diff options
author | Michal Rokos <m.rokos@sh.cvut.cz> | 2002-06-11 00:48:37 +0000 |
---|---|---|
committer | Michal Rokos <m.rokos@sh.cvut.cz> | 2002-06-11 00:48:37 +0000 |
commit | 44ccf5c91fdf223a442cd8418edd42f8db6bddba (patch) | |
tree | da449acc1e40d223eab8942d1f91d96e709abee8 | |
parent | 416323fd522a3118b293589d128faa7de7323600 (diff) | |
download | ruby-openssl-history-44ccf5c91fdf223a442cd8418edd42f8db6bddba.tar.gz |
New debug interface that can be directed from Ruby-space
-rw-r--r-- | ChangeLog | 10 | ||||
-rw-r--r-- | examples/0cert.pem | 36 | ||||
-rw-r--r-- | examples/0key.pem | 52 | ||||
-rw-r--r-- | extconf.rb | 1 | ||||
-rw-r--r-- | ossl.c | 71 | ||||
-rw-r--r-- | ossl.h | 36 | ||||
-rw-r--r-- | ossl_bn.c | 2 | ||||
-rw-r--r-- | ossl_pkcs7.c | 3 | ||||
-rw-r--r-- | ossl_pkey.c | 4 | ||||
-rw-r--r-- | ossl_pkey_dsa.c | 2 | ||||
-rw-r--r-- | ossl_ssl.c | 7 | ||||
-rw-r--r-- | ossl_x509cert.c | 13 |
12 files changed, 152 insertions, 85 deletions
@@ -3,6 +3,16 @@ ChangeLog for ### CHANGE LOG ### +Tue, 11 Jun 2002 02:42:25 +0200 -- Michal Rokos <m.rokos@sh.cvut.cz> + * extconf.rb: Check for unistd.h + * ssl.c: include <unistd.h> is avaible (needed for read(), write()) + * ossl.c: drop RTESTs + * bn.c: ditto. + * pkey.c: ditto. + * ossl.c: new debug interface that can be enabled/disabled from Ruby-space via OpenSSL::debug= method + * ossl.c: implemented new ossl_raise (for C-space) + * ossl.h: implemented new OSSL_Debug (for C-space) + Mon, 10 Jun 2002 10:35:56 +0200 -- Michal Rokos <m.rokos@sh.cvut.cz> * pkey.c: implemented #sign and #verify for PKey * pkey.rb: deleted (funcs implemented in C-space (pkey.c)) diff --git a/examples/0cert.pem b/examples/0cert.pem index 9e2f89b..352ac93 100644 --- a/examples/0cert.pem +++ b/examples/0cert.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- MIIDjzCCAnegAwIBAgIBADANBgkqhkiG9w0BAQUFADAtMQ8wDQYDVQQDEwZSdWJ5 -Q0ExCzAJBgNVBAYTAkNaMQ0wCwYDVQQKEwRSdWJ5MB4XDTAyMDYwODEyMDU1NFoX -DTA0MDYwNzEyMDU1NFowLTEPMA0GA1UEAxMGUnVieUNBMQswCQYDVQQGEwJDWjEN -MAsGA1UEChMEUnVieTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALSV -myZ3vSi1rbWecUBVwoImRmFJDDT6wTY/8hkbqNGEm5Wa/nvjCcg9b39/qCtUgz7m -hu6LUicZgoFK2g4UAaeQPvXuYjSM4V3hWrURt8GUKsRaqkU92+yFAXybN3A8O8Ed -7b8U75VEBT4296+4DIhNUo7WY1kYWnIAf7p89dhynzhkGH6L/m17Hn9xUb362vf3 -J6RWbH10+00D7LP0RIKM1GTm5biL+V3YG0cG0ax/7dyu/7bn0oukj0RJGHqLOcjt -a8+Qhdj7HBvMSwR6DZNCyBxpRFm/scTLgEsMvwkK8pGFKhZ/E0hCbp4w8qpPY9cv -t56lkCk4f406SMOxtV0CAwEAAaOBuTCBtjAPBgNVHRMECDAGAQH/AgEAMC0GCWCG +Q0ExCzAJBgNVBAYTAkNaMQ0wCwYDVQQKEwRSdWJ5MB4XDTAyMDYxMTAwMjIyMVoX +DTA0MDYxMDAwMjIyMVowLTEPMA0GA1UEAxMGUnVieUNBMQswCQYDVQQGEwJDWjEN +MAsGA1UEChMEUnVieTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKci +NrSlcXfcNCFqeQK6qwFFCXLif35Zq52tJu0zTG5Jh3aSfLjDxgCsK+/b4AEjVdGy +a/c/Xn+P8zeiXaw7xUBRffk0SCkM15J0+lJtB+LwImLD7mFvwfwMd0lEgm+Aa8ua +BfChQ82bp1oJimqVx2n1zPuf2l6TZ4gvtgFnARViBMUUNCvMW/2CWjzEAMHmfC9A +c4DbySNbWiRswS6QmaIurC0oWsVinXkBycPURuyN3nBZ5QdWxC5gMnpFf+tv5wPF +rM0i7n7Rw9z0cmveY+bjB2V+2+InkLt9Xv8TUNwVnJHLV/3ADAy9uo6okl8z+lkF +zbaDai9ZB+phbUIcwj0CAwEAAaOBuTCBtjAPBgNVHRMECDAGAQH/AgEAMC0GCWCG SAGG+EIBDQQgFh5HZW5lcmF0ZWQgYnkgT3BlblNTTCBmb3IgUnVieS4wHQYDVR0O -BBYEFOwz7N8WJ3wEitrT7P7iv1nlAD21MFUGA1UdIwROMEyAFOwz7N8WJ3wEitrT -7P7iv1nlAD21oTGkLzAtMQ8wDQYDVQQDEwZSdWJ5Q0ExCzAJBgNVBAYTAkNaMQ0w -CwYDVQQKEwRSdWJ5ggEAMA0GCSqGSIb3DQEBBQUAA4IBAQA3F4AS+tjDw08kHb1U -ukLrc+krNmoKIEt5DUCeS/SX9YAU3E4/Q/A/d9ODqVrufO2J+Ecb5iNSRPO6iahW -SCSKsNw/c7BDV+rHmxXsyL53Re9rq5M5tuo069Ivpz553UpuwjtDl+TeOkLYzlO9 -c5nOodqc+CPYCAWFPjJgv9hjLg4F3I2MYgxysmcq2RZenUA2K3IENIUx1NvjgB38 -Dl/DtXVOGB9EjSQmTkkfT6WMrxdqMPOl14vmWpzREA/7oW3+uQ6vn5fibjDNnYcj -TgKryZlUTtN6cHbVP4HHlVS0N3m0Qa4+c+dPmJne4TM7cc9fA1P6EwSlb7fCjNmq -aFzT +BBYEFLHxJLK7zX2SsKmeVuu5HjqO4ZRVMFUGA1UdIwROMEyAFLHxJLK7zX2SsKme +Vuu5HjqO4ZRVoTGkLzAtMQ8wDQYDVQQDEwZSdWJ5Q0ExCzAJBgNVBAYTAkNaMQ0w +CwYDVQQKEwRSdWJ5ggEAMA0GCSqGSIb3DQEBBQUAA4IBAQB3Q6imSTND0vr3cZne +ehgdzT8T0O7TrwA3MKN+HhLL+utgQw7x58OdJamnNPi/8m0vOkHEr13Cb+Rco3yl +TEJgEJehXic1/SxxNq/2H2VC7/5EWv1McukrCNIU6pq/T/mbF79wwc0WiPf2zB7S +Okwnv2Dfg0vaOdWEGwS1qKyWK8Pz49pzLGtmOlrYxN2pDeWeCbOejCjLHrm884pR +xAvNvv2m3Mil9dMVTtnw41nZj/olTh23cgACZqNYgCZ2YHO8WY3ysYORsBb4viRK +gZtma+CWP8FEHWA0QaSzljMM/6ME7sYiHALUP1+36UIhaEUfkJmsUqtmyNeHGnZf +BW7A -----END CERTIFICATE----- diff --git a/examples/0key.pem b/examples/0key.pem index 90fa62e..a6ef891 100644 --- a/examples/0key.pem +++ b/examples/0key.pem @@ -1,30 +1,30 @@ -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED -DEK-Info: DES-EDE3-CBC,14392D9C8242FF89 +DEK-Info: DES-EDE3-CBC,87454D4F89D679DC -cBP9x8ZpD2mx2o94A9Qj/KDa174Mbp4+x2ZsTcfYlJ0T5TYpgf5VibW01nhFnNwU -XI4Pyj/U3lAJd/agoJfncB8OEBsJIY6rzV36B7mHJ/B2LbabUCnt9/4cIZoLyF31 -pFXf7X8NlutEFZs1o5IYcOwv24CgIShZNymRjR0K1Xt2S78uOWVaYxviepJIcAqy -wQfrOvvbIv1Y0GX5rdMpX8KV/jMym04DxXiiPL6D8Z1VdlieNDTZvXnicM6Xfy3E -8Ai90iR7aQrxUysJzgjhsbj771y+O2KTJLXjhOEUeHR7VTNS/jtkurS1X+ieAGIE -VIvUINsEaOb27r6JUcp5IFLntwSuddMurM7rjVzGNeU7pV2aGtN3YJni6FHhhe9x -tt/lSTN/Gm42zJvClm/TRZBkQ2PLvKtbqD/eWNUG9t0rLaHGcIZt3tOrI5N8+0M3 -fqAqoVj8jJsTpNwjXwTq5D4rM2E4GLkIcK0ZIvBFaJB0u0Uc3uJQwojOESjvQzQ6 -H7kQkl391gLSS1jwnz5gam+QLFZdZVcF5TJQzqbjB5Aved66uCOloQZSJtsrpzal -VYkbUnCoJ9Bv3tF/9NTi3C9NcklIcESDcSvThgP9q7O/M44k4KYljtYOJAQuPyjS -nabpN/wGP4aHWaNGVaHPuBhQyABo/O1V6yu/Kf2FERxo24TfX0ONlCZzUebmdSDE -KdJiNcm1rhUtNWNqPFqGhjAm8lyl7yaPkIlwg7sKeqLlSm2W/FZXBkSwduIrcwi2 -uDB8ZhXENF9BytoDl1GfZLZGU78LU7hUEfYxP02Tep9pdKP3L/C3hXFzgTyfTNUy -8pHm2fiPmEYdGWamovVJXjvRfU92SA5x3tS5j2c4B0mPMyFU2bGLM9C+gO5QclTB -KAKzYtNfmsK719jm7ZuoH6HpOqyCU5nZM3LXB7js6jNVr4BXcc0E8rPxGQ6OlGO0 -S9P3bDn3L1Meoyja/HM42aHwKD1nUTJF51raTumPlGGuNOpiuakcImHNR9IlxQ0Y -7fZ/2IgyAlNFWwoFagTzjtpQxt678Oly+NeHhHa8Mhjb9xwSKd0N7HWEwyZjgsKR -MP0g9MUHa0BJ77KD6+/HAV248z0G0CnJbOcayo9R9zLUEpNk1eOZQ6+5L9wixlLk -IrP4aU4Sx2av0cx4LnYcIv1nywp0yvcSBzaVFq0TSFoJnPLgDKQvLsS791R2PnNl -Uhc7YP6VXi1/ClkCPenZIxrV+GDT17tjvH7PRIVE5M7FQUWXwAW0VHW4Uu3OaUtQ -xAcwtmVW2YXzr8qVfZ21DfvtwrkpYKxOxewdWieEei6EDPqmLKnJKZl1JQOPRvU5 -4dAjuBfYgbGoTF+TfKwkYyC6kKlxKrNsAv0OPj0vhSeEFnvEzVG5RKMfds4MWlVD -oQoTnbYKEpYQtHlqwfoE00xvc+ki2dsLrTfCO/MPOfPmTgCQGtWC/NrusruGm7j1 -G56zm/kHNg10EkOmmW7aHY6J4DlHd2TvPRoftESrKOfyjQUnYT5dDJ6vhsUZWA9C -RqbOrAqEcG/o39RBkOgDoxCezd47dDNpcmELohP0jD5IAABjnRa+PA== +HWZxOMvENKCdQx1P6UiEfHRwynLUEyJSo1aCRv5Viqya1EFsAEqnzkLEYogR1yei +GFjRb4m9xUlzPYbwhdf/XauUgCSQBxAN8dIOVQUwwqzeNBtSY/iMZDM/OYowzlvT +cniCHFK4Mj013d5PpdMQtdUViIIxrenAqbwnTmsc0eItySENnsqBRqunHFCB5V04 +eqrkc+X458thV3faMbIfOcbprDiqvzonUV0Na7T/y0iPFwj/UDUa+iZat/oQnno5 +umoJOqHoeAXh1RdnEh6A9gqmmYZs7W/KiLoOGhx0Pq9NmkHgqAeHzduIqUnqe1Rj +0xlKj2QzGoZRAE34vwlBWK4HeXl12I6B+VBOohqJTHnearspncPnkdZnntRtIMoL +5pIEqQoKUAmNSF/GaoAj6gyH37OSgIzU5VaGQ/J2Rx7Y/A9bjW7FHQnJRWdkOcRz +2LO+CpAzmfZ7ecPe2woUcjQ9iltweVRl53PM+M6wFbeVcahtOD3gDiIWuYS8Kc1J +zYxI3y2FjfsM9tcO6Ru0Hgp285sXudZcRdtB2CWDN/7khZyFlD8z6pgacyJ5ZtnI +qSQc28luPvna2fGgGJkOvfSbOCzisik85Az9qcdUtEV56i+i6I1euKoBJ+WNulos +yzGl82+6CDGG8IRmVAv8R/Ao2e2stPEYf8XBGb1qW6xnR87P07RAyvsfkiiaYhEK +oSajMTW88F8dvLxsxIncbS+eiodV7XBgyYeEK32q3uyMVgFWWTxMjZ7FPh8Hjl9v +9Rcb4Pd2mD7+89uk+VB+erKgyw/NfD/88Es5VBz9/ZRhEAYpIHjBmNb7pak1ZrDn +GNrwHX1sudH+h+CnI3jnSd5oLuIgol9aZ8OPwo68p0c2Q4MYMWMF1OnWTt82SM8N +FHPsod1jgeMuGOoH2/pmLFaxtPT6qGkXvDzeUOsHGaB8MQxEasI5lq2gL05GoyBC ++wjneaK2rbcqKRBGco4it+VoigOlRT7XwNVxFdPKAjM9uJ0AoTBpd8ol1+/DHOIA +sOQWDQqjXwgGiwzgL5PyFy7+CM30g+cNPaeKsiF9UCa44f4ZPgLvfZIdDnhks399 +s7nbyhfZKoQMnFuhOT7U5VK/fV6EBymXzNwQje3uHYa2JI+Vk8E6V5JpiRdbOByf +ilnSsMn9EHWFgeqPmQMHZPACd7RcpfxQAEY8ShwKvMABhd1NKNNToZieB2i4nQfT +xJw0j2qZCQhpA+biXxmd18XIc/bGlwOMQf4DCemKs31UyUQF9PS87me3Kih8KGKd +HKygp3fea11LbhBzQROf1QNCzOegPKcMUAjA+YAZKt4ziPs1KwBKKEhJmTrlHx8T +rfaAFneuoW1gP2sxIMF8BMH6TF6Vr034tMKtYLTHhjRTHkqCKsn4clghQ8NOTQBM +7ZE8O3J67J99pwhRfs6dKmjsupl99E6Rmf4hNsCXx/evqQPkWvJQ3fs23TxvErOw +haNUPiw0k80vEOQUPTUT1Oxekb3gi3LGYeZ/wCG9ishjjWw4JrtwpG9PgNMhkeT9 +ZwR5RccP8MmZvIDzOA/lxYb5E/qxS/ooE5dtJe3D8/VvFxka87tRmg== -----END RSA PRIVATE KEY----- @@ -26,6 +26,7 @@ end dir_config("openssl") +have_header("unistd.h") have_func("strptime", "time.h") ## @@ -16,6 +16,7 @@ #endif #include "ossl.h" +#include <stdarg.h> /* for ossl_raise */ /* * On Windows platform there is no strptime function @@ -31,7 +32,7 @@ void ossl_check_kind(VALUE obj, VALUE klass) { - if (!RTEST(rb_obj_is_kind_of(obj, klass))) { + if (rb_obj_is_kind_of(obj, klass) != Qtrue) { rb_raise(rb_eTypeError, "wrong argument (%s)! (Expected kind of %s)", \ rb_class2name(CLASS_OF(obj)), rb_class2name(klass)); } @@ -40,7 +41,7 @@ ossl_check_kind(VALUE obj, VALUE klass) void ossl_check_instance(VALUE obj, VALUE klass) { - if (!RTEST(rb_obj_is_instance_of(obj, klass))) { + if (rb_obj_is_instance_of(obj, klass) != Qtrue) { rb_raise(rb_eTypeError, "wrong argument (%s)! (Expected instance of %s)",\ rb_class2name(CLASS_OF(obj)), rb_class2name(klass)); } @@ -133,14 +134,65 @@ VALUE mOSSL; VALUE eOSSLError; /* + * Errors + */ +void +ossl_raise(VALUE exc, const char *fmt, ...) +{ + va_list args; + char buf[BUFSIZ]; + int len; + long e = ERR_get_error(); + + va_start(args, fmt); + len = vsnprintf(buf, BUFSIZ, fmt, args); + va_end(args); + + if (e) { + if (dOSSL == Qtrue) { /* FULL INFO */ + len += snprintf(buf + len, BUFSIZ - len, ":%s", ERR_error_string(e, NULL)); + } else { + len += snprintf(buf + len, BUFSIZ - len, ":%s", ERR_reason_error_string(e)); + } + } + rb_exc_raise(rb_exc_new(exc, buf, len)); +} + +/* + * Debug + */ +VALUE dOSSL; + +static VALUE +ossl_debug_get(VALUE self) +{ + return dOSSL; +} + +static VALUE +ossl_debug_set(VALUE self, VALUE val) +{ + VALUE old = dOSSL; + dOSSL = val; + + if (old != dOSSL) { + if (dOSSL == Qtrue) { + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + fprintf(stderr, "OSSL_DEBUG: IS NOW ON!\n"); + } else if (old == Qtrue) { + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF); + fprintf(stderr, "OSSL_DEBUG: IS NOW OFF!\n"); + } + } + return val; +} + +/* * OSSL library init */ void Init_openssl() { -#if defined(OSSL_DEBUG) - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); -#endif /* * Init all digests, ciphers */ @@ -163,7 +215,14 @@ Init_openssl() * common for all classes under OpenSSL module */ eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); - + + /* + * Init debug core + */ + dOSSL = Qfalse; + rb_define_module_function(mOSSL, "debug", ossl_debug_get, 0); + rb_define_module_function(mOSSL, "debug=", ossl_debug_set, 1); + /* * Init components */ @@ -91,26 +91,22 @@ int string2hex(char *, int, char **, int *); * ERRor messages */ #define OSSL_ErrMsg() \ - ERR_error_string(ERR_get_error(), NULL) - -#if defined(OSSL_DEBUG) -# define OSSL_Raise(klass, text) \ - rb_raise(klass, "%s%s [in '%s', ('%s':%d)]", \ - text, OSSL_ErrMsg(), __func__, __FILE__, __LINE__) -# define OSSL_Warn(text) \ - rb_warn("%s%s [in '%s', ('%s':%d)]", \ - text, OSSL_ErrMsg(), __func__, __FILE__, __LINE__) -# define OSSL_Warning(text) \ - rb_warning("%s%s [in '%s', ('%s':%d)]", \ - text, OSSL_ErrMsg(), __func__, __FILE__, __LINE__) -#else /* OSSL_DEBUG */ -# define OSSL_Raise(klass, text) \ - rb_raise(klass, "%s%s", text, OSSL_ErrMsg()) -# define OSSL_Warn(text) \ - rb_warn("%s%s", text, OSSL_ErrMsg()) -# define OSSL_Warning(text) \ - rb_warning("%s%s", text, OSSL_ErrMsg()) -#endif /* OSSL_DEBUG */ + ERR_reason_error_string(ERR_get_error()) + +void ossl_raise(VALUE, const char *, ...); +#define OSSL_Raise ossl_raise + +/* + * Debug + */ +extern VALUE dOSSL; +#define OSSL_Debug(args...) do { \ + if (dOSSL == Qtrue) { \ + fprintf(stderr, "OSSL_DEBUG: "); \ + fprintf(stderr, args); \ + fprintf(stderr, " [in %s (%s:%d)]\n", __func__, __FILE__, __LINE__); \ + } \ +} while (0) /* * Include all parts @@ -93,7 +93,7 @@ ossl_bn_initialize(int argc, VALUE *argv, VALUE self) if (rb_scan_args(argc, argv, "11", &str, &bs) == 2) { base = NUM2INT(bs); } - if (RTEST(rb_obj_is_kind_of(str, cBN))) { + if (rb_obj_is_kind_of(str, cBN) == Qtrue) { BIGNUM *other; GetBN(str, other); /* Safe - we checked kind_of? above */ diff --git a/ossl_pkcs7.c b/ossl_pkcs7.c index b55fd98..a444156 100644 --- a/ossl_pkcs7.c +++ b/ossl_pkcs7.c @@ -386,8 +386,9 @@ ossl_pkcs7_data_verify(int argc, VALUE *argv, VALUE self) for (i=0; i<sk_PKCS7_SIGNER_INFO_num(sk); i++) { si = sk_PKCS7_SIGNER_INFO_value(sk, i); result = PKCS7_dataVerify(store, &ctx, bio, pkcs7, si); + if (result <= 0) { - OSSL_Warning("PKCS7::PKCS7.verify_data():"); + OSSL_Debug("result < 0! (%s)", OSSL_ErrMsg()); return Qfalse; } diff --git a/ossl_pkey.c b/ossl_pkey.c index 5737b53..795492f 100644 --- a/ossl_pkey.c +++ b/ossl_pkey.c @@ -90,7 +90,7 @@ GetPrivPKeyPtr(VALUE obj) SafeGetPKey(obj, pkey); - if (RTEST(rb_funcall(obj, id_private_q, 0, NULL))) { /* returns Qtrue */ + if (rb_funcall(obj, id_private_q, 0, NULL) == Qtrue) { /* returns Qtrue */ return pkey; } rb_raise(rb_eArgError, "Private key is needed."); @@ -105,7 +105,7 @@ DupPrivPKeyPtr(VALUE obj) SafeGetPKey(obj, pkey); - if (RTEST(rb_funcall(obj, id_private_q, 0, NULL))) { /* returns Qtrue */ + if (rb_funcall(obj, id_private_q, 0, NULL) = Qtrue) { /* returns Qtrue */ CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); return pkey; } diff --git a/ossl_pkey_dsa.c b/ossl_pkey_dsa.c index 7a69cdc..bca45f2 100644 --- a/ossl_pkey_dsa.c +++ b/ossl_pkey_dsa.c @@ -326,7 +326,7 @@ ossl_dsa_verify(VALUE self, VALUE digest, VALUE sig) StringValue(digest); StringValue(sig); - ret = DSA_verify(0, RSTRING(digest)->ptr, RSTRING(digest)->len, RSTRING(sig)->ptr, RSTRING(sig)->len, pkey->pkey.dsa); /*type = 0*/ + ret = DSA_verify(0, RSTRING(digest)->ptr, RSTRING(digest)->len, RSTRING(sig)->ptr, RSTRING(sig)->len, pkey->pkey.dsa); /* type is ignored (0) */ if (ret < 0) { OSSL_Raise(eDSAError, ""); @@ -32,7 +32,10 @@ #include "ossl.h" #include <rubysig.h> #include <rubyio.h> -#include <unistd.h> /* for read(), and write() */ + +#if defined(HAVE_UNISTD_H) +# include <unistd.h> /* for read(), and write() */ +#endif #define numberof(ary) (sizeof(ary)/sizeof((ary)[0])) @@ -209,7 +212,7 @@ ssl_ctx_setup(VALUE self) } if ((!SSL_CTX_load_verify_locations(p->ctx, ca_file, ca_path) || !SSL_CTX_set_default_verify_paths(p->ctx))) { - OSSL_Warning("can't set verify locations"); + rb_warning("can't set verify locations"); } val = ssl_get_verify_mode(self); diff --git a/ossl_x509cert.c b/ossl_x509cert.c index 492bd65..3b32355 100644 --- a/ossl_x509cert.c +++ b/ossl_x509cert.c @@ -445,13 +445,10 @@ static VALUE ossl_x509_set_public_key(VALUE self, VALUE key) { X509 *x509; - EVP_PKEY *pkey; GetX509(self, x509); - pkey = GetPKeyPtr(key); /* NO NEED TO DUP! */ - - if (!X509_set_pubkey(x509, pkey)) { /* DUPs pkey - FREE it */ + if (!X509_set_pubkey(x509, GetPKeyPtr(key))) { /* DUPs pkey */ OSSL_Raise(eX509CertError, ""); } return key; @@ -513,7 +510,7 @@ ossl_x509_check_private_key(VALUE self, VALUE key) pkey = GetPrivPKeyPtr(key); /* NO NEED TO DUP */ if (!X509_check_private_key(x509, pkey)) { - OSSL_Warning("Check private key:"); + rb_warning("Check private key:%s", OSSL_ErrMsg()); return Qfalse; } return Qtrue; @@ -534,11 +531,11 @@ ossl_x509_get_extensions(VALUE self) count = X509_get_ext_count(x509); - if (count > 0) { - ary = rb_ary_new2(count); - } else { + if (count < 0) { return rb_ary_new(); } + ary = rb_ary_new2(count); + for (i=0; i<count; i++) { ext = X509_get_ext(x509, i); /* NO DUP - don't free! */ rb_ary_push(ary, ossl_x509ext_new(ext)); |