Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Stricter hostname verification following RFC 6125 #12

Merged
merged 1 commit into from
Apr 13, 2015
Merged

Stricter hostname verification following RFC 6125 #12

merged 1 commit into from
Apr 13, 2015

Conversation

tarcieri
Copy link
Collaborator

No description provided.

@tarcieri tarcieri mentioned this pull request Mar 30, 2015
Closed
@tarcieri tarcieri force-pushed the stricter-hostname-verification branch 2 times, most recently from e66488c to b28047c Compare March 30, 2015 22:50
@jkingdon
Copy link

jkingdon commented Apr 1, 2015

Looks like a huge improvement to me! Thanks for the detailed test.

@zzak zzak force-pushed the stricter-hostname-verification branch 3 times, most recently from 0cd8bc5 to e9a7bcb Compare April 8, 2015 03:40
@tarcieri
Stricter hostname verification following RFC 6125.
9c237a8 
Thanks to @nahi for the tests and initial documentation.
@zzak zzak force-pushed the stricter-hostname-verification branch from a007e9b to 9c237a8 Compare April 9, 2015 22:14
zzak pushed a commit that referenced this pull request Apr 13, 2015
Merge pull request #12 from ruby/stricter-hostname-verification
f7e556d 
Stricter hostname verification following RFC 6125
@zzak zzak merged commit f7e556d into master Apr 13, 2015
@zzak zzak deleted the stricter-hostname-verification branch April 13, 2015 17:41
rhenium pushed a commit to rhenium/ruby-openssl that referenced this pull request Sep 5, 2016
@tmtm @rhenium
pkcs12: fix .new to handle strucuture with no keys or no certs
9671b3f 
It's possible that a PKCS ruby#12 strucuture holds zero private keys. At
such a time PKCS12_parse() returns NULL as the private key. Likewise,
when the strucuture does not contain the corresponding certificate to
the private key, PKCS12_parse() returns NULL as the certificate.
[ruby-dev:49776] [Bug #12726]

Signed-off-by: Kazuki Yamaguchi <[email protected]>
rhenium added a commit to rhenium/ruby-openssl that referenced this pull request Sep 5, 2016
@rhenium
pkcs12: fix .new to handle strucuture with no keys or no certs
fb398b1 
It's possible that a PKCS ruby#12 strucuture holds zero private keys. At
such a time PKCS12_parse() returns NULL as the private key. Likewise,
when the strucuture does not contain the corresponding certificate to
the private key, PKCS12_parse() returns NULL as the certificate.
[ruby-dev:49776] [Bug #12726]
rhenium added a commit to rhenium/ruby-openssl that referenced this pull request Sep 5, 2016
@rhenium
pkcs12: fix .new to handle strucuture with no keys or no certs
68ca4b6 
It's possible that a PKCS ruby#12 strucuture holds zero private keys. At
such a time PKCS12_parse() returns NULL as the private key. Likewise,
when the strucuture does not contain the corresponding certificate to
the private key, PKCS12_parse() returns NULL as the certificate.

Reported and fix suggested by Masahiro Tomita <[email protected]>.
[ruby-dev:49776] [Bug #12726]
rhenium added a commit to rhenium/ruby-openssl that referenced this pull request Aug 16, 2024
@rhenium
pkcs12: add PKCS12#set_mac
0c72f80 
Add a binding for PKCS12_set_mac() to set MAC parameters and
(re-)calculate MAC for the content.

This allows generating PKCS ruby#12 with consistent MAC parameters with
different OpenSSL versions. OpenSSL 3.0 changed the default hash
function used for HMAC and the KDF from SHA-1 to SHA-256.

Fixes: ruby#772
rhenium added a commit to rhenium/ruby-openssl that referenced this pull request Aug 16, 2024
@rhenium
pkcs12: add PKCS12#set_mac
898c5f9 
Add a binding for PKCS12_set_mac() to set MAC parameters and
(re-)calculate MAC for the content.

This allows generating PKCS ruby#12 with consistent MAC parameters with
different OpenSSL versions. OpenSSL 3.0 changed the default hash
function used for HMAC and the KDF from SHA-1 to SHA-256.

Fixes: ruby#772
rhenium added a commit to rhenium/ruby-openssl that referenced this pull request Aug 16, 2024
@rhenium
pkcs12: add PKCS12#set_mac
85d9f26 
Add a binding for PKCS12_set_mac() to set MAC parameters and
(re-)calculate MAC for the content.

This allows generating PKCS ruby#12 with consistent MAC parameters with
different OpenSSL versions. OpenSSL 3.0 changed the default hash
function used for HMAC and the KDF from SHA-1 to SHA-256.

Fixes: ruby#772
rhenium added a commit to rhenium/ruby-openssl that referenced this pull request Oct 31, 2024
@rhenium
pkcs12: add PKCS12#set_mac
e25358d 
Add a binding for PKCS12_set_mac() to set MAC parameters and
(re-)calculate MAC for the content.

This allows generating PKCS ruby#12 with consistent MAC parameters with
different OpenSSL versions. OpenSSL 3.0 changed the default hash
function used for HMAC and the KDF from SHA-1 to SHA-256.

Fixes: ruby#772
rhenium added a commit to rhenium/ruby-openssl that referenced this pull request Oct 31, 2024
@rhenium
pkcs12: add PKCS12#set_mac
137379d 
Add a binding for PKCS12_set_mac() to set MAC parameters and
(re-)calculate MAC for the content.

This allows generating PKCS ruby#12 with consistent MAC parameters with
different OpenSSL versions. OpenSSL 3.0 changed the default hash
function used for HMAC and the KDF from SHA-1 to SHA-256.

Fixes: ruby#772
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tarcieri @jkingdon @zzak