diff options
author | GOTOU Yuuzou <gotoyuzo@notwork.org> | 2003-07-14 20:36:57 +0000 |
---|---|---|
committer | GOTOU Yuuzou <gotoyuzo@notwork.org> | 2003-07-14 20:36:57 +0000 |
commit | 6ff2ab3822a53321f2b5f45b4e1d3d5566a24a3b (patch) | |
tree | 48f589b4ec8e556d4de04d850966c41bba961b39 | |
parent | 50938e8704a7c469a8d469e27070ac69cdeb882f (diff) | |
download | ruby-openssl-history-6ff2ab3822a53321f2b5f45b4e1d3d5566a24a3b.tar.gz |
* extconf.rb: should make depend under $srcdir.
* ossl.h: ossl_raise is a NORETURN.
* ossl_ocsp.h: must use GetOCSPBasicRes (osssl_ocspbres_add_nonce).
* ruby_missing.h: should check HAVE_RB_OBJ_INIT_COPY.
(all of above changes were suggested by nobu. thanks.)
* ossl_x509store.c: refine ossl_x509stctx_free.
-rw-r--r-- | ChangeLog | 8 | ||||
-rw-r--r-- | extconf.rb | 5 | ||||
-rw-r--r-- | ossl.h | 2 | ||||
-rw-r--r-- | ossl_ocsp.c | 45 | ||||
-rw-r--r-- | ossl_x509store.c | 20 | ||||
-rw-r--r-- | ruby_missing.h | 2 |
6 files changed, 48 insertions, 34 deletions
@@ -1,3 +1,11 @@ +Tue, 15 Jul 2003 05:27:57 +0900 -- GOTOU Yuuzou <gotoyuzo@notwork.org> + * extconf.rb: should make depend under $srcdir. + * ossl.h: ossl_raise is a NORETURN. + * ossl_ocsp.h: must use GetOCSPBasicRes (osssl_ocspbres_add_nonce). + * ruby_missing.h: should check HAVE_RB_OBJ_INIT_COPY. + (all of above changes were suggested by nobu. thanks.) + * ossl_x509store.c: refine ossl_x509stctx_free. + Mon, 14 Jul 2003 18:56:06 +0900 -- GOTOU Yuuzou <gotoyuzo@notwork.org> * ossl_x509store.c: add second argument of X509::Store#verify to pass the untrusted certificate chain. @@ -51,14 +51,14 @@ if with_config("debug") or enable_config("debug") if CONFIG["CC"] =~ /gcc/ srcs = [] - for f in Dir[File.join(".", "*.c")] + for f in Dir[File.join($srcdir, "*.c")] srcs.push File.basename(f) end srcs = srcs.join(" ") $distcleanfiles << "dep" if defined? $distcleanfiles - File.open("depend", "w") {|f| + File.open(File.join($srcdir, "depend"), "w") {|f| f.print <<EOD SRCS = #{srcs} @@ -96,6 +96,7 @@ result &= have_library(CRYPTOLIB, "OPENSSL_load_builtin_modules") result &= have_library(SSLLIB, "SSL_library_init") result &= have_openssl_097(includes) +have_func("rb_obj_init_copy", "ruby.h") have_func("HMAC_CTX_copy") have_func("X509_STORE_set_ex_data") @@ -121,7 +121,7 @@ int ossl_pem_passwd_cb(char *, int, int, void *); * ERRor messages */ #define OSSL_ErrMsg() ERR_reason_error_string(ERR_get_error()) -void ossl_raise(VALUE, const char *, ...); +NORETURN(void ossl_raise(VALUE, const char *, ...)); /* * Verify callback diff --git a/ossl_ocsp.c b/ossl_ocsp.c index 5d18f0e..8e0bd4f 100644 --- a/ossl_ocsp.c +++ b/ossl_ocsp.c @@ -422,6 +422,7 @@ ossl_ocspbres_add_nonce(int argc, VALUE *argv, VALUE self) VALUE val; int ret; + GetOCSPBasicRes(self, bs); rb_scan_args(argc, argv, "01", &val); if(NIL_P(val)) ret = OCSP_basic_add1_nonce(bs, NULL, -1); @@ -519,29 +520,29 @@ ossl_ocspbres_get_status(VALUE self) count = OCSP_resp_count(bs); for(i = 0; i < count; i++){ single = OCSP_resp_get0(bs, i); - if(single){ - revtime = thisupd = nextupd = NULL; - status = OCSP_single_get0_status(single, &reason, &revtime, - &thisupd, &nextupd); - if(status < 0) continue; - if(!(cid = OCSP_CERTID_dup(single->certId))) - ossl_raise(eOCSPError, NULL); - ary = rb_ary_new(); - rb_ary_push(ary, ossl_ocspcertid_new(cid)); - rb_ary_push(ary, INT2NUM(status)); - rb_ary_push(ary, INT2NUM(reason)); - rb_ary_push(ary, revtime ? asn1time_to_time(revtime) : Qnil); - rb_ary_push(ary, thisupd ? asn1time_to_time(thisupd) : Qnil); - rb_ary_push(ary, nextupd ? asn1time_to_time(nextupd) : Qnil); - ext = rb_ary_new(); - ext_count = OCSP_SINGLERESP_get_ext_count(single); - for(j = 0; j < ext_count; j++){ - x509ext = OCSP_SINGLERESP_get_ext(single, j); - rb_ary_push(ext, ossl_x509ext_new(x509ext)); - } - rb_ary_push(ary, ext); + if(!single) continue; + + revtime = thisupd = nextupd = NULL; + status = OCSP_single_get0_status(single, &reason, &revtime, + &thisupd, &nextupd); + if(status < 0) continue; + if(!(cid = OCSP_CERTID_dup(single->certId))) + ossl_raise(eOCSPError, NULL); + ary = rb_ary_new(); + rb_ary_push(ary, ossl_ocspcertid_new(cid)); + rb_ary_push(ary, INT2NUM(status)); + rb_ary_push(ary, INT2NUM(reason)); + rb_ary_push(ary, revtime ? asn1time_to_time(revtime) : Qnil); + rb_ary_push(ary, thisupd ? asn1time_to_time(thisupd) : Qnil); + rb_ary_push(ary, nextupd ? asn1time_to_time(nextupd) : Qnil); + ext = rb_ary_new(); + ext_count = OCSP_SINGLERESP_get_ext_count(single); + for(j = 0; j < ext_count; j++){ + x509ext = OCSP_SINGLERESP_get_ext(single, j); + rb_ary_push(ext, ossl_x509ext_new(x509ext)); } - rb_ary_push(ret, ary); + rb_ary_push(ary, ext); + rb_ary_push(ret, ary); } return ret; diff --git a/ossl_x509store.c b/ossl_x509store.c index c9b9cf7..45d365f 100644 --- a/ossl_x509store.c +++ b/ossl_x509store.c @@ -264,13 +264,7 @@ ossl_x509store_verify(int argc, VALUE *argv, VALUE self) /* * Public Functions */ -static void -ossl_x509stctx_free(X509_STORE_CTX *ctx) -{ - if(ctx->untrusted) - sk_X509_pop_free(ctx->untrusted, X509_free); - if(ctx->cert) ctx->cert; -} +static void ossl_x509stctx_free(X509_STORE_CTX*); VALUE ossl_x509stctx_new(X509_STORE_CTX *ctx) @@ -294,6 +288,16 @@ ossl_x509stctx_clear_ptr(VALUE obj) /* * Private functions */ +static void +ossl_x509stctx_free(X509_STORE_CTX *ctx) +{ + if(ctx->untrusted) + sk_X509_pop_free(ctx->untrusted, X509_free); + if(ctx->cert) + X509_free(ctx->cert); + X509_STORE_CTX_free(ctx); +} + static VALUE ossl_x509stctx_alloc(VALUE klass) { @@ -321,7 +325,7 @@ ossl_x509stctx_initialize(int argc, VALUE *argv, VALUE self) GetX509StCtx(self, ctx); rb_scan_args(argc, argv, "12", &store, &cert, &chain); SafeGetX509Store(store, x509st); - if(!NIL_P(cert)) x509 = DupX509CertPtr(cert); + if(!NIL_P(cert)) x509 = DupX509CertPtr(cert); /* NEED TO DUP */ if(!NIL_P(chain)) x509s = ossl_x509_ary2sk(chain); if(X509_STORE_CTX_init(ctx, x509st, x509, x509s) != 1){ sk_X509_pop_free(x509s, X509_free); diff --git a/ruby_missing.h b/ruby_missing.h index 6d3bdeb..bdb152b 100644 --- a/ruby_missing.h +++ b/ruby_missing.h @@ -57,7 +57,7 @@ #endif #if RUBY_VERSION_CODE >= 180 -# if RUBY_RELEASE_CODE < 20030517 +# if !defined(HAVE_RB_OBJ_INIT_COPY) # define rb_define_copy_func(klass, func) \ rb_define_method(klass, "copy_object", func, 1) # else |