From dc5bbbc5f0892d37bf947339997e10917992038f Mon Sep 17 00:00:00 2001
From: Kazuki Yamaguchi <k@rhe.jp>
Date: Fri, 8 Dec 2017 14:17:17 +0900
Subject: [PATCH 1/4] ssl: remove unreachable code

GetSSLCTX() never returns NULL.
---
 ext/openssl/ossl_ssl.c | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c
index 736f49243..c6bfb8312 100644
--- a/ext/openssl/ossl_ssl.c
+++ b/ext/openssl/ossl_ssl.c
@@ -996,12 +996,7 @@ ossl_sslctx_get_ciphers(VALUE self)
     int i, num;
 
     GetSSLCTX(self, ctx);
-    if(!ctx){
-        rb_warning("SSL_CTX is not initialized.");
-        return Qnil;
-    }
     ciphers = SSL_CTX_get_ciphers(ctx);
-
     if (!ciphers)
         return rb_ary_new();
 
@@ -1049,10 +1044,6 @@ ossl_sslctx_set_ciphers(VALUE self, VALUE v)
     }
 
     GetSSLCTX(self, ctx);
-    if(!ctx){
-        ossl_raise(eSSLError, "SSL_CTX is not initialized.");
-        return Qnil;
-    }
     if (!SSL_CTX_set_cipher_list(ctx, StringValueCStr(str))) {
         ossl_raise(eSSLError, "SSL_CTX_set_cipher_list");
     }

From c68ea3b77ec5b665d9db47e2b5787bfb7bcc16fd Mon Sep 17 00:00:00 2001
From: Kazuki Yamaguchi <k@rhe.jp>
Date: Thu, 14 Dec 2017 16:55:50 +0900
Subject: [PATCH 2/4] asn1: fix docs

The value of 'value' attribute of OpenSSL::ASN1::{Integer,Enumerated}
should be an instance of OpenSSL::BN.

Reference: https://github.com/ruby/openssl/issues/176
---
 ext/openssl/ossl_asn1.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ext/openssl/ossl_asn1.c b/ext/openssl/ossl_asn1.c
index 1d3ee4ac1..022559733 100644
--- a/ext/openssl/ossl_asn1.c
+++ b/ext/openssl/ossl_asn1.c
@@ -1718,12 +1718,12 @@ Init_ossl_asn1(void)
      * == Primitive sub-classes and their mapping to Ruby classes
      * * OpenSSL::ASN1::EndOfContent    <=> +value+ is always +nil+
      * * OpenSSL::ASN1::Boolean         <=> +value+ is a +Boolean+
-     * * OpenSSL::ASN1::Integer         <=> +value+ is a +Number+
+     * * OpenSSL::ASN1::Integer         <=> +value+ is an OpenSSL::BN
      * * OpenSSL::ASN1::BitString       <=> +value+ is a +String+
      * * OpenSSL::ASN1::OctetString     <=> +value+ is a +String+
      * * OpenSSL::ASN1::Null            <=> +value+ is always +nil+
      * * OpenSSL::ASN1::Object          <=> +value+ is a +String+
-     * * OpenSSL::ASN1::Enumerated      <=> +value+ is a +Number+
+     * * OpenSSL::ASN1::Enumerated      <=> +value+ is an OpenSSL::BN
      * * OpenSSL::ASN1::UTF8String      <=> +value+ is a +String+
      * * OpenSSL::ASN1::NumericString   <=> +value+ is a +String+
      * * OpenSSL::ASN1::PrintableString <=> +value+ is a +String+

From 44294c43425be1af44e5de6d9a879cdbba1c6f33 Mon Sep 17 00:00:00 2001
From: Kazuki Yamaguchi <k@rhe.jp>
Date: Thu, 14 Dec 2017 18:02:15 +0900
Subject: [PATCH 3/4] Ruby/OpenSSL 2.0.7

---
 History.md                 | 15 +++++++++++++++
 ext/openssl/ossl_version.h |  2 +-
 openssl.gemspec            |  2 +-
 3 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/History.md b/History.md
index 9569b100a..9cc60caaf 100644
--- a/History.md
+++ b/History.md
@@ -1,3 +1,18 @@
+Version 2.0.7
+=============
+
+Bug fixes
+---------
+
+* OpenSSL::Cipher#auth_data= could segfault if called against a non-AEAD cipher.
+  [[Bug #14024]](https://bugs.ruby-lang.org/issues/14024)
+* OpenSSL::X509::Certificate#public_key= (and similar methods) could segfault
+  when an instance of OpenSSL::PKey::PKey with no public key components is
+  passed.
+  [[Bug #14087]](https://bugs.ruby-lang.org/issues/14087)
+  [[GitHub #168]](https://github.com/ruby/openssl/pull/168)
+
+
 Version 2.0.6
 =============
 
diff --git a/ext/openssl/ossl_version.h b/ext/openssl/ossl_version.h
index 7725bc052..56dfe1d78 100644
--- a/ext/openssl/ossl_version.h
+++ b/ext/openssl/ossl_version.h
@@ -10,6 +10,6 @@
 #if !defined(_OSSL_VERSION_H_)
 #define _OSSL_VERSION_H_
 
-#define OSSL_VERSION "2.0.6"
+#define OSSL_VERSION "2.0.7"
 
 #endif /* _OSSL_VERSION_H_ */
diff --git a/openssl.gemspec b/openssl.gemspec
index 34cef6f18..3138cbca7 100644
--- a/openssl.gemspec
+++ b/openssl.gemspec
@@ -1,6 +1,6 @@
 Gem::Specification.new do |spec|
   spec.name          = "openssl"
-  spec.version       = "2.0.6"
+  spec.version       = "2.0.7"
   spec.authors       = ["Martin Bosslet", "SHIBATA Hiroshi", "Zachary Scott", "Kazuki Yamaguchi"]
   spec.email         = ["ruby-core@ruby-lang.org"]
   spec.summary       = %q{OpenSSL provides SSL, TLS and general purpose cryptography.}

From b8b8f74e95854a8db793d8189952a51e5af53dea Mon Sep 17 00:00:00 2001
From: Kazuki Yamaguchi <k@rhe.jp>
Date: Thu, 14 Dec 2017 18:55:06 +0900
Subject: [PATCH 4/4] Ruby/OpenSSL 2.1.0

---
 History.md      | 7 +++++--
 openssl.gemspec | 2 +-
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/History.md b/History.md
index 3535d3e72..321a51c81 100644
--- a/History.md
+++ b/History.md
@@ -1,5 +1,5 @@
-Version 2.1.0.beta2
-===================
+Version 2.1.0
+=============
 
 Notable changes
 ---------------
@@ -50,6 +50,9 @@ Notable changes
   [[GitHub #169]](https://github.com/ruby/openssl/pull/169)
 * OpenSSL::SSL::SSLContext#add_certificate is added.
   [[GitHub #167]](https://github.com/ruby/openssl/pull/167)
+* OpenSSL::PKey::EC::Point#to_octet_string is added.
+  OpenSSL::PKey::EC::Point.new can now take String as the second argument.
+  [[GitHub #177]](https://github.com/ruby/openssl/pull/177)
 
 
 Version 2.0.7
diff --git a/openssl.gemspec b/openssl.gemspec
index e2968efdd..40525c4a2 100644
--- a/openssl.gemspec
+++ b/openssl.gemspec
@@ -1,6 +1,6 @@
 Gem::Specification.new do |spec|
   spec.name          = "openssl"
-  spec.version       = "2.1.0.beta2"
+  spec.version       = "2.1.0"
   spec.authors       = ["Martin Bosslet", "SHIBATA Hiroshi", "Zachary Scott", "Kazuki Yamaguchi"]
   spec.email         = ["ruby-core@ruby-lang.org"]
   spec.summary       = %q{OpenSSL provides SSL, TLS and general purpose cryptography.}