diff options
| author | Michal Rokos <m.rokos@sh.cvut.cz> | 2002-01-12 11:49:01 +0000 |
|---|---|---|
| committer | Michal Rokos <m.rokos@sh.cvut.cz> | 2002-01-12 11:49:01 +0000 |
| commit | 00aaf208f74d5933a2bb67604a30290b9e1a530a (patch) | |
| tree | 6e31d44daa11c67cd5e849493dd9503f38d14219 | |
| parent | 122bbe51a8d137fdc1cb16e762bf516c2a9255cb (diff) | |
| download | ruby-openssl-history-00aaf208f74d5933a2bb67604a30290b9e1a530a.tar.gz | |
* fixed callbacks in ossl_(ssl|x509store).c
* added method X509::Store#verify_status=
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | ossl_ssl.c | 5 | ||||
| -rw-r--r-- | ossl_x509store.c | 34 |
3 files changed, 38 insertions, 5 deletions
@@ -4,6 +4,10 @@ Copyright (C) 2001 Michal Rokos <m.rokos@sh.cvut.cz> All rights reserved. $Log$ +Revision 1.24 2002/01/12 11:49:17 majkl + * fixed callbacks in ossl_(ssl|x509store).c + * added method X509::Store#verify_status= + Revision 1.23 2002/01/10 19:32:23 majkl * fixed and improved verify_callbacks in ossl_(ssl|x509store).c * enhanced ossl_x509store.rb examples @@ -152,10 +152,11 @@ ssl_verify_callback(int ok, X509_STORE_CTX *ctx) if (ret == Qtrue) { ok = 1; - ctx->error = X509_V_OK; + X509_STORE_CTX_set_error(ctx, X509_V_OK); } else { ok = 0; - ctx->error = X509_V_ERR_CERT_REJECTED; + if (X509_STORE_CTX_get_error(ctx) == X509_V_OK) + X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_REJECTED); } } diff --git a/ossl_x509store.c b/ossl_x509store.c index 994d20f..ed8552f 100644 --- a/ossl_x509store.c +++ b/ossl_x509store.c @@ -29,7 +29,7 @@ VALUE eX509StoreError; /* * General callback for OpenSSL verify */ -int ossl_x509store_verify_cb(int, X509_STORE_CTX *); +int MS_CALLBACK ossl_x509store_verify_cb(int, X509_STORE_CTX *); /* * Struct @@ -305,10 +305,11 @@ ossl_x509store_verify_cb(int ok, X509_STORE_CTX *ctx) if (ret == Qtrue) { ok = 1; - ctx->error = X509_V_OK; + X509_STORE_CTX_set_error(ctx, X509_V_OK); } else { ok = 0; - ctx->error = X509_V_ERR_CERT_REJECTED; + if (X509_STORE_CTX_get_error(ctx) == X509_V_OK) + X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_REJECTED); } } @@ -345,6 +346,18 @@ ossl_x509store_get_verify_status(VALUE self) return INT2FIX(X509_STORE_CTX_get_error(storep->store)); } +static VALUE +ossl_x509store_set_verify_status(VALUE self, VALUE err) +{ + ossl_x509strore *storep = NULL; + + GetX509Store(self, storep); + + X509_STORE_CTX_set_error(storep->store, FIX2INT(err)); + + return err; +} + static VALUE ossl_x509store_get_verify_message(VALUE self) { @@ -432,6 +445,18 @@ ossl_x509store_set_verify_cb(VALUE self, VALUE proc) return proc; } +static VALUE +ossl_x509store_cleanup(VALUE self) +{ + ossl_x509store *storep = NULL; + + GetX509Store(self, storep); + + X509_STORE_CTX_cleanup(storep->store); + + return self; +} + /* * INIT */ @@ -457,6 +482,7 @@ Init_ossl_x509store(VALUE module) rb_define_method(cX509Store, "verify", ossl_x509store_verify, 1); rb_define_method(cX509Store, "verify_status", ossl_x509store_get_verify_status, 0); + rb_define_method(cX509Store, "verify_status=", ossl_x509store_set_verify_status, 1); rb_define_method(cX509Store, "verify_message", ossl_x509store_get_verify_message, 0); rb_define_method(cX509Store, "verify_depth", ossl_x509store_get_verify_depth, 0); rb_define_method(cX509Store, "chain", ossl_x509store_get_chain, 0); @@ -464,6 +490,8 @@ Init_ossl_x509store(VALUE module) rb_define_method(cX509Store, "protect", ossl_x509store_protect, 0); rb_define_method(cX509Store, "set_default_paths", ossl_x509store_set_default_paths, 0); rb_define_method(cX509Store, "load_locations", ossl_x509store_load_locations, 1); + + rb_define_method(cX509Store, "cleanup!", ossl_x509store_cleanup, 0); #define DefX509StoreConst(x) rb_define_const(cX509Store, #x, INT2FIX(X509_V_ERR_##x)) |