The marshaling library converts collections of Ruby objects into a byte stream, allowing them to be stored outside the currently active script. This data may subsequently be read and the original objects reconstituted.
Marshaled data has major and minor version numbers stored along with the object information. In normal use, marshaling can only load data written with the same major version number and an equal or lower minor version number. If Ruby’s “verbose” flag is set (normally using -d, -v, -w, or –verbose) the major and minor numbers must match exactly. Marshal versioning is independent of Ruby’s version numbers. You can extract the version by reading the first two bytes of marshaled data.
str = Marshal.dump("thing") RUBY_VERSION #=> "1.9.0" str[0].ord #=> 4 str[1].ord #=> 8
Some objects cannot be dumped: if the objects to be dumped include bindings, procedure or method objects, instances of class IO, or singleton objects, a TypeError will be raised.
If your class has special serialization needs (for example, if you want to serialize in some specific format), or if it contains objects that would otherwise not be serializable, you can implement your own serialization strategy.
There are two methods of doing this, your object can define either marshal_dump and marshal_load or _dump and _load. marshal_dump will take precedence over _dump if both are defined. marshal_dump may result in smaller Marshal strings.
By design, Marshal.load can deserialize almost any class loaded into the Ruby process. In many cases this can lead to remote code execution if the Marshal data is loaded from an untrusted source.
As a result, Marshal.load is not suitable as a general purpose serialization format and you should never unmarshal user supplied input or other untrusted data.
If you need to deserialize untrusted data, use JSON or another serialization format that is only able to load simple, ‘primitive’ types such as String, Array, Hash, etc. Never allow user input to specify arbitrary types to deserialize into.
When dumping an object the method marshal_dump will be called. marshal_dump must return a result containing the information necessary for marshal_load to reconstitute the object. The result can be any object.
When loading an object dumped using marshal_dump the object is first allocated then marshal_load is called with the result from marshal_dump. marshal_load must recreate the object from the information in the result.
Example:
class MyObj def initialize name, version, data @name = name @version = version @data = data end def marshal_dump [@name, @version] end def marshal_load array @name, @version = array end end
Use _dump and _load when you need to allocate the object you’re restoring yourself.
When dumping an object the instance method _dump is called with an Integer which indicates the maximum depth of objects to dump (a value of -1 implies that you should disable depth checking). _dump must return a String containing the information necessary to reconstitute the object.
The class method _load should take a String and use it to return an object of the same class.
Example:
class MyObj def initialize name, version, data @name = name @version = version @data = data end def _dump level [@name, @version].join ':' end def self._load args new(*args.split(':')) end end
Since Marshal.dump outputs a string you can have _dump return a Marshal string which is Marshal.loaded in _load for complex objects.
Construct a new BlockCaller object.
ctype is the C type to be returned
args are passed the callback
abi is the abi of the closure
If there is an error in preparing the ffi_cif or ffi_prep_closure, then a RuntimeError will be raised.
include Fiddle cb = Closure::BlockCaller.new(TYPE_INT, [TYPE_INT]) do |one| one end func = Function.new(cb, [TYPE_INT], TYPE_INT)
Creates a new JSON::Ext::Parser instance for the string source.
Creates a new JSON::Ext::Parser instance for the string source.
It will be configured by the opts hash. opts can have the following keys:
opts can have the following keys:
max_nesting: The maximum depth of nesting allowed in the parsed data structures. Disable depth checking with :max_nesting => false|nil|0, it defaults to 100.
allow_nan: If set to true, allow NaN, Infinity and -Infinity in defiance of RFC 4627 to be parsed by the Parser. This option defaults to false.
symbolize_names: If set to true, returns symbols for the names (keys) in a JSON object. Otherwise strings are returned, which is also the default. It’s not possible to use this option in conjunction with the create_additions option.
create_additions: If set to false, the Parser doesn’t create additions even if a matching class and create_id was found. This option defaults to false.
object_class: Defaults to Hash
array_class: Defaults to Array
Creates a new instance of OpenSSL::PKey::DH.
If called without arguments, an empty instance without any parameter or key components is created. Use set_pqg to manually set the parameters afterwards (and optionally set_key to set private and public key components).
If a String is given, tries to parse it as a DER- or PEM- encoded parameters. See also OpenSSL::PKey.read which can parse keys of any kinds.
The DH.new(size [, generator]) form is an alias of DH.generate.
stringA String that contains the DER or PEM encoded key.
sizeSee DH.generate.
generatorSee DH.generate.
Examples:
# Creating an instance from scratch # Note that this is deprecated and will not work on OpenSSL 3.0 or later. dh = OpenSSL::PKey::DH.new dh.set_pqg(bn_p, nil, bn_g) # Generating a parameters and a key pair dh = OpenSSL::PKey::DH.new(2048) # An alias of OpenSSL::PKey::DH.generate(2048) # Reading DH parameters dh_params = OpenSSL::PKey::DH.new(File.read('parameters.pem')) # loads parameters only dh = OpenSSL::PKey.generate_key(dh_params) # generates a key pair
Creates a new DSA instance by reading an existing key from string.
If called without arguments, creates a new instance with no key components set. They can be set individually by set_pqg and set_key.
If called with a String, tries to parse as DER or PEM encoding of a DSA key. See also OpenSSL::PKey.read which can parse keys of any kinds.
If called with a number, generates random parameters and a key pair. This form works as an alias of DSA.generate.
stringA String that contains a DER or PEM encoded key.
passA String that contains an optional password.
sizeSee DSA.generate.
Examples:
p OpenSSL::PKey::DSA.new(1024) #=> #<OpenSSL::PKey::DSA:0x000055a8d6025bf0 oid=DSA> p OpenSSL::PKey::DSA.new(File.read('dsa.pem')) #=> #<OpenSSL::PKey::DSA:0x000055555d6b8110 oid=DSA> p OpenSSL::PKey::DSA.new(File.read('dsa.pem'), 'mypassword') #=> #<OpenSSL::PKey::DSA:0x0000556f973c40b8 oid=DSA>
Creates a new EC object from given arguments.
Generates or loads an RSA keypair.
If called without arguments, creates a new instance with no key components set. They can be set individually by set_key, set_factors, and set_crt_params.
If called with a String, tries to parse as DER or PEM encoding of an RSA key. Note that, if passphrase is not specified but the key is encrypted with a passphrase, OpenSSL will prompt for it. See also OpenSSL::PKey.read which can parse keys of any kinds.
If called with a number, generates a new key pair. This form works as an alias of RSA.generate.
Examples:
OpenSSL::PKey::RSA.new 2048 OpenSSL::PKey::RSA.new File.read 'rsa.pem' OpenSSL::PKey::RSA.new File.read('rsa.pem'), 'my pass phrase'
Creates a new SSL context.
If an argument is given, ssl_version= is called with the value. Note that this form is deprecated. New applications should use min_version= and max_version= as necessary.
Creates a new SSL socket from io which must be a real IO object (not an IO-like object that responds to read/write).
If ctx is provided the SSL Sockets initial params will be taken from the context.
The OpenSSL::Buffering module provides additional IO methods.
This method will freeze the SSLContext if one is provided; however, session management is still allowed in the frozen SSLContext.
Creates a new instance of SSLServer.
srv is an instance of TCPServer.
ctx is an instance of OpenSSL::SSL::SSLContext.
Creates an X509 extension.
The extension may be created from der data or from an extension oid and value. The oid may be either an OID or an extension name. If critical is true the extension is marked critical.
Creates a new Name.
A name may be created from a DER encoded string der, an Array representing a distinguished_name or a distinguished_name along with a template.
name = OpenSSL::X509::Name.new [['CN', 'nobody'], ['DC', 'example']] name = OpenSSL::X509::Name.new name.to_der
See add_entry for a description of the distinguished_name Array’s contents
Sets up a StoreContext for a verification of the X.509 certificate cert.
value: Please have a look at Constructive and Primitive to see how Ruby types are mapped to ASN.1 types and vice versa.
tag: An Integer indicating the tag number.
tag_class: A Symbol indicating the tag class. Please cf. ASN1 for possible values.
asn1_int = OpenSSL::ASN1Data.new(42, 2, :UNIVERSAL) # => Same as OpenSSL::ASN1::Integer.new(42) tagged_int = OpenSSL::ASN1Data.new(42, 0, :CONTEXT_SPECIFIC) # implicitly 0-tagged INTEGER
value: is mandatory.
tag: optional, may be specified for tagged values. If no tag is specified, the UNIVERSAL tag corresponding to the Primitive sub-class is used by default.
tagging: may be used as an encoding hint to encode a value either explicitly or implicitly, see ASN1 for possible values.
tag_class: if tag and tagging are nil then this is set to :UNIVERSAL by default. If either tag or tagging are set then :CONTEXT_SPECIFIC is used as the default. For possible values please cf. ASN1.
int = OpenSSL::ASN1::Integer.new(42) zero_tagged_int = OpenSSL::ASN1::Integer.new(42, 0, :IMPLICIT) private_explicit_zero_tagged_int = OpenSSL::ASN1::Integer.new(42, 0, :EXPLICIT, :PRIVATE)
value: is mandatory.
tag: optional, may be specified for tagged values. If no tag is specified, the UNIVERSAL tag corresponding to the Primitive sub-class is used by default.
tagging: may be used as an encoding hint to encode a value either explicitly or implicitly, see ASN1 for possible values.
tag_class: if tag and tagging are nil then this is set to :UNIVERSAL by default. If either tag or tagging are set then :CONTEXT_SPECIFIC is used as the default. For possible values please cf. ASN1.
int = OpenSSL::ASN1::Integer.new(42) zero_tagged_int = OpenSSL::ASN1::Integer.new(42, 0, :IMPLICIT) private_explicit_zero_tagged_int = OpenSSL::ASN1::Integer.new(42, 0, :EXPLICIT, :PRIVATE)
request - optional raw request, either in PEM or DER format.
Creates a new OpenSSL::OCSP::Request. The request may be created empty or from a request_der string.