ruby / openssl Goto Github PK

View Code? Open in Web Editor NEW

234.0 54.0 156.0 4.8 MB

Provides SSL, TLS and general purpose cryptography.

License: Other

Ruby 37.47% C 62.49% Shell 0.03%

openssl c ruby tls hacktoberfest

openssl's Introduction

OpenSSL for Ruby

OpenSSL for Ruby provides access to SSL/TLS and general-purpose cryptography based on the OpenSSL library.

OpenSSL for Ruby is sometimes referred to as openssl in all lowercase or Ruby/OpenSSL for disambiguation.

Compatibility and maintenance policy

OpenSSL for Ruby is released as a RubyGems gem. At the same time, it is part of the standard library of Ruby. This is called a default gem.

Each stable branch of OpenSSL for Ruby will remain supported as long as it is included as a default gem in supported Ruby branches.

Version	Maintenance status	Ruby compatibility	OpenSSL compatibility
3.2.x	normal maintenance (Ruby 3.3)	Ruby 2.7+	OpenSSL 1.0.2-3.1 (current) or LibreSSL 3.1+
3.1.x	normal maintenance (Ruby 3.2)	Ruby 2.6+	OpenSSL 1.0.2-3.1 (current) or LibreSSL 3.1+
3.0.x	normal maintenance (Ruby 3.1)	Ruby 2.6+	OpenSSL 1.0.2-3.1 (current) or LibreSSL 3.1+
2.2.x	security maintenance (Ruby 3.0)	Ruby 2.3+	OpenSSL 1.0.1-1.1.1 or LibreSSL 2.9+
2.1.x	end-of-life (Ruby 2.5-2.7)	Ruby 2.3+	OpenSSL 1.0.1-1.1.1 or LibreSSL 2.5+
2.0.x	end-of-life (Ruby 2.4)	Ruby 2.3+	OpenSSL 0.9.8-1.1.1 or LibreSSL 2.3+

Installation

Note The openssl gem is included with Ruby by default, but you may wish to upgrade it to a newer version available at rubygems.org.

To upgrade it, you can use RubyGems:

gem install openssl

In some cases, it may be necessary to specify the path to the installation directory of the OpenSSL library.

gem install openssl -- --with-openssl-dir=/opt/openssl

Alternatively, you can install the gem with Bundler:

# Gemfile
gem 'openssl'
# or specify git master
gem 'openssl', git: 'https://github.com/ruby/openssl'

After running bundle install, you should have the gem installed in your bundle.

Usage

Once installed, you can require "openssl" in your application.

require "openssl"

Documentation

See https://ruby.github.io/openssl/.

Contributing

Please read our CONTRIBUTING.md for instructions.

Security

Security issues should be reported to ruby-core by following the process described on "Security at ruby-lang.org".

openssl's People

Contributors

Stargazers

Watchers

Forkers

zzak jruby aturetta tarcieri capcah-zz tenderlove drbrain zanker phamnet pxlpnk martinjos jfacow aruponse hellopsk jimflood swetharepakula jsyeo rhenium brettgoulder padde vipulnsward cthornton pkarman namusyaka koic stomar simi msumit junaruga cwjenkins msp-greg larskanis optionalg terceiro mcr codarrenvelvindron yui-knk markwright esparta aeris saper nicolasleger kyleoliveira ahadc mcdonaldseanp mperezd jeremyevans kalilz4485 ahorek tudou2015 fredrec shirosaki janko igorkhlebnikoff jehuty0shift mkauf thekuwayama nobletrout divyanshu-rawat nekottyo blt04 vishnuvntcr zdennis movitto zoftdev spemmons mame powergun ericthebikeman ryanvan ab mkennedy85 bdewater yuan-xy lihw33 p-mongo vinistock stowersjoshua jose-quinones eregon nvt-ak dbl-lee s-h-gamelinks zerosteiner sikuan ussu cmol no6v jocluby cedarcode saminape isabella232 rui-r-duan midnight-wonderer rubynerd-forks pavantatikonda mutiple shopify rickmark chen172

openssl's Issues

Freezing client OpenSSL::SSL::SSLContext causes cert failures to silently succeed

Repro

You can grab the certs this example uses from this repo

require "socket"
require "pathname"
require "openssl"

ssl_server_cert = File.read("untrusted-cert.crt")
ssl_server_key  = File.read("untrusted-cert.key")

ssl_server_context = OpenSSL::SSL::SSLContext.new
ssl_server_context.cert = OpenSSL::X509::Certificate.new(ssl_server_cert)
ssl_server_context.key  = OpenSSL::PKey::RSA.new(ssl_server_key)

tcp_server = TCPServer.new("localhost", 1234)
ssl_server = OpenSSL::SSL::SSLServer.new(tcp_server, ssl_server_context)

ssl_server_thread = Thread.new { ssl_server.accept }

ssl_client_context = OpenSSL::SSL::SSLContext.new
ssl_client_context.set_params(ca_file: "trusted-ca.crt")

# Comment this out to get the expected behavior
ssl_client_context.freeze

tcp_client = TCPSocket.new("localhost", 1234)
ssl_client = OpenSSL::SSL::SSLSocket.new(tcp_client, ssl_client_context)

ssl_client.connect
p ssl_client.post_connection_check("localhost")

Result

Prints true, indicating both that an untrusted cert was trusted and hostname verification succeeded.

Commenting out the ssl_client_context.freeze call results in the expected behavior.

Expected behavior

I would either expect:

Raises OpenSSL::SSL::SSLError with certificate verify failed
Raises an exception at the time OpenSSL::SSL::SSLContext#freeze is called, indicating freezing SSL contexts is not allowed

I bring this up both because it's unexpected, and because it could lead to a security problem in practice

Fix gem build warnings

WARNING:  licenses is empty, but is recommended.  Use a license abbreviation from:
http://opensource.org/licenses/alphabetical
WARNING:  open-ended dependency on bundler (>= 0, development) is not recommended
  if bundler is semantically versioned, use:
    add_development_dependency 'bundler', '~> 0'
WARNING:  open-ended dependency on rake (>= 0, development) is not recommended
  if rake is semantically versioned, use:
    add_development_dependency 'rake', '~> 0'
WARNING:  open-ended dependency on rake-compiler (>= 0, development) is not recommended
  if rake-compiler is semantically versioned, use:
    add_development_dependency 'rake-compiler', '~> 0'
WARNING:  open-ended dependency on test-unit (>= 0, development) is not recommended
  if test-unit is semantically versioned, use:
    add_development_dependency 'test-unit', '~> 0'

Question re: RSA#to_pem

I've been doing some code spelunking looking into how #to_pem(cipher, key) is implemented.

It looks like #to_pem is an alias to #export calling the C PEM_write_bio_RSAPrivateKey API (from here).

The OpenSSL docs discourage using this method as the key is derived using a single pass of the hash function and recommend using PEM_write_bio_PKCS8PrivateKey instead.

However going to the OpenSSL source, the method definition:

int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
                             unsigned char *kstr, int klen,
                             pem_password_cb *cb, void *u)
{
    char pem_str[80];
    if (!x->ameth || x->ameth->priv_encode)
        return PEM_write_bio_PKCS8PrivateKey(bp, x, enc,
                                             (char *)kstr, klen, cb, u);

    BIO_snprintf(pem_str, 80, "%s PRIVATE KEY", x->ameth->pem_str);
    return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey,
                              pem_str, bp, x, enc, kstr, klen, cb, u);
}

Seems to use x->ameth to in some case upgrade the call to the PKCS8 version.

So my question is, what happens when you do:

keypair.to_pem(cipher, pk_passphrase)

Is a count of 1 used to derive the key (old-style _PrivateKey functions) or a count of 2048 (new style _PKCS8PrivateKey functions)?

I assumed it was 1, and tried verifying it with pkcs5_keyivgen and a count of 1 (pkcs5_keyivgen ends up calling the C EVP_BytesToKey which I understand is the same function used by #export), but that didn't work.

puts "--Decrypting--"
dec = OpenSSL::Cipher::Cipher.new('aes-128-cbc')
dec.decrypt
dec.pkcs5_keyivgen(pk_passphrase, salt, 1)
dec.iv = 'D33CBFE1DB5FDBBCBEEE6A06'.scan(/../).map { |x| x.hex.chr }.join
plain =  dec.update(cipher)
plain << dec.final
puts %(decrypted text: "#{plain}")
puts

please document status with regards to ext/openssl from Ruby

Hi,

First of all thanks for your work on openssl.

I am one of the Ruby maintainers in Debian, where we need to move on to OpenSSL 1.1.0. But based on the discussion on Ruby bug #12324 (OpenSSL 1.1.0 support) it seems that backporting that to Ruby 2.3 might be tricky.

It has been suggested as one option that Debian stops building ext/openssl that comes bundled with Ruby, and includes this openssl package instead. In principle that sounds like a perfect alternative, because openssl can then be fixed independently of Ruby), but there are a few issues that prevent me from doing that:

there has been no releases of openssl, at all (rubygem.org says "Don't install this!")
I don't know how the handling of security issues in openssl works (while Ruby itself has at least some sane solid security procedures).
it's not clear how (in)compatible openssl is wrt the version bundled with Ruby. e.g. can I as distributor rely on it being a drop-in replacement for the bundled openssl library? (now, or even in some future)

Can you please clarify those points?

to_der fails (RangeError) for some certs

I managed to fix it by using NUM2LL instead at
https://github.com/ruby/openssl/blob/master/ext/openssl/ossl_asn1.c#L86

ASN1 decoding: how to ignore padding?

I'm using the ASN1 to decode information which had been previously encrypted. It was decrypted also using openssl (DES interface), and it came out padded. Let's say, for the sake of argument, the stream was \x02\x01\x00\x00, where the last \x00 is padding. I'd expect to call ASN1.decode and have it decode it to the integer, but instead it fails:

pry> OpenSSL::ASN1.decode("\x02\x01\x00\x00")
OpenSSL::ASN1::ASN1Error: Type mismatch. Total bytes read: 3 Bytes available: 4 Offset: 3
from (pry):14:in `decode'

Is there a way to accomplish this? Or am I forced to inspect the length bytes and remove the padding myself?

jruby-openssl migration

/cc @headius @enebo @kares @mkristian

Awful message for wrong password

If a user types an incorrect password for their certificate, the error message they're give says "Neither PUB key nor PRIV key" which doesn't mean anything to most people.

What else can trigger this error message and can it be updated to better reflect the ultimate cause of the issue?

Document support for SNI

The current documentation does not list any support for SNI although it can be done as OpenSSL::SSL::SSLSocket#hostname= and is referenced in #8. Is it officially supported?

In openssl, it can be done via -servername HOST so the naming does not match and hence it would be good to get it documented. Note, I found this via stackoverflow.

Given that the code wraps the attribute in if ExtConfig::HAVE_TLSEXT_HOST_NAME, I'm not sure about the best way to get this appearing in rdoc.

OpenSSL::SSL::SSLSocket writes plaintext to the wire unless #connect is called

Repro here:

https://gist.github.com/tarcieri/b20437a1b9364d82c365

Attempting to do I/O before the SSL handshake has completed should raise an exception instead of writing plaintext to the wire.

TestPKeyDH#test_DEFAULT_parameters dumps core under GC stress

Steps to reproduce:

$ cd PATH_TO_RUBY_REPOS
$ make TESTS='--gc-stress -n /test_DEFAULT_parameters/ openssl/test_pkey_dh.rb' test-all
(snip)
gcc (Ubuntu 5.4.0-6ubuntu1~16.04.2) 5.4.0 20160609
(snip)
[1/1] OpenSSL::TestPKeyDH#test_DEFAULT_parameters/home/ktsj/work/ruby/test/openssl/test_pkey_dh.rb:20: [BUG] Segmentation fault at 0x00000000000000
ruby 2.4.0dev (2016-12-03 master 56964) [x86_64-linux]

I have attached backtrace log.

OpenSSL::Cipher::Cipher produces garbage result if #encrypt is called after setting key

OpenSSL::Cipher::Cipher ostensibly depends on #encrypt or #decrypt being called first before setting #key=. However, if #key= is called first, it seems to be silently replaced with a different value, and the encrypt operation instead produces a garbage result.

Personally I would prefer #key= to raise an exception unless #encrypt or #decrypt has already been called. A garbage encryption is undesirable and confusing.

Repro code:

require 'openssl'

# AES-128 ECB mode test vectors
# Taken from https://boringssl.googlesource.com/boringssl/+/2272/crypto/cipher/cipher_test.txt#24
KEY        = ["2b7e151628aed2a6abf7158809cf4f3c"].pack("H*")
PLAINTEXT  = ["6bc1bee22e409f96e93d7e117393172a"].pack("H*")
CIPHERTEXT = ["3ad77bb40d7a3660a89ecaf32466ef97"].pack("H*")

cipher = OpenSSL::Cipher::Cipher.new("aes-128-ecb")
cipher.key = KEY
cipher.padding = 0 # Padding is enabled by default, but makes no sense with ECB mode

print "Testing encryption: "

cipher.encrypt
ciphertext = cipher.update(PLAINTEXT) << cipher.final

if ciphertext == CIPHERTEXT
  puts "OK!"
else
  puts "FAILED! Got #{ciphertext.inspect} instead of #{CIPHERTEXT.inspect}"
end

It should be possible to provide AEAD TAG after data but before finish

In some cases, most notably if you are streaming data over TCP, AEAD TAG cannot be provided until data has been transmitted. Yet, ruby openssl bindings unnecessarely insist that tag is provided before data. Can you please relax the requirements to require tag only before call to finish?

There's no way to replace an OpenSSL::X509::Name entry.

Given a OpenSSL::X509::Name object, there's only an add_entry method to manipulate its entries, but this method will always append due to the -1 argument specified here.

If the object already contains an entry with the specified name, the method should instead find its index and replace it, otherwise the new appended entry won't be visible from browsers for instance, as they only get the first entry with a given name.

Ideally, a new set_entry or replace_entry method would be needed.

Ref. to the issue where this behaviour was highlighted this.

Can't compile - missing underscore macro

I'm working on a new alternative implementation of Ruby, and I'm trying to write compatible Ruby API headers for implementation and to use them to compile and run the OpenSSL gem.

One thing that I am having trouble with is your use of what I think is some kind of macro named _

openssl/ext/openssl/ossl_pkey_dsa.c

Line 390 in e1361a0

int (*i2d_func)_((DSA*, unsigned char**));

It's used around parameters in function pointer types in a few places. I can get it work by defining

#define _(x) x

But I can't see anything like this in the MRI source code or the source code of this gem.

Is it maybe some C feature I don't know about? Something set in some configuration system? Something I'm not searching for well enough?

Release?

come on guys please add a release make life easier..

PKey::EC does not follow API

There are four classes under OpenSSL::PKey: RSA, DSA, DH, and EC. Three of the four share a common API. EC is the outlier. I am routinely monkey patching EC to support the common API. Without this, you cannot use EC keys to sign certs.

The missing methods:
::generate

private?

public?

public_key

params

Almost all of these can be filled via monkey patching, so the fix can be in lib/ or in the C extension.

n/a

Hostname verification should be required by default when OpenSSL::SSL::VERIFY_PEER is configured

Even if OpenSSL::SSL::VERIFY_PEER is configured, I/O is allowed with a remote server before the subject has been verified. VERIFY_PEER only checks the cert chain is rooted in the local truststore. It does not check if the subject is valid in and of itself.

My understanding is the ssl_socket.post_connection_check(hostname) method must be called to ensure the subject is correctly verified. However, communication is allowed to remote services without verifying the subject.

I would suggest throwing an exception if VERIFY_PEER is configured and I/O is attempted without first calling post_connection_check

It would also be nice if this all happened automatically simply by passing hostname into OpenSSL::SSL::SSLSocket (which AFAICT only affects SNI presently, and not subject verification)

digest.rb: library not found for class Digest::SHA512

/opt/ruby/ruby-2.3.1/lib/ruby/2.3.0/digest.rb:16:
in `const_missing': library not found for class Digest::SHA512 -- digest/sha2.so (LoadError)

This happens on all the builds

Feature request: OpenSSL::PKey::RSA#size

It would be nice to be able to introspect on the sizes of RSA keys:

pry(main)> key.size
NoMethodError: undefined method `size' for #<OpenSSL::PKey::RSA:0x007fa4292cafe0>

Here is an ugly way to implement it in pure Ruby using the existing API:

Integer(key.to_text[/\((\d+) bit/, 1], 10)

OCSP responses hardcode SHA1

Both OCSP::BasicResponse#sign and OCSP::Response#sign fail to take a parameter for digest algorithm. The underlying *_sign call hardcodes EVP_sha1 in both cases.

SHA-1 is dying and OCSP response signatures must migrate to use one of {SHA-256, SHA-384, or SHA-512} to meet various relying application requirements.

Maybe the #sign methods could take an additional parameter with a reference to the digest class, similar to X509::Certificate#sign.

ruby >=2.3 - is it really necessary? How about 2.2?

Hi guys!

I use your lib in my project, but production env is ruby 2.2 and cannot be changed.
Does it really matters? I assume I can download a source code, edit gemspec and build my own gem? Or it won't work?

Thanks in advance!

Since r56098, compile error in ossl_ssl.c line 639 with old version of fcc on Solaris 10

(This is the same as https://bugs.ruby-lang.org/issues/12769 )

Since Ruby svn revision r56098, build of ext/openssl/ossl_ssl.c failed with the following compile error, with old version of fcc (Fujitsu C Compiler) on Solaris 10.

compiling ossl_ssl.c
(snip warnings)
"ossl_ssl.c", line 639: error: initialization: constant expression is expected for variable: `args'
(snip warnings)
make[2]: *** [ossl_ssl.o] Error 1
make[2]: Leaving directory `/XXXXX/trunk-56170/ext/openssl'
make[1]: *** [ext/openssl/all] Error 2
make[1]: Leaving directory `/XXXXX/trunk-56170'
make: *** [build-ext] Error 2

The following patch solved the problem.

Index: ext/openssl/ossl_ssl.c
===================================================================
--- ext/openssl/ossl_ssl.c      (revision 56172)
+++ ext/openssl/ossl_ssl.c      (working copy)
@@ -636,8 +636,12 @@
 {
     VALUE selected;
     int status;
-    struct npn_select_cb_common_args args = { cb, in, inlen };
+    struct npn_select_cb_common_args args;

+    args.cb = cb;
+    args.in = in;
+    args.inlen = inlen;
+
     selected = rb_protect(npn_select_cb_common_i, (VALUE)&args, &status);
     if (status) {
        VALUE ssl_obj = (VALUE)SSL_get_ex_data(ssl, ossl_ssl_ex_ptr_idx);

DH set_key with nil public key

We have the following code in net-ssh:

      # Generate a DH key with a private key consisting of the given
      # number of bytes.
      def generate_key #:nodoc:
        dh = OpenSSL::PKey::DH.new

        dh.p, dh.g = get_parameters
        dh.priv_key = OpenSSL::BN.rand(data[:need_bytes] * 8)

        dh.generate_key! until dh.valid?

        dh
      end

We'd like to transform it to set_pqg and set_key unfortunately the trivial transformation does not work:

Class: <OpenSSL::PKey::PKeyError>
Message: <"DH_set0_key">
---Backtrace---
net-ssh/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb:121:in `set_key'

The code i was trying:

dh.set_pqg(p, nil, g)
dh.set_key(nil, OpenSSL::BN.rand(data[:need_bytes] * 8))

This is the standalone ruby code we'd like to get work:

require 'openssl'

P_s = "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" +
          "C4C6628B" "80DC1CD1" "29024E08" "8A67CC74" +
          "020BBEA6" "3B139B22" "514A0879" "8E3404DD" +
          "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" +
          "4FE1356D" "6D51C245" "E485B576" "625E7EC6" +
          "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED" +
          "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" +
          "49286651" "ECE65381" "FFFFFFFF" "FFFFFFFF"
P_r = 16
p = OpenSSL::BN.new(P_s, P_r)
g = 2
need_bits = 256*8

dh = OpenSSL::PKey::DH.new
dh.set_pqg(p, nil, g)
dh.set_key(nil, OpenSSL::BN.rand(need_bits))

def valid?(dh)
   return false if dh.pub_key.nil? || dh.pub_key < 0
   bits_set = 0
   dh.pub_key.num_bits.times { |i| bits_set += 1 if dh.pub_key.bit_set?(i) }
   return ( bits_set > 1 && dh.pub_key < dh.p )
end

dh.generate_key! until valid?(dh)

RSA private key export passphrase cannot start with \0

Hi,

This is rather a request for clarification.

In my application I'm using a key derived from a passphrase when exporting the RSA key of some user. Something like:

require 'openssl'

rsa_key = OpenSSL::PKey::RSA.new 3072

digest = OpenSSL::Digest.new('SHA384')
salt = OpenSSL::Random.random_bytes(16)
length = digest.digest_length
hashed = OpenSSL::PKCS5.pbkdf2_hmac('some passphrase', salt, 2000, length, digest)

secured = rsa_key.export OpenSSL::Cipher::new('AES-256-CBC'), hashed

Sometimes (depending on the salt) the value returned by OpenSSL::PKCS5.pbkdf2_hmac starts with \0 and I get an exception:

in `export': read key (OpenSSL::PKey::RSAError)

Is this normal behaviour or is it a bug? I think the export function just uses a cipher to encrypt the RSA key. And the cipher itself can take a string that starts with \0 as a key ... so shouldn't the export function work the same? Or should I always encode the passphrase sent to export (for example with Base64.encode64)?

Here is a simple way to make export raise the error (in case this is actually a bug and you want to add a test for it):

require 'openssl'

rsa_key = OpenSSL::PKey::RSA.new 512

secured = rsa_key.export OpenSSL::Cipher::new('AES-128-CBC'), "\x00123"

Thanks!

OCSP does not expose extension manipulation functions

OCSP responses can have extensions. While rarely used in the past, Certificate Transparency (http://tools.ietf.org/html/rfc6962) is using them to deliver information. Currently the only way to add extensions form ruby is to manually modify the ASN.1. It would be nice there was an easier way.

Test failures with LibreSSL

In b7c18e7 we added test support for LibreSSL, however I'm seeing 2 test failures:

Error: test_digest_constants(OpenSSL::TestDigest)
: RuntimeError: Unsupported digest algorithm (SHA).
/home/openssl/code/test/test_digest.rb:65:in `initialize'
/home/openssl/code/test/test_digest.rb:65:in `new'
/home/openssl/code/test/test_digest.rb:65:in `block in test_digest_constants'
     62:       algs += %w(SHA224 SHA256 SHA384 SHA512)
     63:     end
     64:     algs.each do |alg|
  => 65:       assert_not_nil(OpenSSL::Digest.new(alg))
     66:       klass = OpenSSL::Digest.const_get(alg)
     67:       assert_not_nil(klass.new)
     68:     end
/home/openssl/code/test/test_digest.rb:64:in `each'
/home/openssl/code/test/test_digest.rb:64:in `test_digest_constants'

This is the first error from the build.

Error: test_openssl_engine_digest_sha1(OpenSSL::TestEngine)
: OpenSSL::Engine::EngineError: unimplemented digest
/home/openssl/code/test/test_engine.rb:37:in `digest'
/home/openssl/code/test/test_engine.rb:37:in `test_openssl_engine_digest_sha1'
     34: 
     35:   def test_openssl_engine_digest_sha1
     36:     engine = get_engine
  => 37:     digest = engine.digest("SHA1")
     38:     assert_not_nil(digest)
     39:     data = "test"
     40:     assert_equal(OpenSSL::Digest::SHA1.digest(data), digest.digest(data))

Found here.

I'd like to resolve these and merge #36.

Ruby test suite crash with OpenSSL 1.1.0

I am testing Ruby r56422 on Fedora Rawhide with OpenSSL 1.1.0 and the test suite crashes:

[ 1253/16575] OpenSSL::TestPKeyDSA#test_DSAPrivateKey = 0.00 s
[ 1254/16575] OpenSSL::TestPKeyDSA#test_DSAPrivateKey_encrypted = 0.00 s
[ 1255/16575] OpenSSL::TestPKeyDSA#test_PUBKEY = 0.00 s
[ 1256/16575] OpenSSL::TestPKeyDSA#test_dup = 0.01 s
[ 1257/16575] OpenSSL::TestPKeyDSA#test_new = 0.01 s
[ 1258/16575] OpenSSL::TestPKeyDSA#test_new_break/builddir/build/BUILD/ruby-2.4.0-r56422/test/openssl/test_pkey_dsa.rb:33: [BUG] Segmentation fault at 0x00000000000010
ruby 2.4.0dev (2016-10-14 trunk 56422) [x86_64-linux]

-- Control frame information -----------------------------------------------
c:0026 p:---- s:0148 e:000147 CFUNC  :initialize
c:0025 p:---- s:0145 e:000144 CFUNC  :new
c:0024 p:0022 s:0140 e:000138 METHOD /builddir/build/BUILD/ruby-2.4.0-r56422/test/openssl/test_pkey_dsa.rb:33
c:0023 p:0036 s:0135 e:000134 METHOD /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit.rb:1028
c:0022 p:0078 s:0129 e:000128 METHOD /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/unit.rb:1269
c:0021 p:0022 s:0120 e:000119 METHOD /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit/testcase.rb:18
c:0020 p:0073 s:0115 e:000114 BLOCK  /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/unit.rb:941 [FINISH]
c:0019 p:---- s:0108 e:000107 CFUNC  :map
c:0018 p:0129 s:0104 e:000103 METHOD /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/unit.rb:934
c:0017 p:0054 s:0092 e:000091 METHOD /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit.rb:913
c:0016 p:0016 s:0085 e:000083 BLOCK  /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit.rb:493 [FINISH]
c:0015 p:---- s:0079 e:000078 CFUNC  :each
c:0014 p:0073 s:0075 e:000074 METHOD /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit.rb:491
c:0013 p:0014 s:0068 e:000067 METHOD /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit.rb:529
c:0012 p:0144 s:0061 e:000060 METHOD /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/unit.rb:885
c:0011 p:0010 s:0050 e:000049 METHOD /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/unit.rb:1096
c:0010 p:0010 s:0046 e:000045 BLOCK  /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/unit.rb:1083 [FINISH]
c:0009 p:---- s:0042 e:000041 CFUNC  :each
c:0008 p:0057 s:0038 e:000037 METHOD /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/unit.rb:1082
c:0007 p:0020 s:0033 e:000032 METHOD /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/unit.rb:1070
c:0006 p:0012 s:0028 e:000027 METHOD /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit.rb:681
c:0005 p:0022 s:0022 e:000021 METHOD /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit.rb:33
c:0004 p:0045 s:0017 e:000016 METHOD /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit.rb:990
c:0003 p:0015 s:0013 e:000012 METHOD /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit.rb:994
c:0002 p:0304 s:0008 E:001ac8 EVAL   ./test/runner.rb:40 [FINISH]
c:0001 p:0000 s:0003 E:001450 (none) [FINISH]

-- Ruby level backtrace information ----------------------------------------
./test/runner.rb:40:in `<main>'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit.rb:994:in `run'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit.rb:990:in `run'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit.rb:33:in `run'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit.rb:681:in `run'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/unit.rb:1070:in `run'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/unit.rb:1082:in `_run'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/unit.rb:1082:in `each'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/unit.rb:1083:in `block in _run'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/unit.rb:1096:in `run_tests'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/unit.rb:885:in `_run_anything'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit.rb:529:in `_run_suites'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit.rb:491:in `_run_suites'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit.rb:491:in `each'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit.rb:493:in `block in _run_suites'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit.rb:913:in `_run_suite'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/unit.rb:934:in `_run_suite'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/unit.rb:934:in `map'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/unit.rb:941:in `block in _run_suite'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit/testcase.rb:18:in `run'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/unit.rb:1269:in `run'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit.rb:1028:in `run_test'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/openssl/test_pkey_dsa.rb:33:in `test_new_break'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/openssl/test_pkey_dsa.rb:33:in `new'
/builddir/build/BUILD/ruby-2.4.0-r56422/test/openssl/test_pkey_dsa.rb:33:in `initialize'

-- Machine register context ------------------------------------------------
 RIP: 0x00007fa1296bc2bf RBP: 0x000055ee8feb77a0 RSP: 0x00007ffd986d8250
 RAX: 0x000055ee8feb40f0 RBX: 0x000055ee8feb40f0 RCX: 0x00007fa12c2f6ae0
 RDX: 0x0000000000000000 RDI: 0x0000000000000000 RSI: 0x000055ee8feb40f0
  R8: 0x0000000000000081  R9: 0x000055ee88a4d930 R10: 0x000055ee8feb40f0
 R11: 0x0000000000000000 R12: 0x0000000000000000 R13: 0x00007fa1296bc7a0
 R14: 0x000055ee8feb78a0 R15: 0x00007fa12d319b60 EFL: 0x0000000000010246

-- C level backtrace information -------------------------------------------
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(rb_print_backtrace+0x15) [0x7fa12ce137c5] vm_dump.c:679
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(rb_vm_bugreport+0x21c) [0x7fa12ce139fc] vm_dump.c:988
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(rb_bug_context+0xd4) [0x7fa12ccee384] error.c:426
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(sigsegv+0x3e) [0x7fa12cda9cfe] signal.c:897
/lib64/libpthread.so.0 [0x7fa12ca58640]
/lib64/libcrypto.so.1.1 [0x7fa1296bc2bf]
/lib64/libcrypto.so.1.1(DSA_generate_key+0xf8) [0x7fa1296ebb38]
/builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/openssl.so(dsa_generate+0xd5) [0x7fa128747965] ossl_pkey_dsa.c:159
/builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/openssl.so(ossl_dsa_initialize+0x8d) [0x7fa128747a9d] ossl_pkey_dsa.c:225
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(vm_call0_body.constprop.135+0x1cb) [0x7fa12ce0c77b] vm_eval.c:131
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(rb_call0+0x119) [0x7fa12ce0d5c9] vm_eval.c:61
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(rb_class_new_instance+0x21) [0x7fa12cd45961] object.c:1880
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(vm_call_cfunc+0xf9) [0x7fa12cdfde69] vm_insnhelper.c:1752
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(vm_call_method+0xe3) [0x7fa12ce0bef3] vm_insnhelper.c:2288
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(vm_exec_core+0x11bf) [0x7fa12ce01b1f] insns.def:967
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(vm_exec+0x8b) [0x7fa12ce072db] vm.c:1711
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(rb_yield+0x3dd) [0x7fa12ce0a31d] vm.c:969
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(rb_ary_collect+0x5c) [0x7fa12cc99d5c] array.c:2732
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(vm_call_cfunc+0xf9) [0x7fa12cdfde69] vm_insnhelper.c:1752
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(vm_exec_core+0x11bf) [0x7fa12ce01b1f] insns.def:967
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(vm_exec+0x8b) [0x7fa12ce072db] vm.c:1711
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(rb_yield+0x3dd) [0x7fa12ce0a31d] vm.c:969
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(rb_ary_each+0x3c) [0x7fa12cc95f1c] array.c:1823
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(vm_call_cfunc+0xf9) [0x7fa12cdfde69] vm_insnhelper.c:1752
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(vm_call_method+0xe3) [0x7fa12ce0bef3] vm_insnhelper.c:2288
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(vm_call_method+0xe3) [0x7fa12ce0bef3] vm_insnhelper.c:2288
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(vm_exec_core+0x11bf) [0x7fa12ce01b1f] insns.def:967
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(vm_exec+0x8b) [0x7fa12ce072db] vm.c:1711
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(rb_yield+0x3dd) [0x7fa12ce0a31d] vm.c:969
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(rb_ary_each+0x3c) [0x7fa12cc95f1c] array.c:1823
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(vm_call_cfunc+0xf9) [0x7fa12cdfde69] vm_insnhelper.c:1752
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(vm_call_method+0xe3) [0x7fa12ce0bef3] vm_insnhelper.c:2288
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(vm_call_method+0xe3) [0x7fa12ce0bef3] vm_insnhelper.c:2288
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(vm_exec_core+0x11bf) [0x7fa12ce01b1f] insns.def:967
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(vm_exec+0x8b) [0x7fa12ce072db] vm.c:1711
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(ruby_exec_internal+0xb0) [0x7fa12ccf14f0] eval.c:244
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(ruby_exec_node+0x1d) [0x7fa12ccf320d] eval.c:308
/builddir/build/BUILD/ruby-2.4.0-r56422/libruby.so.2.4.0(ruby_run_node+0x1e) [0x7fa12ccf50ae] eval.c:300
/builddir/build/BUILD/ruby-2.4.0-r56422/ruby(main+0x4b) [0x55ee878a990b] main.c:36

-- Other runtime information -----------------------------------------------

* Loaded script: ./test/runner.rb: OpenSSL::TestPKeyDSA#test_new_break

* Loaded features:

    0 enumerator.so
    1 thread.rb
    2 rational.so
    3 complex.so
    4 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/encdb.so
    5 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/trans/transdb.so
    6 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/unicode_normalize.rb
    7 /builddir/build/BUILD/ruby-2.4.0-r56422/rbconfig.rb
    8 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/optparse.rb
    9 /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/leakchecker.rb
   10 /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/unit.rb
   11 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/prettyprint.rb
   12 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/pp.rb
   13 /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit/assertions.rb
   14 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/open3.rb
   15 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/timeout.rb
   16 /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/find_executable.rb
   17 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/rbconfig/sizeof.so
   18 /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/envutil.rb
   19 /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit/testcase.rb
   20 /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/test/unit.rb
   21 /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/tracepointchecker.rb
   22 /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/zombie_hunter.rb
   23 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/delegate.rb
   24 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/etc.so
   25 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/fileutils.rb
   26 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/tmpdir.rb
   27 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/tempfile.rb
   28 /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/iseq_loader_checker.rb
   29 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/json/version.rb
   30 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/ostruct.rb
   31 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/json/generic_object.rb
   32 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/json/common.rb
   33 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/json/ext/parser.so
   34 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/json/ext/generator.so
   35 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/json/ext.rb
   36 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/json.rb
   37 /builddir/build/BUILD/ruby-2.4.0-r56422/test/json/test_helper.rb
   38 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/monitor.rb
   39 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/socket.so
   40 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/io/wait.so
   41 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/socket.rb
   42 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/drb/eq.rb
   43 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/drb/invokemethod.rb
   44 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/drb/drb.rb
   45 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rinda/rinda.rb
   46 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/forwardable.rb
   47 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rinda/tuplespace.rb
   48 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rinda/test_tuplebag.rb
   49 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/ipaddr.rb
   50 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rinda/ring.rb
   51 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/singleton.rb
   52 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rinda/test_rinda.rb
   53 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/uri/rfc2396_parser.rb
   54 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/uri/rfc3986_parser.rb
   55 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/uri/common.rb
   56 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/uri/generic.rb
   57 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/uri/ftp.rb
   58 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/uri/http.rb
   59 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/uri/https.rb
   60 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/uri/ldap.rb
   61 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/uri/ldaps.rb
   62 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/uri/mailto.rb
   63 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/uri.rb
   64 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/stringio.so
   65 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/date_core.so
   66 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/date.rb
   67 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/time.rb
   68 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/open-uri.rb
   69 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/compat.rb
   70 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/version.rb
   71 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httpversion.rb
   72 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httputils.rb
   73 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/io/nonblock.so
   74 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/utils.rb
   75 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/log.rb
   76 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/config.rb
   77 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/server.rb
   78 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/accesslog.rb
   79 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/htmlutils.rb
   80 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/cookie.rb
   81 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httpstatus.rb
   82 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httprequest.rb
   83 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httpresponse.rb
   84 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httpservlet/abstract.rb
   85 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httpservlet/filehandler.rb
   86 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httpservlet/cgihandler.rb
   87 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/cgi/escape.so
   88 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/cgi/util.rb
   89 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/strscan.so
   90 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/erb.rb
   91 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httpservlet/erbhandler.rb
   92 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httpservlet/prochandler.rb
   93 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httpservlet.rb
   94 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httpserver.rb
   95 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httpauth/authenticator.rb
   96 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httpauth/basicauth.rb
   97 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/digest.so
   98 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/digest.rb
   99 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/digest/md5.so
  100 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/digest/sha1.so
  101 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httpauth/digestauth.rb
  102 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httpauth/userdb.rb
  103 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httpauth/htpasswd.rb
  104 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httpauth/htdigest.rb
  105 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httpauth/htgroup.rb
  106 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httpauth.rb
  107 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick.rb
  108 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/net/protocol.rb
  109 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/zlib.so
  110 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/net/http/exceptions.rb
  111 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/net/http/header.rb
  112 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/windows_31j.so
  113 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/net/http/generic_request.rb
  114 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/net/http/request.rb
  115 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/net/http/requests.rb
  116 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/net/http/response.rb
  117 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/net/http/responses.rb
  118 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/net/http/proxy_delta.rb
  119 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/net/http/backward.rb
  120 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/net/http.rb
  121 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/httpproxy.rb
  122 /builddir/build/BUILD/ruby-2.4.0-r56422/test/open-uri/test_open-uri.rb
  123 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/openssl.so
  124 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/openssl/bn.rb
  125 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/openssl/pkey.rb
  126 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/openssl/cipher.rb
  127 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/openssl/config.rb
  128 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/openssl/digest.rb
  129 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/openssl/x509.rb
  130 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/openssl/buffering.rb
  131 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/openssl/ssl.rb
  132 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/openssl.rb
  133 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/ssl.rb
  134 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/webrick/https.rb
  135 /builddir/build/BUILD/ruby-2.4.0-r56422/test/openssl/utils.rb
  136 /builddir/build/BUILD/ruby-2.4.0-r56422/test/open-uri/test_ssl.rb
  137 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_variable.rb
  138 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_process.rb
  139 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_ifunless.rb
  140 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_const.rb
  141 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_econv.rb
  142 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_refinement.rb
  143 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_fixnum.rb
  144 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_stringchar.rb
  145 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/-test-/integer.so
  146 /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/-test-/integer.rb
  147 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_bignum.rb
  148 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_sprintf.rb
  149 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_iterator.rb
  150 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_rubyoptions.rb
  151 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_fnmatch.rb
  152 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_weakmap.rb
  153 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_not.rb
  154 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_enumerator.rb
  155 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_time.rb
  156 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_eval.rb
  157 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_path.rb
  158 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_rational.rb
  159 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_alias.rb
  160 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_struct.rb
  161 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_call.rb
  162 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_mixed_unicode_escapes.rb
  163 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_iseq.rb
  164 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/continuation.so
  165 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_hash.rb
  166 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_complex2.rb
  167 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/ut_eof.rb
  168 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_pipe.rb
  169 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_clone.rb
  170 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_unicode_escape.rb
  171 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_proc.rb
  172 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_beginendblock.rb
  173 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_transcode.rb
  174 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_threadgroup.rb
  175 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/objspace.so
  176 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_optimization.rb
  177 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/euc_jp.so
  178 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_regexp.rb
  179 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_pack.rb
  180 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_primitive.rb
  181 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_string.rb
  182 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_exception.rb
  183 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/fcntl.so
  184 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_readpartial.rb
  185 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_basicinstructions.rb
  186 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_array.rb
  187 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_object.rb
  188 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_file_exhaustive.rb
  189 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/fiber.so
  190 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_fiber.rb
  191 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/sentence.rb
  192 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_assignment.rb
  193 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/marshaltestlib.rb
  194 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/iso_8859_1.so
  195 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_marshal.rb
  196 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_continuation.rb
  197 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/pathname.so
  198 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/pathname.rb
  199 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/weakref.rb
  200 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_io.rb
  201 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_backtrace.rb
  202 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/shellwords.rb
  203 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_extlibs.rb
  204 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_system.rb
  205 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_notimp.rb
  206 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_sleep.rb
  207 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_integer.rb
  208 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_require.rb
  209 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_method.rb
  210 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_numeric.rb
  211 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_lazy_enumerator.rb
  212 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_dir_m17n.rb
  213 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_defined.rb
  214 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_undef.rb
  215 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_math.rb
  216 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_complex.rb
  217 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/bigdecimal.so
  218 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_range.rb
  219 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_encoding.rb
  220 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_float.rb
  221 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_yield.rb
  222 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/enc/test_euc_jp.rb
  223 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/enc/test_utf32.rb
  224 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/enc/test_case_comprehensive.rb
  225 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/enc/test_regex_casefold.rb
  226 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/shift_jis.so
  227 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/enc/test_shift_jis.rb
  228 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/enc/test_gbk.rb
  229 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/enc/test_euc_tw.rb
  230 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/enc/test_euc_kr.rb
  231 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/enc/test_emoji.rb
  232 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/enc/test_utf16.rb
  233 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/enc/test_iso_8859.rb
  234 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/enc/test_case_mapping.rb
  235 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/enc/test_koi8.rb
  236 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/enc/test_gb18030.rb
  237 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/windows_1252.so
  238 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/enc/test_windows_1252.rb
  239 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/enc/test_case_options.rb
  240 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/enc/test_big5.rb
  241 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/windows_1251.so
  242 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/enc/test_windows_1251.rb
  243 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/enc/test_cp949.rb
  244 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_rational2.rb
  245 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_objectspace.rb
  246 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_file.rb
  247 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_gc.rb
  248 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_metaclass.rb
  249 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_symbol.rb
  250 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_comparable.rb
  251 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_keyword.rb
  252 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_thread.rb
  253 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_settracefunc.rb
  254 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_parse.rb
  255 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_condition.rb
  256 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_enum.rb
  257 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_literal.rb
  258 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_rubyvm.rb
  259 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_io_m17n.rb
  260 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/utf_16be.so
  261 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/trans/utf_16_32.so
  262 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/utf_16le.so
  263 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/utf_32be.so
  264 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/utf_32le.so
  265 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_m17n.rb
  266 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_integer_comb.rb
  267 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_whileuntil.rb
  268 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_autoload.rb
  269 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_module.rb
  270 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_argf.rb
  271 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_time_tz.rb
  272 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_rand.rb
  273 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/allpairs.rb
  274 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_sprintf_comb.rb
  275 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_flip.rb
  276 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_complexrational.rb
  277 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_case.rb
  278 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_class.rb
  279 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_signal.rb
  280 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_trace.rb
  281 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_dir.rb
  282 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_env.rb
  283 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_super.rb
  284 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_arity.rb
  285 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_m17n_comb.rb
  286 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_syntax.rb
  287 /builddir/build/BUILD/ruby-2.4.0-r56422/test/ruby/test_lambda.rb
  288 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/abbrev.rb
  289 /builddir/build/BUILD/ruby-2.4.0-r56422/test/test_abbrev.rb
  290 /builddir/build/BUILD/ruby-2.4.0-r56422/test/test_timeout.rb
  291 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/prime.rb
  292 /builddir/build/BUILD/ruby-2.4.0-r56422/test/test_prime.rb
  293 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/cgi/core.rb
  294 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/cgi/cookie.rb
  295 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/cgi.rb
  296 /builddir/build/BUILD/ruby-2.4.0-r56422/test/cgi/update_env.rb
  297 /builddir/build/BUILD/ruby-2.4.0-r56422/test/cgi/test_cgi_header.rb
  298 /builddir/build/BUILD/ruby-2.4.0-r56422/test/cgi/test_cgi_cookie.rb
  299 /builddir/build/BUILD/ruby-2.4.0-r56422/test/cgi/test_cgi_core.rb
  300 /builddir/build/BUILD/ruby-2.4.0-r56422/test/cgi/test_cgi_modruby.rb
  301 /builddir/build/BUILD/ruby-2.4.0-r56422/test/cgi/test_cgi_tag_helper.rb
  302 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/cgi/session.rb
  303 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/digest/sha2.so
  304 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/pstore.rb
  305 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/cgi/session/pstore.rb
  306 /builddir/build/BUILD/ruby-2.4.0-r56422/test/cgi/test_cgi_session.rb
  307 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/big5.so
  308 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/cp949.so
  309 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/emacs_mule.so
  310 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/euc_kr.so
  311 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/euc_tw.so
  312 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/gb2312.so
  313 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/gb18030.so
  314 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/gbk.so
  315 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/iso_8859_2.so
  316 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/iso_8859_3.so
  317 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/iso_8859_4.so
  318 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/iso_8859_5.so
  319 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/iso_8859_6.so
  320 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/iso_8859_7.so
  321 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/iso_8859_8.so
  322 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/iso_8859_9.so
  323 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/iso_8859_10.so
  324 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/iso_8859_11.so
  325 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/iso_8859_13.so
  326 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/iso_8859_14.so
  327 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/iso_8859_15.so
  328 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/iso_8859_16.so
  329 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/koi8_r.so
  330 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/koi8_u.so
  331 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/windows_1250.so
  332 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/windows_1253.so
  333 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/windows_1254.so
  334 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/windows_1257.so
  335 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/trans/single_byte.so
  336 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/trans/ebcdic.so
  337 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/trans/japanese_euc.so
  338 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/trans/iso2022.so
  339 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/trans/emoji.so
  340 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/enc/trans/emoji_iso2022_kddi.so
  341 /builddir/build/BUILD/ruby-2.4.0-r56422/test/cgi/test_cgi_util.rb
  342 /builddir/build/BUILD/ruby-2.4.0-r56422/test/cgi/test_cgi_multipart.rb
  343 /builddir/build/BUILD/ruby-2.4.0-r56422/test/test_forwardable.rb
  344 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/securerandom.rb
  345 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/resolv.rb
  346 /builddir/build/BUILD/ruby-2.4.0-r56422/test/resolv/test_addr.rb
  347 /builddir/build/BUILD/ruby-2.4.0-r56422/test/resolv/test_dns.rb
  348 /builddir/build/BUILD/ruby-2.4.0-r56422/test/resolv/test_resource.rb
  349 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/e2mmap.rb
  350 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/matrix.rb
  351 /builddir/build/BUILD/ruby-2.4.0-r56422/test/matrix/test_matrix.rb
  352 /builddir/build/BUILD/ruby-2.4.0-r56422/test/matrix/test_vector.rb
  353 /builddir/build/BUILD/ruby-2.4.0-r56422/test/test_tempfile.rb
  354 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/shell/error.rb
  355 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/shell/filter.rb
  356 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/shell/system-command.rb
  357 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/shell/builtin-command.rb
  358 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/shell/command-processor.rb
  359 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/sync.rb
  360 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/shell/process-controller.rb
  361 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/shell.rb
  362 /builddir/build/BUILD/ruby-2.4.0-r56422/test/shell/test_command_processor.rb
  363 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/gdbm.so
  364 /builddir/build/BUILD/ruby-2.4.0-r56422/test/gdbm/test_gdbm.rb
  365 /builddir/build/BUILD/ruby-2.4.0-r56422/test/optparse/test_zsh_completion.rb
  366 /builddir/build/BUILD/ruby-2.4.0-r56422/test/optparse/test_optparse.rb
  367 /builddir/build/BUILD/ruby-2.4.0-r56422/test/optparse/test_placearg.rb
  368 /builddir/build/BUILD/ruby-2.4.0-r56422/test/optparse/test_noarg.rb
  369 /builddir/build/BUILD/ruby-2.4.0-r56422/test/optparse/test_reqarg.rb
  370 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/optparse/ac.rb
  371 /builddir/build/BUILD/ruby-2.4.0-r56422/test/optparse/test_autoconf.rb
  372 /builddir/build/BUILD/ruby-2.4.0-r56422/test/optparse/test_getopts.rb
  373 /builddir/build/BUILD/ruby-2.4.0-r56422/test/optparse/test_optarg.rb
  374 /builddir/build/BUILD/ruby-2.4.0-r56422/test/optparse/test_acceptable.rb
  375 /builddir/build/BUILD/ruby-2.4.0-r56422/test/optparse/test_summary.rb
  376 /builddir/build/BUILD/ruby-2.4.0-r56422/test/optparse/test_bash_completion.rb
  377 /builddir/build/BUILD/ruby-2.4.0-r56422/test/optparse/test_cclass.rb
  378 /builddir/build/BUILD/ruby-2.4.0-r56422/test/test_time.rb
  379 /builddir/build/BUILD/ruby-2.4.0-r56422/test/test_shellwords.rb
  380 /builddir/build/BUILD/ruby-2.4.0-r56422/test/test_securerandom.rb
  381 /builddir/build/BUILD/ruby-2.4.0-r56422/test/test_win32api.rb
  382 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/benchmark.rb
  383 /builddir/build/BUILD/ruby-2.4.0-r56422/test/benchmark/test_benchmark.rb
  384 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/find.rb
  385 /builddir/build/BUILD/ruby-2.4.0-r56422/test/test_find.rb
  386 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/compatibility.rb
  387 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/defaults.rb
  388 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/deprecate.rb
  389 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/errors.rb
  390 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/version.rb
  391 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/requirement.rb
  392 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/platform.rb
  393 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/basic_specification.rb
  394 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/stub_specification.rb
  395 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/util/list.rb
  396 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/specification.rb
  397 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/exceptions.rb
  398 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/core_ext/kernel_gem.rb
  399 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/core_ext/kernel_require.rb
  400 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems.rb
  401 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/dependency.rb
  402 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/path_support.rb
  403 /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/mock.rb
  404 /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/minitest/autorun.rb
  405 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/exception.rb
  406 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/syntax_error.rb
  407 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/psych.so
  408 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/omap.rb
  409 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/set.rb
  410 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/class_loader.rb
  411 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/scalar_scanner.rb
  412 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/nodes/node.rb
  413 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/nodes/stream.rb
  414 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/nodes/document.rb
  415 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/nodes/sequence.rb
  416 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/nodes/scalar.rb
  417 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/nodes/mapping.rb
  418 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/nodes/alias.rb
  419 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/nodes.rb
  420 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/streaming.rb
  421 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/visitors/visitor.rb
  422 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/visitors/to_ruby.rb
  423 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/visitors/emitter.rb
  424 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/handler.rb
  425 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/tree_builder.rb
  426 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/visitors/yaml_tree.rb
  427 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/json/ruby_events.rb
  428 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/visitors/json_tree.rb
  429 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/visitors/depth_first.rb
  430 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/visitors.rb
  431 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/parser.rb
  432 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/coder.rb
  433 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/core_ext.rb
  434 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/deprecated.rb
  435 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/stream.rb
  436 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/json/yaml_events.rb
  437 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/json/tree_builder.rb
  438 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/json/stream.rb
  439 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/handlers/document_stream.rb
  440 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych.rb
  441 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/helper.rb
  442 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/json/test_stream.rb
  443 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_stream.rb
  444 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/yaml.rb
  445 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/dbm.so
  446 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/yaml/dbm.rb
  447 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_yamldbm.rb
  448 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_object_references.rb
  449 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_tree_builder.rb
  450 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_scalar.rb
  451 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_struct.rb
  452 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_serialize_subclasses.rb
  453 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_hash.rb
  454 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_emitter.rb
  455 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_nil.rb
  456 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_deprecated.rb
  457 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_omap.rb
  458 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_safe_load.rb
  459 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_string.rb
  460 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_exception.rb
  461 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/psych/handlers/recorder.rb
  462 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/handlers/test_recorder.rb
  463 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_array.rb
  464 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_object.rb
  465 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_parser.rb
  466 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_marshalable.rb
  467 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_coder.rb
  468 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_boolean.rb
  469 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_numeric.rb
  470 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_alias_and_anchor.rb
  471 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_set.rb
  472 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_encoding.rb
  473 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_document.rb
  474 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_symbol.rb
  475 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_merge_keys.rb
  476 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_to_yaml_properties.rb
  477 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_scalar_scanner.rb
  478 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/yaml/store.rb
  479 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_yamlstore.rb
  480 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_tainted.rb
  481 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/nodes/test_enumerable.rb
  482 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_json_tree.rb
  483 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_null.rb
  484 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_psych.rb
  485 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_date_time.rb
  486 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_class.rb
  487 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/visitors/test_emitter.rb
  488 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/visitors/test_to_ruby.rb
  489 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/visitors/test_yaml_tree.rb
  490 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/visitors/test_depth_first.rb
  491 /builddir/build/BUILD/ruby-2.4.0-r56422/test/psych/test_yaml.rb
  492 /builddir/build/BUILD/ruby-2.4.0-r56422/test/dbm/test_dbm.rb
  493 /builddir/build/BUILD/ruby-2.4.0-r56422/test/lib/with_different_ofs.rb
  494 /builddir/build/BUILD/ruby-2.4.0-r56422/test/digest/test_digest_extend.rb
  495 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/digest/rmd160.so
  496 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/common/digest/sha2.rb
  497 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/digest/bubblebabble.so
  498 /builddir/build/BUILD/ruby-2.4.0-r56422/test/digest/test_digest.rb
  499 /builddir/build/BUILD/ruby-2.4.0-r56422/test/test_singleton.rb
  500 /builddir/build/BUILD/ruby-2.4.0-r56422/test/socket/test_socket.rb
  501 /builddir/build/BUILD/ruby-2.4.0-r56422/test/socket/test_tcp.rb
  502 /builddir/build/BUILD/ruby-2.4.0-r56422/test/socket/test_basicsocket.rb
  503 /builddir/build/BUILD/ruby-2.4.0-r56422/test/socket/test_ancdata.rb
  504 /builddir/build/BUILD/ruby-2.4.0-r56422/test/socket/test_addrinfo.rb
  505 /builddir/build/BUILD/ruby-2.4.0-r56422/test/socket/test_udp.rb
  506 /builddir/build/BUILD/ruby-2.4.0-r56422/test/socket/test_unix.rb
  507 /builddir/build/BUILD/ruby-2.4.0-r56422/test/socket/test_nonblock.rb
  508 /builddir/build/BUILD/ruby-2.4.0-r56422/test/socket/test_sockopt.rb
  509 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/unicode_normalize/tables.rb
  510 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/unicode_normalize/normalize.rb
  511 /builddir/build/BUILD/ruby-2.4.0-r56422/test/test_unicode_normalize.rb
  512 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/util.rb
  513 /builddir/build/BUILD/ruby-2.4.0-r56422/.ext/x86_64-linux/io/console.so
  514 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/user_interaction.rb
  515 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/security/policy.rb
  516 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/security/policies.rb
  517 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/security/trust_dir.rb
  518 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/security/signer.rb
  519 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/security.rb
  520 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/package/digest_io.rb
  521 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/package/source.rb
  522 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/package/file_source.rb
  523 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/package/io_source.rb
  524 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/package/old.rb
  525 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/package/tar_header.rb
  526 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/package/tar_reader/entry.rb
  527 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/package/tar_reader.rb
  528 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/package/tar_writer.rb
  529 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/package.rb
  530 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/mock_gem_ui.rb
  531 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/molinillo/lib/molinillo/gem_metadata.rb
  532 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/molinillo/lib/molinillo/errors.rb
  533 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/set.rb
  534 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/tsort.rb
  535 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/action.rb
  536 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/add_edge_no_circular.rb
  537 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/add_vertex.rb
  538 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/detach_vertex_named.rb
  539 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/set_payload.rb
  540 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/tag.rb
  541 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/log.rb
  542 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph/vertex.rb
  543 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/molinillo/lib/molinillo/dependency_graph.rb
  544 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/molinillo/lib/molinillo/state.rb
  545 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/molinillo/lib/molinillo/modules/specification_provider.rb
  546 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/molinillo/lib/molinillo/delegates/resolution_state.rb
  547 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/molinillo/lib/molinillo/delegates/specification_provider.rb
  548 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/molinillo/lib/molinillo/resolution.rb
  549 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/molinillo/lib/molinillo/resolver.rb
  550 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/molinillo/lib/molinillo/modules/ui.rb
  551 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/molinillo/lib/molinillo.rb
  552 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/molinillo.rb
  553 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/activation_request.rb
  554 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/conflict.rb
  555 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/dependency_request.rb
  556 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/requirement_list.rb
  557 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/stats.rb
  558 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/set.rb
  559 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/api_set.rb
  560 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/composed_set.rb
  561 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/best_set.rb
  562 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/current_set.rb
  563 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/git_set.rb
  564 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/index_set.rb
  565 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/installer_set.rb
  566 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/lock_set.rb
  567 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/vendor_set.rb
  568 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/source_set.rb
  569 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/specification.rb
  570 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/spec_specification.rb
  571 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/api_specification.rb
  572 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/git_specification.rb
  573 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/index_specification.rb
  574 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/installed_specification.rb
  575 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/local_specification.rb
  576 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/lock_specification.rb
  577 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver/vendor_specification.rb
  578 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/resolver.rb
  579 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/version.rb
  580 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/ext/core.rb
  581 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/ext/string.rb
  582 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/win32.rb
  583 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/linked_list.rb
  584 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/cpu_counter.rb
  585 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/scope.rb
  586 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/task_argument_error.rb
  587 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/rule_recursion_overflow_error.rb
  588 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/task_manager.rb
  589 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/cloneable.rb
  590 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/file_utils.rb
  591 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/file_utils_ext.rb
  592 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/file_list.rb
  593 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/promise.rb
  594 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/thread_pool.rb
  595 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/private_reader.rb
  596 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/thread_history_display.rb
  597 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/trace_output.rb
  598 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/application.rb
  599 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/rake_module.rb
  600 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/pseudo_status.rb
  601 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/task_arguments.rb
  602 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/invocation_chain.rb
  603 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/invocation_exception_mixin.rb
  604 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/task.rb
  605 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/early_time.rb
  606 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/file_task.rb
  607 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/file_creation_task.rb
  608 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/multi_task.rb
  609 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/dsl_definition.rb
  610 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/default_loader.rb
  611 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/late_time.rb
  612 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/name_space.rb
  613 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/backtrace.rb
  614 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake.rb
  615 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/tasklib.rb
  616 /builddir/build/BUILD/ruby-2.4.0-r56422/gems/rake-11.3.0/lib/rake/packagetask.rb
  617 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/request/http_pool.rb
  618 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/request/https_pool.rb
  619 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/request/connection_pools.rb
  620 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/request.rb
  621 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/uri_formatter.rb
  622 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/remote_fetcher.rb
  623 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/test_utilities.rb
  624 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/test_case.rb
  625 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/source/git.rb
  626 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/source/installed.rb
  627 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/source/specific_file.rb
  628 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/source/local.rb
  629 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/source/lock.rb
  630 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/source/vendor.rb
  631 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/source.rb
  632 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/indexer.rb
  633 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_source.rb
  634 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/command.rb
  635 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/local_remote_options.rb
  636 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/gemcutter_utilities.rb
  637 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/commands/push_command.rb
  638 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_commands_push_command.rb
  639 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/available_set.rb
  640 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_resolver_index_specification.rb
  641 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/commands/stale_command.rb
  642 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_commands_stale_command.rb
  643 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/dependency_list.rb
  644 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_dependency_list.rb
  645 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/ext/build_error.rb
  646 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/ext/builder.rb
  647 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/ext/configure_builder.rb
  648 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/ext/ext_conf_builder.rb
  649 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/ext/rake_builder.rb
  650 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/ext/cmake_builder.rb
  651 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/ext.rb
  652 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/installer.rb
  653 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/installer_test_case.rb
  654 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rdoc.rb
  655 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rdoc/rubygems_hook.rb
  656 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/rdoc.rb
  657 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/uninstaller.rb
  658 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_uninstaller.rb
  659 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/package_task.rb
  660 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_package_task.rb
  661 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/command_manager.rb
  662 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/text.rb
  663 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/name_tuple.rb
  664 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/spec_fetcher.rb
  665 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/dependency_installer.rb
  666 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/install_update_options.rb
  667 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/version_option.rb
  668 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/install_message.rb
  669 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/commands/update_command.rb
  670 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_commands_update_command.rb
  671 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_dependency_resolution_error.rb
  672 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/server.rb
  673 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/commands/server_command.rb
  674 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_commands_server_command.rb
  675 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/request_set/gem_dependency_api.rb
  676 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/request_set/lockfile/parser.rb
  677 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/request_set/lockfile/tokenizer.rb
  678 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/request_set/lockfile.rb
  679 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/request_set.rb
  680 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_request_set.rb
  681 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_source_git.rb
  682 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_resolver_best_set.rb
  683 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/commands/environment_command.rb
  684 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_commands_environment_command.rb
  685 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_uri_formatter.rb
  686 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem.rb
  687 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_dependency_installer.rb
  688 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_installer.rb
  689 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/commands/generate_index_command.rb
  690 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_commands_generate_index_command.rb
  691 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_kernel.rb
  692 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/net/https.rb
  693 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_bundled_ca.rb
  694 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/source_list.rb
  695 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_source_list.rb
  696 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_resolver_local_specification.rb
  697 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/validator.rb
  698 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/commands/install_command.rb
  699 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_commands_install_command.rb
  700 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/config_file.rb
  701 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_config_file.rb
  702 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_silent_ui.rb
  703 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_path_support.rb
  704 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_server.rb
  705 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/commands/which_command.rb
  706 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_commands_which_command.rb
  707 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_resolver_api_set.rb
  708 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_resolver_vendor_specification.rb
  709 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_impossible_dependencies_error.rb
  710 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_resolver_vendor_set.rb
  711 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_resolver_git_specification.rb
  712 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_indexer.rb
  713 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_security.rb
  714 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_command_manager.rb
  715 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_util.rb
  716 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_resolver_lock_set.rb
  717 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_command.rb
  718 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/doctor.rb
  719 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_doctor.rb
  720 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_resolver_installed_specification.rb
  721 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_version.rb
  722 /builddir/build/BUILD/ruby-2.4.0-r56422/lib/rubygems/package/tar_test_case.rb
  723 /builddir/build/BUILD/ruby-2.4.0-r56422/test/rubygems/test_gem_package_tar_reader_en

Decode ASN1 streams using IO objects

I've been experimenting with OpenSSL::ASN1 module to encode and decode SNMP PDUs. It is successful, but I have to read the stream from the socket first.

I'm using UDPSocket#send and UDPSocket#recvfrom_nonblock, but the problem is that I don't have a way of knowing how much I have to read from the socket, as the size of the elements is encoded into the ASN1 stream, and it doesn't seem to be specified by the protocol. As it's an ASN1 stream, one could directly read from the descriptor and build the ASN tree instead of "read then decode".

This is the first time I'm using openssl directly, and I don't know if such a functionality like this exists already. I've read the documentation, and such a thing seems to exist for instances of SSLSocket, but it looks like it's only for TLS session-enabled sockets.

So, this is what I'm doing right now, in pseudo:

socket.send pdu_request_stream, 0
..
begin
   buffer, _ = socket.recvfrom_nonblock 128
   response_stream << buffer
   response_asn = OpenSSL::ASN1.decode(response_stream)
rescue IO::WaitReadable
  socket.wait_readable(2) yada yada...
  retry
rescue OpenSSL::ASN1::ASN1Error
  # I assume the stream is not complete, so I have to process more
  retry
end

and this would be my "desired" solution:

socket.send pdu_request_stream, 0
begin
   response_asn = OpenSSL::ASN1.decode_nonblock(socket)
...

Is a variation of this possible? Or would this be a feature request?

Not able to create CSR with more than 1 subjectAltName

I've tried to create a CSR, however the Name parsing fails

2.1.0 :035 > s="/C=US/ST=New York/L=New York/O=End Point/OU=Hosting Team/CN=*.my-primary-domain.com/[email protected]/subjectAltName=DNS.1=secondary-domain.com,DNS.2=www.secondary-domain.com,DNS.3=*.other-domain.com"
 => "/C=US/ST=New York/L=New York/O=End Point/OU=Hosting Team/CN=*.my-primary-domain.com/[email protected]/subjectAltName=DNS.1=secondary-domain.com,DNS.2=www.secondary-domain.com,DNS.3=*.other-domain.com"
2.1.0 :036 > OpenSSL::X509::Name.parse s
OpenSSL::X509::NameError: invalid field name
    from /Users/ernesto/.rvm/rubies/ruby-2.1.0/lib/ruby/2.1.0/openssl/x509.rb:149:in `each'
    from /Users/ernesto/.rvm/rubies/ruby-2.1.0/lib/ruby/2.1.0/openssl/x509.rb:149:in `initialize'
    from /Users/ernesto/.rvm/rubies/ruby-2.1.0/lib/ruby/2.1.0/openssl/x509.rb:149:in `new'
    from /Users/ernesto/.rvm/rubies/ruby-2.1.0/lib/ruby/2.1.0/openssl/x509.rb:149:in `parse_openssl'
    from (irb):36
    from /Users/ernesto/.rvm/rubies/ruby-2.1.0/bin/irb:11:in `<main>'

Changing the equal sign for a colon only changes the error

2.1.0 :037 > s="/C=US/ST=New York/L=New York/O=End Point/OU=Hosting Team/CN=*.my-primary-domain.com/[email protected]/subjectAltName=DNS.1:secondary-domain.com,DNS.2:www.secondary-domain.com,DNS.3:*.other-domain.com"
 => "/C=US/ST=New York/L=New York/O=End Point/OU=Hosting Team/CN=*.my-primary-domain.com/[email protected]/subjectAltName=DNS.1:secondary-domain.com,DNS.2:www.secondary-domain.com,DNS.3:*.other-domain.com"
2.1.0 :038 > OpenSSL::X509::Name.parse s
TypeError: no implicit conversion of nil into String
    from /Users/ernesto/.rvm/rubies/ruby-2.1.0/lib/ruby/2.1.0/openssl/x509.rb:149:in `each'
    from /Users/ernesto/.rvm/rubies/ruby-2.1.0/lib/ruby/2.1.0/openssl/x509.rb:149:in `initialize'
    from /Users/ernesto/.rvm/rubies/ruby-2.1.0/lib/ruby/2.1.0/openssl/x509.rb:149:in `new'
    from /Users/ernesto/.rvm/rubies/ruby-2.1.0/lib/ruby/2.1.0/openssl/x509.rb:149:in `parse_openssl'
    from (irb):38
    from /Users/ernesto/.rvm/rubies/ruby-2.1.0/bin/irb:11:in `<main>'

With the same subject I'm able to generate a CSR with the openssl command line

$ openssl req -new -key globo.key -sha256 -nodes -subj '/C=US/ST=New York/L=New York/O=End Point/OU=Hosting Team/CN=*.my-primary-domain.com/[email protected]/subjectAltName=DNS.1:secondary-domain.com,DNS.2:www.secondary-domain.com,DNS.3:*.other-domain.com'
-----BEGIN CERTIFICATE REQUEST-----
MIIDYTCCAkkCAQAwggEaMQswCQYDVQQGEwJVUzERMA8GA1UECAwITmV3IFlvcmsx
ETAPBgNVBAcMCE5ldyBZb3JrMRIwEAYDVQQKDAlFbmQgUG9pbnQxFTATBgNVBAsM
DEhvc3RpbmcgVGVhbTEgMB4GA1UEAwwXKi5teS1wcmltYXJ5LWRvbWFpbi5jb20x
OzA5BgkqhkiG9w0BCQEWLGFkbWluaXN0cmF0aXZlLWFkZHJlc3NAbXktcHJpbWFy
eS1kb21haW4uY29tMVswWQYDVR0RDFJETlMuMTpzZWNvbmRhcnktZG9tYWluLmNv
bSxETlMuMjp3d3cuc2Vjb25kYXJ5LWRvbWFpbi5jb20sRE5TLjM6Ki5vdGhlci1k
b21haW4uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnIx3UNQ
lh4iR4bNIVBNNeJ9Vdy1nf0JU0E7lmYWCefePK+id6HPqzV6cduBhV4lbuHURmew
ni2Bci8IWNeqF/3bab5PG4D2VA4x0b2YHZrcxgAW81OjwOCMqSE2tAWNu3+5Jj4Y
J3TY+ebfsP3BRITXibFRsEgWDTsYTZuU77MB5jqhFO5FoR1OuMuagJtMd9V+vsRt
iIspAP3ZZCB+lEkb5E+0SgDBFGxTMGZCJ4iUZVtDP3NhYz3mfxM6rF6TWY51OV5l
RMyzrpauUEqgzEfAKEep4PEt+yIp1KyCwyyslZRo8dAzAPj39M3XgS11PNbdsiy+
6As0/9Qsv/8AlQIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAKhGNL1Y69fqsvml
rajc5qOzPSmPGiwrFOyJon4leeqbIoEK4OqyN3ujLPVJPqhyF8r7BHTTucxGq+RA
nFcN9OgAsxF61A6Uz2Ip0iDHYyBpPyjznz+3CnmbRgAdwv51FUBG3GMrceBx/cwx
YrRc6XukGA+J0YeGtOxmc23ns1wvrtBkjuCWDN0YwH4Yq8EwaFz4pIbwU8VHjrq0
SsBEjKe1Q6v2m+0cfz3uztQ0aEs4OCCX/ZM8VPfKzn5V7Yq4pLp2YS1gDXtBeAFQ
m5NFUvR+G4JAo+w6r/6VVcl2pXNag7o4fjY346SkrP4yjDccebZQKLekuQ+bbZQL
jPJUNY4=
-----END CERTIFICATE REQUEST-----

This is not supported yet, or it's an error?

sync_close makes it easy to leak FDs

The default implementation of OpenSSL is that you wrap the socket, and then if you call close on the SSL socket, it doesn't close the underlying one. If you set sync_close = true on the SSLSocket, it will call close on the underlying socket. Otherwise, you have to do it yourself.

Given you're connecting to a SSL server, I can't think of a situation where you would want to tear down only the SSL portion, and not the underlying socket as well. @tarcieri?

OpenSSL::X509::Name.to_s generates ASCII-8BIT strings and double quotes UTF-8

Given a certificate with non-ASCII characters in subject I would expect the subject when converted to a string via .to_s would return a UTF-8 (or other appropriately encoded) string.

What I get instead is an ASCII-8BIT encoding string with the UTF-8 characters double encoded.

Digging through the ruby openssl code, I see that if .to_s is called with an integer flag, it actually calls X509_NAME_print_ex().

The docs say I should use XN_FLAG_ONELINE & ~ASN1_STRFLGS_ESC_MSB to get UTF-8 (as an example). But I couldn't find ASN1_STRFLGS_ESC_MSB in the ruby OpenSSL library.

So I'd say there was two bugs:

.to_s with no arguments should return a properly encoded string without escaped UTF-8 characters.
The ASN1_STRFLGS constants are missing.

Here is some ruby code to help show the problem:

# coding: utf-8

require 'openssl'

### Note 1 ###
# I had to look this up in the OpenSSL include files.
# I couldn't find it in ruby anyplace.
ASN1_STRFLGS_ESC_MSB = 4

pem = <<-CERT
-----BEGIN CERTIFICATE-----
MIIEPTCCAyWgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBvzE/MD0GA1UEAww2VMOc
UktUUlVTVCBFbGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sx
c8SxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMV4wXAYDVQQKDFVUw5xS
S1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnEn2kg
SGl6bWV0bGVyaSBBLsWeLiAoYykgQXJhbMSxayAyMDA3MB4XDTA3MTIyNTE4Mzcx
OVoXDTE3MTIyMjE4MzcxOVowgb8xPzA9BgNVBAMMNlTDnFJLVFJVU1QgRWxla3Ry
b25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsTELMAkGA1UEBhMC
VFIxDzANBgNVBAcMBkFua2FyYTFeMFwGA1UECgxVVMOcUktUUlVTVCBCaWxnaSDE
sGxldGnFn2ltIHZlIEJpbGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkgQS7F
ni4gKGMpIEFyYWzEsWsgMjAwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKu3PgqMyKVYFeaK7yc9SrToJdPNM8Ig3BnuiD9NYvDdE3ePYakqtdTyuTFY
KTsvP2qcb3N2Je40IIDu6rfwxArNK4aUyeNgsURSsloptJGXg9i3phQvKUmi8wUG
+7RP2qFsmmaf8EMJyupyj+sA1zU511YXRxcw9L6/P8JorzZAwan0qafoEGsIiveG
HtyaKhUG9qPw9ODHFNRRf8+0222vR5YXm3dx2KdxnSQM9pQ/hTEST7ruToK4uT6P
IzdezKKqdfcYbwnTrqdUKDT74eA7YH2gvnmJhsifLfkKS8RQouf9eRbHegsYz85M
733WB2+Y8a+xwXrXgTW4qhe04MsCAwEAAaNCMEAwHQYDVR0OBBYEFCnFkKslrxHk
Yb+j/4hhkeYO/pyBMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0G
CSqGSIb3DQEBBQUAA4IBAQAQDdr4Ouwo0RSVgrESLFF6QSU2TJ/sPx+EnWVUXKgW
AkD6bho3hO9ynYYKVZ1WKKxmLNA6VpM0ByWtCLCPyA8JWcqdmBzlVPi5RX9ql2+I
aE1KBiY3iAIOtsbWcpnOa3faYjGkVh+uX4132l32iPwa2Z61gfAyuOOI0JzzaqC5
mxRZNTZPz/OOXl0XrRWV2N2y1RVuAE6zS89mlOTgzbUF2mNXi+WzqtvALhyQRNsa
XRik7r4EW5nVcV9VZWRi1aKbBFmGyGJ353yCRWo9F7/snXUMrqNvWtMvmDb08PUZ
qxFdyKbjKlhqQgnDvZImZjINXQhVdP+MmNAKpoRq0Tl9
-----END CERTIFICATE-----
CERT


cert = OpenSSL::X509::Certificate.new pem

cert.subject # => #<OpenSSL::X509::Name:0x007f85ad0019c0>

puts
puts 'The "I expected this to work" approach'
i_expected_this_to_work = cert.subject.to_s
puts i_expected_this_to_work
puts i_expected_this_to_work.encoding

# Following instructions from https://wiki.openssl.org/index.php/Manual:X509_NAME_print_ex(3)
# to get UTF-8.
puts
puts 'The "Using magic flags" approach'
oh_so_close = cert.subject.to_s(OpenSSL::X509::Name::ONELINE & ~ASN1_STRFLGS_ESC_MSB)
puts oh_so_close
puts oh_so_close.encoding

puts
puts 'The "Fix the magic flags" approach'
corrected_approach = oh_so_close.force_encoding(Encoding::UTF_8)
puts corrected_approach
puts corrected_approach.encoding

# >> 
# >> The "I expected this to work" approach
# >> /CN=T\xC3\x9CRKTRUST Elektronik Sertifika Hizmet Sa\xC4\x9Flay\xC4\xB1c\xC4\xB1s\xC4\xB1/C=TR/L=Ankara/O=T\xC3\x9CRKTRUST Bilgi \xC4\xB0leti\xC5\x9Fim ve Bili\xC5\x9Fim G\xC3\xBCvenli\xC4\x9Fi Hizmetleri A.\xC5\x9E. (c) Aral\xC4\xB1k 2007
# >> ASCII-8BIT
# >> 
# >> The "Using magic flags" approach
# >> CN = TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı, C = TR, L = Ankara, O = TÜRKTRUST Bilgi İletişim ve Bilişim Güvenliği Hizmetleri A.Ş. (c) Aralık 2007
# >> ASCII-8BIT
# >> 
# >> The "Fix the magic flags" approach
# >> CN = TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı, C = TR, L = Ankara, O = TÜRKTRUST Bilgi İletişim ve Bilişim Güvenliği Hizmetleri A.Ş. (c) Aralık 2007
# >> UTF-8

Warnings on trunk

../../../ext/openssl/ossl_ssl.c:2013:5: warning: implicit declaration of function 'SSL_get0_alpn_selected' is invalid in C99 [-Wimplicit-function-declaration]
    SSL_get0_alpn_selected(ssl, &out, &outlen);
    ^
../../../ext/openssl/ossl_ssl.c:2005:1: warning: unused function 'ossl_ssl_alpn_protocol' [-Wunused-function]
ossl_ssl_alpn_protocol(VALUE self)
^
2 warnings generated.

Probabilistic Signature Scheme for RSA key signing

I do not see support for this OpenSSL feature. Am I missing something? Is this on the TODO list? Happy to contribute if there is a desire for that.

Gem ship.

I found some blocker for openssl gem release.

namespace of openssl. https://rubygems.org/gems/openssl
Version number
removed openssl from rubygems blacklist . https://github.com/hsbt/rubygems.org/blob/master/lib/patterns.rb

@rhenium @zzak If you have some blocker, Please note this issue. I will try to solve it.

ALPN support

see this patch: https://gist.github.com/rhenium/b1711edcc903e8887a51

ALPN support is required by HTTP/2 protocol. I think we need to support ALPN for next release.

Authenticated Encryption should check for tag length

The current API for using ciphers with Authenticated Encryption (currently only AES-GCM) is rather misleading and quickly leads to subtle bugs related to the length of auth_tag.

In particular, the current implementation will not check for the length of the auth_tag. Because GCM mode allows arbitrary sizes of the auth_tag up to 128 bytes, only a single byte needs to be supplied to make the authentication pass. This means that an attacker needs at most 256 attempts in order to forge a valid auth_tag.

data = 'secret'

cipher = OpenSSL::Cipher.new('aes-128-gcm')
cipher.encrypt
key = cipher.random_key
iv = cipher.random_iv
cipher.auth_data = 'auth_data'
ciphertext = cipher.update(data) + cipher.final
auth_tag = cipher.auth_tag

auth_tag = auth_tag[0] # single byte is sufficient

cipher = OpenSSL::Cipher.new('aes-128-gcm')
cipher.decrypt
cipher.key = key
cipher.iv = iv
cipher.auth_tag = auth_tag
cipher.auth_data = 'auth_data'
data = cipher.update(ciphertext) + cipher.final

# NO error raised

Currently, the only way to prevent such attacks is to manually assert the correct auth_tag length when decrypting/authenticating.

raise 'incorrect auth_tag length' unless auth_tag.length == 16

I suggest the following improvements:

Documentation should mention the importance of manually checking `auth_tag` length

This can/should be done immediately even if the API should not change.

Authentication tag length should be an input parameter to the cipher

To improve the usability of the API and unburden users from performing additional manual checks without compromising security, I suggest to add an auth_tag_len accessor. This can be used to determine the size of the auth_tag both when generating and when authenticating the auth_tag. The default value should be 16 bytes (see below).

`#auth_tag` should use `auth_tag_len` to determine the output length

During encryption:

If no parameter is given, #auth_tag should return an authentication tag according to the length configured in auth_tag_len.

If a length parameter is given, #auth_tag should use the supplied parameter to determine the length of the authentication tag. Although this parameter is not as useful any more it should be kept for backwards compatibility. Maybe it should be deprecated.

Currently the API supports different tag lengths by passing the length parameter to #auth_tag. This currently defaults to 16 bytes, which should be the default value for auth_tag_len in order to keep backwards compatibility.

`#final` should use `auth_tag_len` to assert the correct length of the `auth_tag`

During decryption:

auth_tag_len should be used to assert that the supplied auth_tag has the correct length. The big difference to the existing API lies here, because users need to actively change the value of auth_tag_len in order to allow shorter tags.

When the check fails, an OpenSSL::Cipher::CipherError should be raised. The same type of error is already raised when authentication fails, so existing users should be fine without having to touch their error handling. A descriptive error message should be helpful. In order to distinguish between such errors and "actual" verification errors, we could also add a descriptive message for the latter.

I'd be happy to implement these changes, but I wanted to discuss them first.

For reference: This issue was copied over from the Ruby Issue Tracker https://bugs.ruby-lang.org/issues/12582

Failed to build native gem extension

I get the following build failure on travis:
https://travis-ci.org/ruby/openssl/jobs/103061962#L285

Log

3.18s$ docker-compose run test

Using Ruby 2.2.3 with OpenSSL 1.0.0s.

WARNING:  WARNING: license value 'ruby' is invalid.  Use a license identifier from

http://spdx.org/licenses or 'Nonstandard' for a nonstandard license.

WARNING:  See http://guides.rubygems.org/specification-reference/ for help

  Successfully built RubyGem

  Name: openssl

  Version: 1.1.0

  File: openssl-1.1.0.gem

Fetching: rake-compiler-0.9.5.gem (100%)

Successfully installed rake-compiler-0.9.5

Building native extensions with: '--with-openssl-dir=/opt/openssl/openssl-1.0.0s'

This could take a while...

ERROR:  Error installing openssl-1.1.0.gem:

    ERROR: Failed to build gem native extension.

    current directory: /opt/ruby/ruby-2.3.0/lib/ruby/gems/2.3.0/gems/openssl-1.1.0/ext/openssl

/opt/ruby/ruby-2.3.0/bin/ruby -r ./siteconf20160118-9-1ydvskv.rb extconf.rb --with-openssl-dir=/opt/openssl/openssl-1.0.0s

checking for t_open() in -lnsl... no

checking for socket() in -lsocket... no

checking for assert.h... yes

checking for openssl/ssl.h... no

*** extconf.rb failed ***

Could not create Makefile due to some reason, probably lack of necessary

libraries and/or headers.  Check the mkmf.log file for more details.  You may

need configuration options.

Provided configuration options:

    --with-opt-dir

    --without-opt-dir

    --with-opt-include

    --without-opt-include=${opt-dir}/include

    --with-opt-lib

    --without-opt-lib=${opt-dir}/lib

    --with-make-prog

    --without-make-prog

    --srcdir=.

    --curdir

    --ruby=/opt/ruby/ruby-2.3.0/bin/$(RUBY_BASE_NAME)

    --with-openssl-dir

    --with-openssl-include

    --without-openssl-include=${openssl-dir}/include

    --with-openssl-lib

    --without-openssl-lib=${openssl-dir}/lib

    --with-kerberos-dir

    --without-kerberos-dir

    --with-kerberos-include

    --without-kerberos-include=${kerberos-dir}/include

    --with-kerberos-lib

    --without-kerberos-lib=${kerberos-dir}/lib

    --with-debug

    --without-debug

    --enable-debug

    --disable-debug

    --with-nsllib

    --without-nsllib

    --with-socketlib

    --without-socketlib

    --with-openssl-config

    --without-openssl-config

    --with-pkg-config

    --without-pkg-config

To see why this extension failed to compile, please check the mkmf.log which can be found here:

  /opt/ruby/ruby-2.3.0/lib/ruby/gems/2.3.0/extensions/x86_64-linux/2.3.0-static/openssl-1.1.0/mkmf.log

extconf failed, exit code 1

Gem files will remain installed in /opt/ruby/ruby-2.3.0/lib/ruby/gems/2.3.0/gems/openssl-1.1.0 for inspection.

Results logged to /opt/ruby/ruby-2.3.0/lib/ruby/gems/2.3.0/extensions/x86_64-linux/2.3.0-static/openssl-1.1.0/gem_make.out

/home/openssl/code/test/test_cipher.rb:13: warning: shadowing outer local variable - name

The command "docker-compose run test" exited with 0.

Done. Your build exited with 0.

Gemspec doesn't include extension

At the moment, the Gemspec doesn't set extensions. As a result, when you install the gem, the extension doesn't get built. If I'm not mistaken (and unless there is something about this gem I haven't quite understood yet) I think the following line needs to be added to openssl.gemspec:

spec.extensions    = ["ext/openssl/extconf.rb"]

(http://guides.rubygems.org/specification-reference/#extensions)

I came across this while I was trying to get the openssl gem to work with LibreSSL.

`OpenSSL::Cipher.new("chacha20").iv_len` should be `12`?

My environment is

ruby ruby 2.3.3p222 (2016-11-21 revision 56859) [x86_64-linux]
openssl OpenSSL 1.1.0c 10 Nov 2016
gem openssl (2.0.2)

I got this error

enctest.rb:42:in `iv=': iv must be 16 bytes (ArgumentError)

running my little test script

# enctest.rb

gem "openssl"
require 'openssl'


def hex2bin hex
  [hex.to_s].pack("H*")
end

# ChaCha20 implementation test vectors
# Taken from https://tools.ietf.org/html/rfc7539#section-2.4.2
chacha20_key =            "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"
chacha20_nonce =          "000000090000004a00000000"
chacha20_message =        "4c616469657320616e642047656e746c" \
                          "656d656e206f662074686520636c6173" \
                          "73206f66202739393a20496620492063" \
                          "6f756c64206f6666657220796f75206f" \
                          "6e6c79206f6e652074697020666f7220" \
                          "746865206675747572652c2073756e73" \
                          "637265656e20776f756c642062652069" \
                          "742e"
chacha20_ciphertext =     "6e2e359a2568f98041ba0728dd0d6981" \
                          "e97e7aec1d4360c20a27afccfd9fae0b" \
                          "f91b65c5524733ab8f593dabcd62b357" \
                          "1639d624e65152ab8f530c359f0861d8" \
                          "07ca0dbf500d6a6156a38e088a22b65e" \
                          "52bc514d16ccf806818ce91ab7793736" \
                          "5af90bbf74a35be6b40b8eedf2785e42" \
                          "874d"


key = hex2bin(chacha20_key)
message = hex2bin(chacha20_message)
nonce = hex2bin(chacha20_nonce)
expect_ciphertext = hex2bin(chacha20_ciphertext)

cipher = OpenSSL::Cipher.new 'chacha20'
cipher.encrypt
cipher.iv = nonce
cipher.key = key

encrypted = cipher.update(message) + cipher.final

raise 'openssl fail!!!' unless encrypted  == expect_ciphertext

That is because OpenSSL::Cipher.new("chacha20").iv_len = 16, while I'm trying to pass in an iv with 12-bytes.

Accrodding to rfc7539 , iv_len of chacha20 should be 96-bit, that is 12-bytes.

o A 96-bit nonce. In some protocols, this is known as the
Initialization Vector.

After all

OpenSSL::Cipher.new("chacha20-poly1305").iv_len equals to 12

So I think it's a bug.

Gem install openssl not working

I'm getting:
ERROR: Could not find a valid gem 'openssl' (>= 0) in any repository
ERROR: Possible alternatives: opendsl, open_dsl, OpenS3, openas2, open_xml

Am I doing something wrong on my end?

OpenSSL 1.0.0s failure repro

Here's the backtrace from the test failure when using OpenSSL 1.0.0s that I was able to reproduce:

Error: test_post_connect_check_with_anon_ciphers(OpenSSL::TestSSL): OpenSSL::SSL::SSLError: SSL_CTX_set_cipher_list: no cipher match
/home/openssl/code/test/utils.rb:281:in `ciphers='
/home/openssl/code/test/utils.rb:281:in `block in start_server'
/home/openssl/code/test/utils.rb:270:in `pipe'
/home/openssl/code/test/utils.rb:270:in `start_server'
/home/openssl/code/test/test_ssl.rb:409:in `test_post_connect_check_with_anon_ciphers'
     406:   def test_post_connect_check_with_anon_ciphers
     407:     sslerr = OpenSSL::SSL::SSLError
     408: 
  => 409:     start_server(OpenSSL::SSL::VERIFY_NONE, true, {use_anon_cipher: true}){|server, port|
     410:       ctx = OpenSSL::SSL::SSLContext.new
     411:       ctx.ciphers = "aNULL"
     412:       server_connect(port, ctx) { |ssl|

Upstream r49681

ruby/ruby@97f9589

[RFE] Enable to configure default ciphers

In Fedora, we have policy [1], which should assure a consistent security level for crypto on all applications in a Fedora system. However, since [2], the default cipher set was overridden, which changed now again (so luckily, the system defaults should be used for recent OpenSSL) if I understand b9aea27 correctly.

The main difficulty is that this is not transparent and moreover it is hard to adjust for me as a maintainer. Therefore, would it be possible, to introduce some configuration option, to modify the behavior explicitly? E.g.

gem install openssl -- --cipher-list="PROFILE=SYSTEM"

would explicitly allow to set the cipher compliant with the system policy.

Please note that if this was implemented, I intend to ask for similar Ruby configuration option.

[1] https://fedoraproject.org/wiki/Packaging:CryptoPolicies
[2] https://bugs.ruby-lang.org/issues/9424

Possible bug: order of setting key vs. IV affects encryption with AES GCM

Hello, I think I may have found a possible bug in the ruby openssl code for encryption.

If initialization vector is set before setting the encryption key when using one of the AES-*-GCM algorithms, the encryption does not take the IV into account at all and two different IVs (with the same key) produce the same encrypted ciphertext. If IV is set after the key, everything behaves perfectly OK. This issue does not affect other algorithms, only the AES-GCM ones.

For more context about how I came to this conclusion, please see this stack overflow question and this pull request in the encryptor gem.

Let me first show a simple test in ruby, to prove this issue:

# test_gcm.rb
require 'openssl'

def hex_enc(bytes)
  bytes.bytes.map { |b| sprintf("%02x", b) }.join(" ")
end

def test_aes_encr(n, cipher, data, key, iv, iv_before_key = true)
  cipher = OpenSSL::Cipher.new(cipher)
  cipher.encrypt

  if iv_before_key
    cipher.iv = iv
    cipher.key = key
  else
    cipher.key = key
    cipher.iv = iv
  end

  if cipher.name.downcase.end_with?("gcm")
    cipher.auth_data = ""
  end

  result = cipher.update(data)
  result << cipher.final

  puts "#{n} #{cipher.name}, iv #{iv_before_key ? "BEFORE" : "AFTER "} key: " +
           "iv=#{iv}, result=#{hex_enc(result)}"
end

data = "something private"
key = "This is a key that is 256 bits!!"

# control tests using AES-256-CBC
test_aes_encr(1, "aes-256-cbc", data, key, "aaaabbbbccccdddd", true)
test_aes_encr(2, "aes-256-cbc", data, key, "eeeeffffgggghhhh", true)
test_aes_encr(3, "aes-256-cbc", data, key, "aaaabbbbccccdddd", false)
test_aes_encr(4, "aes-256-cbc", data, key, "eeeeffffgggghhhh", false)

# failing tests using AES-256-GCM
test_aes_encr(5, "aes-256-gcm", data, key, "aaaabbbbcccc", true)
test_aes_encr(6, "aes-256-gcm", data, key, "eeeeffffgggg", true)
test_aes_encr(7, "aes-256-gcm", data, key, "aaaabbbbcccc", false)
test_aes_encr(8, "aes-256-gcm", data, key, "eeeeffffgggg", false)

When you run this test file, you'll get these results:

1 AES-256-CBC, iv BEFORE key: iv=aaaabbbbccccdddd, result=e0 80 06 71 ac d1 98 45 08 44 31 37 66 91 20 a1 2d 0d 9a 6d 7f fa 7a dd e5 54 f6 fd 76 9b d1 63
2 AES-256-CBC, iv BEFORE key: iv=eeeeffffgggghhhh, result=4f bb a6 d9 68 1b da fc 35 af 8b ab c8 5d f1 9c 17 aa f8 aa 33 b9 eb 63 28 62 2d 7c d2 ae ac 61
3 AES-256-CBC, iv AFTER  key: iv=aaaabbbbccccdddd, result=e0 80 06 71 ac d1 98 45 08 44 31 37 66 91 20 a1 2d 0d 9a 6d 7f fa 7a dd e5 54 f6 fd 76 9b d1 63
4 AES-256-CBC, iv AFTER  key: iv=eeeeffffgggghhhh, result=4f bb a6 d9 68 1b da fc 35 af 8b ab c8 5d f1 9c 17 aa f8 aa 33 b9 eb 63 28 62 2d 7c d2 ae ac 61
5 id-aes256-GCM, iv BEFORE key: iv=aaaabbbbcccc, result=4e 5f c7 7e 45 a9 c2 80 72 79 84 73 e8 cc f8 c8 8a
6 id-aes256-GCM, iv BEFORE key: iv=eeeeffffgggg, result=4e 5f c7 7e 45 a9 c2 80 72 79 84 73 e8 cc f8 c8 8a
7 id-aes256-GCM, iv AFTER  key: iv=aaaabbbbcccc, result=fb 82 32 9f b4 52 0c a8 a6 4d 08 b4 4b 78 27 e7 c1
8 id-aes256-GCM, iv AFTER  key: iv=eeeeffffgggg, result=de 6f 6e 10 3c 9b f5 e8 75 44 3d c2 b8 e0 a6 73 9d

The critical lines are lines 5 and 6. They show that when the IV is set before the encryption key, the IV is not taken into account. Lines 1-4 show that it this behavior is not present in the CBC encryption mode.

I tried to do further tests and they suggest that this behavior is caused by the pre-initialization of the encryption key in ossl_cipher.c. In the following test, I tried to closely mimic the C calls that ruby-openssl makes when doing a very simple encryption task:

/* aes_gcm.c */
#include <stdio.h>
#include <stdbool.h>
#include <openssl/bio.h>
#include <openssl/evp.h>

# define EVP_CTRL_AEAD_SET_IVLEN 0x9

static const unsigned char gcm_key[] = {
    'T', 'h', 'i', 's', ' ', 'i', 's', ' ', 'a', ' ', 'k', 'e', 'y', ' ',
    't', 'h', 'a', 't', ' ', 'i', 's', ' ', '2', '5', '6', ' ', 'b', 'i', 't', 's', '!', '!'
};

static const unsigned char gcm_iv[] = {
    'a', 'a', 'a', 'a', 'b', 'b', 'b', 'b', 'c', 'c', 'c', 'c'
};

static const unsigned char gcm_pt[] = {
   's', 'o', 'm', 'e', 't', 'h', 'i', 'n', 'g', ' ', 'p', 'r', 'i', 'v', 'a', 't', 'e'
};

static const unsigned char gcm_aad[] = { };

void aes_gcm_encrypt(bool iv_before_key, bool initialize_key) {
    int outlen;
    unsigned char outbuf[1024];
    EVP_CIPHER_CTX *ctx;
    const EVP_CIPHER *cipher;
    unsigned char null_key[EVP_MAX_KEY_LENGTH];


    /* initialize context */
    ctx = EVP_CIPHER_CTX_new();
    EVP_CIPHER_CTX_init(ctx);


    /* configure cipher */
    cipher = EVP_aes_256_gcm();
    if (initialize_key) {
      printf("init key, ");
      memset(null_key, 0, EVP_MAX_KEY_LENGTH);
      EVP_CipherInit_ex(ctx, cipher, NULL, null_key, NULL, -1);
    } else {
      printf("no init key, ");
      EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, -1);
    }

    /* encrypt */
    EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, 1);

    /* set key and IV */
    if (iv_before_key) {
      printf("iv before key:\n");
      EVP_CipherInit_ex(ctx, NULL, NULL, NULL, gcm_iv, -1);
      EVP_CipherInit_ex(ctx, NULL, NULL, gcm_key, NULL, -1);
    } else {
      printf("iv after  key:\n");
      EVP_CipherInit_ex(ctx, NULL, NULL, gcm_key, NULL, -1);
      EVP_CipherInit_ex(ctx, NULL, NULL, NULL, gcm_iv, -1);
    }

    /* set the authenticated data */
    EVP_CipherUpdate(ctx, NULL, &outlen, gcm_aad, sizeof(gcm_aad));

    /* encrypt! */
    EVP_CipherUpdate(ctx, outbuf, &outlen, gcm_pt, sizeof(gcm_pt));

    /* print result */
    BIO_dump_fp(stdout, outbuf, outlen);

    EVP_EncryptFinal_ex(ctx, outbuf, &outlen);
    EVP_CIPHER_CTX_free(ctx);
}

int main(int argc, char **argv)  {
    aes_gcm_encrypt(true, true);
    aes_gcm_encrypt(true, false);
    aes_gcm_encrypt(false, true);
    aes_gcm_encrypt(false, false);
 }

The test tries to encrypt the same data as in the ruby test above, with IV set before / after the key and with or without the pre-initialization of the key. Compiling and running the test reveals the following:

init key, iv before key:
0000 - 4e 5f c7 7e 45 a9 c2 80-72 79 84 73 e8 cc f8 c8   N_.~E...ry.s....
0010 - 8a                                                .
no init key, iv before key:
0000 - fb 82 32 9f b4 52 0c a8-a6 4d 08 b4 4b 78 27 e7   ..2..R...M..Kx'.
0010 - c1                                                .
init key, iv after  key:
0000 - fb 82 32 9f b4 52 0c a8-a6 4d 08 b4 4b 78 27 e7   ..2..R...M..Kx'.
0010 - c1                                                .
no init key, iv after  key:
0000 - fb 82 32 9f b4 52 0c a8-a6 4d 08 b4 4b 78 27 e7   ..2..R...M..Kx'.
0010 - c1

The test shows that when the key pre-initialization (i.e. setting the key to all zeroes when configuring the cipher) is skipped, the IV, even if set before the encryption key, is correctly taken into account. On the other hand, when the pre-initialization takes place, the IV must be set after the key for the data to be encrypted correctly. I have not experienced any seg-faults when not preinitializing the key (a warning about this is present in the comment above the preinitialization code). I compiled and tested the code above against master branch of openssl as well as openssl-1.0.1f with the same results.

Overall, this behavior seems to me like a bug. Nowhere in the ruby-openssl documentation I have found any mention about the order of setting IV vs key being relevant for the encryption process. I believe this should perhaps be more explicitly documented, because accidental setting IVs before keys with GCM algorithms would lead to a severe weakening of the whole encryption, without the user being warned in any way.

What do you think? Let me know if you need further info and thanks!

Could not find a valid gem 'openssl'

Tried to use gem 'openssl' in Gemfile., but got error:

ERROR: Could not find a valid gem 'openssl' (>= 0) in any repository

Checked on rubygems.org and there is no openssl gem. There are many others, but not this specific.

Is this known issue? Was openssl officially deprecated?

Thanks.

Upstream changes to SSL nonblocking IO operations

Print openssl library version in travis config

I'd like to know exactly which version we've compiled against in the build logs to help with debugging.

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.