | 1.6.8-9.1.2 | Java 6-8 | 1.49-1.52 |
| 0.9.14 | 1.6.8-9.1.5 | Java 6-8 | 1.49-1.54 |
| 0.9.17 | 1.6.8-9.1.5 | Java 6-8 | 1.50-1.54 |
| 0.9.18 | 1.6.8-9.1.7 | Java 6-8 | 1.50-1.55 |

NOTE: backwards JRuby compatibility was not handled for versions <= **0.9.6**

## Security

JRuby-OpenSSL is an essential part of [JRuby](http://jruby.org), please report security
vulnerabilities to `security@jruby.org` as detailed on JRuby's [security page](http://jruby.org/security).

Please note that most OpenSSL vulnerabilities do not effect JRuby since its not using
any of OpenSSL's C code, only Ruby parts (*.rb) are the same as in MRI's OpenSSL library.

## Testing