1 files changed, 23 insertions, 18 deletions

diff --git a/ext/openssl/ossl_x509cert.c b/ext/openssl/ossl_x509cert.c
index a7e3796..ad1126d 100644
--- a/ext/openssl/ossl_x509cert.c
+++ b/ext/openssl/ossl_x509cert.c
@@ -456,10 +456,10 @@ static VALUE
 ossl_x509_get_not_before(VALUE self)
 {
     X509 *x509;
-    ASN1_UTCTIME *asn1time;
+    const ASN1_TIME *asn1time;
 
     GetX509(self, x509);
-    if (!(asn1time = X509_get_notBefore(x509))) { /* NO DUP - don't free! */
+    if (!(asn1time = X509_get0_notBefore(x509))) {
 	ossl_raise(eX509CertError, NULL);
     }
 
@@ -474,10 +474,15 @@ static VALUE
 ossl_x509_set_not_before(VALUE self, VALUE time)
 {
     X509 *x509;
+    ASN1_TIME *asn1time;
 
     GetX509(self, x509);
-    if (!ossl_x509_time_adjust(X509_get_notBefore(x509), time))
-	ossl_raise(eX509CertError, NULL);
+    asn1time = ossl_x509_time_adjust(NULL, time);
+    if (!X509_set_notBefore(x509, asn1time)) {
+	ASN1_TIME_free(asn1time);
+	ossl_raise(eX509CertError, "X509_set_notBefore");
+    }
+    ASN1_TIME_free(asn1time);
 
     return time;
 }
@@ -490,10 +495,10 @@ static VALUE
 ossl_x509_get_not_after(VALUE self)
 {
     X509 *x509;
-    ASN1_TIME *asn1time;
+    const ASN1_TIME *asn1time;
 
     GetX509(self, x509);
-    if (!(asn1time = X509_get_notAfter(x509))) { /* NO DUP - don't free! */
+    if (!(asn1time = X509_get0_notAfter(x509))) {
 	ossl_raise(eX509CertError, NULL);
     }
 
@@ -508,10 +513,15 @@ static VALUE
 ossl_x509_set_not_after(VALUE self, VALUE time)
 {
     X509 *x509;
+    ASN1_TIME *asn1time;
 
     GetX509(self, x509);
-    if (!ossl_x509_time_adjust(X509_get_notAfter(x509), time))
-	ossl_raise(eX509CertError, NULL);
+    asn1time = ossl_x509_time_adjust(NULL, time);
+    if (!X509_set_notAfter(x509, asn1time)) {
+	ASN1_TIME_free(asn1time);
+	ossl_raise(eX509CertError, "X509_set_notAfter");
+    }
+    ASN1_TIME_free(asn1time);
 
     return time;
 }
@@ -667,13 +677,10 @@ ossl_x509_set_extensions(VALUE self, VALUE ary)
     while ((ext = X509_delete_ext(x509, 0)))
 	X509_EXTENSION_free(ext);
     for (i=0; i<RARRAY_LEN(ary); i++) {
-	ext = DupX509ExtPtr(RARRAY_AREF(ary, i));
-
-	if (!X509_add_ext(x509, ext, -1)) { /* DUPs ext - FREE it */
-	    X509_EXTENSION_free(ext);
+	ext = GetX509ExtPtr(RARRAY_AREF(ary, i));
+	if (!X509_add_ext(x509, ext, -1)) { /* DUPs ext */
 	    ossl_raise(eX509CertError, NULL);
 	}
-	X509_EXTENSION_free(ext);
     }
 
     return ary;
@@ -690,12 +697,10 @@ ossl_x509_add_extension(VALUE self, VALUE extension)
     X509_EXTENSION *ext;
 
     GetX509(self, x509);
-    ext = DupX509ExtPtr(extension);
+    ext = GetX509ExtPtr(extension);
     if (!X509_add_ext(x509, ext, -1)) { /* DUPs ext - FREE it */
-	X509_EXTENSION_free(ext);
 	ossl_raise(eX509CertError, NULL);
     }
-    X509_EXTENSION_free(ext);
 
     return extension;
 }
@@ -720,9 +725,9 @@ ossl_x509_inspect(VALUE self)
 void
 Init_ossl_x509cert(void)
 {
-
 #if 0
-    mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */
+    mOSSL = rb_define_module("OpenSSL");
+    eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);
     mX509 = rb_define_module_under(mOSSL, "X509");
 #endif