Calls CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON). Starts tracking memory allocations. See also OpenSSL.print_mem_leaks
.
This is available only when built with a capable OpenSSL
and –enable-debug configure option.
For debugging the Ruby/OpenSSL library. Calls CRYPTO_mem_leaks_fp(stderr). Prints detected memory leaks to standard error. This cleans the global state up thus you cannot use any methods of the library after calling this.
Returns true if leaks detected, false otherwise.
This is available only when built with a capable OpenSSL
and –enable-debug configure option.
OpenSSL.mem_check_start NOT_GCED = OpenSSL::PKey::RSA.new(256) END { GC.start OpenSSL.print_mem_leaks # will print the leakage }
Returns information about the most recent garbage collection.
Set
the default id conversion object.
This is expected to be an instance such as DRb::DRbIdConv
that responds to to_id
and to_obj
that can convert objects to and from DRb
references.
See DRbServer#default_id_conv.
Set
the default id conversion object.
This is expected to be an instance such as DRb::DRbIdConv
that responds to to_id
and to_obj
that can convert objects to and from DRb
references.
See DRbServer#default_id_conv.
This method removes a file system entry path
. path
shall be a regular file, a directory, or something. If path
is a directory, remove it recursively. This method is required to avoid TOCTTOU (time-of-check-to-time-of-use) local security vulnerability of rm_r
. rm_r
causes security hole when:
Parent directory is world writable (including /tmp).
Removing directory tree includes world writable directory.
The system has symbolic link.
To avoid this security hole, this method applies special preprocess. If path
is a directory, this method chown(2) and chmod(2) all removing directories. This requires the current process is the owner of the removing whole directory tree, or is the super user (root).
WARNING: You must ensure that ALL parent directories cannot be moved by other untrusted users. For example, parent directories should not be owned by untrusted users, and should not be world writable except when the sticky bit set.
WARNING: Only the owner of the removing directory tree, or Unix super user (root) should invoke this method. Otherwise this method does not work.
For details of this security vulnerability, see Perl’s case:
For fileutils.rb, this vulnerability is reported in [ruby-dev:26100].
This method removes a file system entry path
. path
shall be a regular file, a directory, or something. If path
is a directory, remove it recursively. This method is required to avoid TOCTTOU (time-of-check-to-time-of-use) local security vulnerability of rm_r
. rm_r
causes security hole when:
Parent directory is world writable (including /tmp).
Removing directory tree includes world writable directory.
The system has symbolic link.
To avoid this security hole, this method applies special preprocess. If path
is a directory, this method chown(2) and chmod(2) all removing directories. This requires the current process is the owner of the removing whole directory tree, or is the super user (root).
WARNING: You must ensure that ALL parent directories cannot be moved by other untrusted users. For example, parent directories should not be owned by untrusted users, and should not be world writable except when the sticky bit set.
WARNING: Only the owner of the removing directory tree, or Unix super user (root) should invoke this method. Otherwise this method does not work.
For details of this security vulnerability, see Perl’s case:
For fileutils.rb, this vulnerability is reported in [ruby-dev:26100].
Shortcut for defining multiple delegator methods, but with no provision for using a different name. The following two code samples have the same effect:
def_delegators :@records, :size, :<<, :map def_delegator :@records, :size def_delegator :@records, :<< def_delegator :@records, :map
Define method
as delegator instance method with an optional alias name ali
. Method
calls to ali
will be delegated to accessor.method
.
class MyQueue extend Forwardable attr_reader :queue def initialize @queue = [] end def_delegator :@queue, :push, :mypush end q = MyQueue.new q.mypush 42 q.queue #=> [42] q.push 23 #=> NoMethodError
Attempts to enter exclusive section. Returns false
if lock fails.
For backward compatibility
See Mutex#try_lock
Quietly ensure the Gem directory dir
contains all the proper subdirectories. If we can’t create a directory due to a permission problem, then we will silently continue.
If mode
is given, missing directories are created with this mode.
World-writable directories will never be created.
Returns a list of paths matching glob
from the latest gems that can be used by a gem to pick up features from other gems. For example:
Gem.find_latest_files('rdoc/discover').each do |path| load path end
if check_load_path
is true (the default), then find_latest_files
also searches $LOAD_PATH for files as well as gems.
Unlike find_files
, find_latest_files
will return only files from the latest version of a gem.
Returns the latest release-version specification for the gem name
.
Returns the latest release version of RubyGems.
Returns the version of the latest release-version of gem name
Register a Gem::Specification
for default gem.
Two formats for the specification are supported:
MRI 2.0 style, where spec.files contains unprefixed require names. The spec’s filenames will be registered as-is.
New style, where spec.files contains files prefixed with paths from spec.require_paths. The prefixes are stripped before registering the spec’s filenames. Unprefixed files are omitted.
locking methods.
locking methods.
Canonical Ordering
Returns the security level for the context.
See also OpenSSL::SSL::SSLContext#security_level=
.
Sets the security level for the context. OpenSSL
limits parameters according to the level. The “parameters” include: ciphersuites, curves, key sizes, certificate signature algorithms, protocol version and so on. For example, level 1 rejects parameters offering below 80 bits of security, such as ciphersuites using MD5 for the MAC or RSA keys shorter than 1024 bits.
Note that attempts to set such parameters with insufficient security are also blocked. You need to lower the level first.
This feature is not supported in OpenSSL
< 1.1.0, and setting the level to other than 0 will raise NotImplementedError
. Level 0 means everything is permitted, the same behavior as previous versions of OpenSSL
.
See the manpage of SSL_CTX_set_security_level(3) for details.
Writes string
to the SSL
connection in a non-blocking manner. Raises an SSLError
if writing would block.