diff options
| author | Hiroshi SHIBATA <hsbt@ruby-lang.org> | 2020-12-14 13:23:24 +0900 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-12-14 13:23:24 +0900 |
| commit | fd39183a61483c9b2b05aa5837a8185a522da653 (patch) | |
| tree | 85a89371680ad2b2d466f8692cc5257c0d12055e | |
| parent | a0e98d48c91f2ffd8d3959e56ebe1aa2e45df11e (diff) | |
| parent | 9e4d4704e65bccd3cedeb9a07c9101f3c2eb02e9 (diff) | |
| download | ruby-openssl-fd39183a61483c9b2b05aa5837a8185a522da653.tar.gz | |
Merge pull request #413 from ruby/backport-ruby-core
Backport ruby core repo
| -rw-r--r-- | ext/openssl/ossl_ssl.c | 62 | ||||
| -rw-r--r-- | ext/openssl/ossl_ts.c | 26 | ||||
| -rw-r--r-- | lib/openssl/buffering.rb | 2 | ||||
| -rw-r--r-- | lib/openssl/ssl.rb | 2 |
4 files changed, 45 insertions, 47 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index a02f02cb..f4cc6dec 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -2412,8 +2412,6 @@ ossl_ssl_tmp_key(VALUE self) # endif /* defined(HAVE_SSL_GET_SERVER_TMP_KEY) */ #endif /* !defined(OPENSSL_NO_SOCK) */ -#undef rb_intern -#define rb_intern(s) rb_intern_const(s) void Init_ossl_ssl(void) { @@ -2424,8 +2422,8 @@ Init_ossl_ssl(void) rb_mWaitWritable = rb_define_module_under(rb_cIO, "WaitWritable"); #endif - id_call = rb_intern("call"); - ID_callback_state = rb_intern("callback_state"); + id_call = rb_intern_const("call"); + ID_callback_state = rb_intern_const("callback_state"); ossl_ssl_ex_vcb_idx = SSL_get_ex_new_index(0, (void *)"ossl_ssl_ex_vcb_idx", 0, 0, 0); if (ossl_ssl_ex_vcb_idx < 0) @@ -2492,7 +2490,7 @@ Init_ossl_ssl(void) * The _cert_, _key_, and _extra_chain_cert_ attributes are deprecated. * It is recommended to use #add_certificate instead. */ - rb_attr(cSSLContext, rb_intern("cert"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("cert"), 1, 1, Qfalse); /* * Context private key @@ -2500,29 +2498,29 @@ Init_ossl_ssl(void) * The _cert_, _key_, and _extra_chain_cert_ attributes are deprecated. * It is recommended to use #add_certificate instead. */ - rb_attr(cSSLContext, rb_intern("key"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("key"), 1, 1, Qfalse); /* * A certificate or Array of certificates that will be sent to the client. */ - rb_attr(cSSLContext, rb_intern("client_ca"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("client_ca"), 1, 1, Qfalse); /* * The path to a file containing a PEM-format CA certificate */ - rb_attr(cSSLContext, rb_intern("ca_file"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("ca_file"), 1, 1, Qfalse); /* * The path to a directory containing CA certificates in PEM format. * * Files are looked up by subject's X509 name's hash value. */ - rb_attr(cSSLContext, rb_intern("ca_path"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("ca_path"), 1, 1, Qfalse); /* * Maximum session lifetime in seconds. */ - rb_attr(cSSLContext, rb_intern("timeout"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("timeout"), 1, 1, Qfalse); /* * Session verification mode. @@ -2535,12 +2533,12 @@ Init_ossl_ssl(void) * * See SSL_CTX_set_verify(3) for details. */ - rb_attr(cSSLContext, rb_intern("verify_mode"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("verify_mode"), 1, 1, Qfalse); /* * Number of CA certificates to walk when verifying a certificate chain. */ - rb_attr(cSSLContext, rb_intern("verify_depth"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("verify_depth"), 1, 1, Qfalse); /* * A callback for additional certificate verification. The callback is @@ -2554,7 +2552,7 @@ Init_ossl_ssl(void) * If the callback returns +false+, the chain verification is immediately * stopped and a bad_certificate alert is then sent. */ - rb_attr(cSSLContext, rb_intern("verify_callback"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("verify_callback"), 1, 1, Qfalse); /* * Whether to check the server certificate is valid for the hostname. @@ -2562,12 +2560,12 @@ Init_ossl_ssl(void) * In order to make this work, verify_mode must be set to VERIFY_PEER and * the server hostname must be given by OpenSSL::SSL::SSLSocket#hostname=. */ - rb_attr(cSSLContext, rb_intern("verify_hostname"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("verify_hostname"), 1, 1, Qfalse); /* * An OpenSSL::X509::Store used for certificate verification. */ - rb_attr(cSSLContext, rb_intern("cert_store"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("cert_store"), 1, 1, Qfalse); /* * An Array of extra X509 certificates to be added to the certificate @@ -2576,7 +2574,7 @@ Init_ossl_ssl(void) * The _cert_, _key_, and _extra_chain_cert_ attributes are deprecated. * It is recommended to use #add_certificate instead. */ - rb_attr(cSSLContext, rb_intern("extra_chain_cert"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("extra_chain_cert"), 1, 1, Qfalse); /* * A callback invoked when a client certificate is requested by a server @@ -2586,14 +2584,14 @@ Init_ossl_ssl(void) * containing an OpenSSL::X509::Certificate and an OpenSSL::PKey. If any * other value is returned the handshake is suspended. */ - rb_attr(cSSLContext, rb_intern("client_cert_cb"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("client_cert_cb"), 1, 1, Qfalse); /* * Sets the context in which a session can be reused. This allows * sessions for multiple applications to be distinguished, for example, by * name. */ - rb_attr(cSSLContext, rb_intern("session_id_context"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("session_id_context"), 1, 1, Qfalse); /* * A callback invoked on a server when a session is proposed by the client @@ -2602,7 +2600,7 @@ Init_ossl_ssl(void) * The callback is invoked with the SSLSocket and session id. The * callback may return a Session from an external cache. */ - rb_attr(cSSLContext, rb_intern("session_get_cb"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("session_get_cb"), 1, 1, Qfalse); /* * A callback invoked when a new session was negotiated. @@ -2610,7 +2608,7 @@ Init_ossl_ssl(void) * The callback is invoked with an SSLSocket. If +false+ is returned the * session will be removed from the internal cache. */ - rb_attr(cSSLContext, rb_intern("session_new_cb"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("session_new_cb"), 1, 1, Qfalse); /* * A callback invoked when a session is removed from the internal cache. @@ -2621,7 +2619,7 @@ Init_ossl_ssl(void) * multi-threaded application. The callback is called inside a global lock * and it can randomly cause deadlock on Ruby thread switching. */ - rb_attr(cSSLContext, rb_intern("session_remove_cb"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("session_remove_cb"), 1, 1, Qfalse); rb_define_const(mSSLExtConfig, "HAVE_TLSEXT_HOST_NAME", Qtrue); @@ -2644,7 +2642,7 @@ Init_ossl_ssl(void) * raise RuntimeError, "Client renegotiation disabled" * end */ - rb_attr(cSSLContext, rb_intern("renegotiation_cb"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("renegotiation_cb"), 1, 1, Qfalse); #ifndef OPENSSL_NO_NEXTPROTONEG /* * An Enumerable of Strings. Each String represents a protocol to be @@ -2657,7 +2655,7 @@ Init_ossl_ssl(void) * * ctx.npn_protocols = ["http/1.1", "spdy/2"] */ - rb_attr(cSSLContext, rb_intern("npn_protocols"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("npn_protocols"), 1, 1, Qfalse); /* * A callback invoked on the client side when the client needs to select * a protocol from the list sent by the server. Supported in OpenSSL 1.0.1 @@ -2674,7 +2672,7 @@ Init_ossl_ssl(void) * protocols.first * end */ - rb_attr(cSSLContext, rb_intern("npn_select_cb"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("npn_select_cb"), 1, 1, Qfalse); #endif #ifdef HAVE_SSL_CTX_SET_ALPN_SELECT_CB @@ -2689,7 +2687,7 @@ Init_ossl_ssl(void) * * ctx.alpn_protocols = ["http/1.1", "spdy/2", "h2"] */ - rb_attr(cSSLContext, rb_intern("alpn_protocols"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("alpn_protocols"), 1, 1, Qfalse); /* * A callback invoked on the server side when the server needs to select * a protocol from the list sent by the client. Supported in OpenSSL 1.0.2 @@ -2706,7 +2704,7 @@ Init_ossl_ssl(void) * protocols.first * end */ - rb_attr(cSSLContext, rb_intern("alpn_select_cb"), 1, 1, Qfalse); + rb_attr(cSSLContext, rb_intern_const("alpn_select_cb"), 1, 1, Qfalse); #endif rb_define_alias(cSSLContext, "ssl_timeout", "timeout"); @@ -2934,15 +2932,15 @@ Init_ossl_ssl(void) #endif - sym_exception = ID2SYM(rb_intern("exception")); - sym_wait_readable = ID2SYM(rb_intern("wait_readable")); - sym_wait_writable = ID2SYM(rb_intern("wait_writable")); + sym_exception = ID2SYM(rb_intern_const("exception")); + sym_wait_readable = ID2SYM(rb_intern_const("wait_readable")); + sym_wait_writable = ID2SYM(rb_intern_const("wait_writable")); - id_tmp_dh_callback = rb_intern("tmp_dh_callback"); - id_npn_protocols_encoded = rb_intern("npn_protocols_encoded"); + id_tmp_dh_callback = rb_intern_const("tmp_dh_callback"); + id_npn_protocols_encoded = rb_intern_const("npn_protocols_encoded"); #define DefIVarID(name) do \ - id_i_##name = rb_intern("@"#name); while (0) + id_i_##name = rb_intern_const("@"#name); while (0) DefIVarID(cert_store); DefIVarID(ca_file); diff --git a/ext/openssl/ossl_ts.c b/ext/openssl/ossl_ts.c index d59c9348..752c61cf 100644 --- a/ext/openssl/ossl_ts.c +++ b/ext/openssl/ossl_ts.c @@ -1247,24 +1247,24 @@ Init_ossl_ts(void) * timestamp server rejects the message imprint algorithm used in the * +Request+ */ - sBAD_ALG = rb_intern("BAD_ALG"); + sBAD_ALG = rb_intern_const("BAD_ALG"); /* * Possible return value for +Response#failure_info+. Indicates that the * timestamp server was not able to process the +Request+ properly. */ - sBAD_REQUEST = rb_intern("BAD_REQUEST"); + sBAD_REQUEST = rb_intern_const("BAD_REQUEST"); /* * Possible return value for +Response#failure_info+. Indicates that the * timestamp server was not able to parse certain data in the +Request+. */ - sBAD_DATA_FORMAT = rb_intern("BAD_DATA_FORMAT"); + sBAD_DATA_FORMAT = rb_intern_const("BAD_DATA_FORMAT"); - sTIME_NOT_AVAILABLE = rb_intern("TIME_NOT_AVAILABLE"); - sUNACCEPTED_POLICY = rb_intern("UNACCEPTED_POLICY"); - sUNACCEPTED_EXTENSION = rb_intern("UNACCEPTED_EXTENSION"); - sADD_INFO_NOT_AVAILABLE = rb_intern("ADD_INFO_NOT_AVAILABLE"); - sSYSTEM_FAILURE = rb_intern("SYSTEM_FAILURE"); + sTIME_NOT_AVAILABLE = rb_intern_const("TIME_NOT_AVAILABLE"); + sUNACCEPTED_POLICY = rb_intern_const("UNACCEPTED_POLICY"); + sUNACCEPTED_EXTENSION = rb_intern_const("UNACCEPTED_EXTENSION"); + sADD_INFO_NOT_AVAILABLE = rb_intern_const("ADD_INFO_NOT_AVAILABLE"); + sSYSTEM_FAILURE = rb_intern_const("SYSTEM_FAILURE"); /* Document-class: OpenSSL::Timestamp * Provides classes and methods to request, create and validate @@ -1503,11 +1503,11 @@ Init_ossl_ts(void) * */ cTimestampFactory = rb_define_class_under(mTimestamp, "Factory", rb_cObject); - rb_attr(cTimestampFactory, rb_intern("allowed_digests"), 1, 1, 0); - rb_attr(cTimestampFactory, rb_intern("default_policy_id"), 1, 1, 0); - rb_attr(cTimestampFactory, rb_intern("serial_number"), 1, 1, 0); - rb_attr(cTimestampFactory, rb_intern("gen_time"), 1, 1, 0); - rb_attr(cTimestampFactory, rb_intern("additional_certs"), 1, 1, 0); + rb_attr(cTimestampFactory, rb_intern_const("allowed_digests"), 1, 1, 0); + rb_attr(cTimestampFactory, rb_intern_const("default_policy_id"), 1, 1, 0); + rb_attr(cTimestampFactory, rb_intern_const("serial_number"), 1, 1, 0); + rb_attr(cTimestampFactory, rb_intern_const("gen_time"), 1, 1, 0); + rb_attr(cTimestampFactory, rb_intern_const("additional_certs"), 1, 1, 0); rb_define_method(cTimestampFactory, "create_timestamp", ossl_tsfac_create_ts, 3); } diff --git a/lib/openssl/buffering.rb b/lib/openssl/buffering.rb index a5f4241b..32e04b48 100644 --- a/lib/openssl/buffering.rb +++ b/lib/openssl/buffering.rb @@ -31,7 +31,7 @@ module OpenSSL::Buffering force_encoding(BINARY) end - + def << string if string.encoding == BINARY super(string) diff --git a/lib/openssl/ssl.rb b/lib/openssl/ssl.rb index 438daab0..0930a530 100644 --- a/lib/openssl/ssl.rb +++ b/lib/openssl/ssl.rb @@ -238,7 +238,7 @@ YoaOffgTf5qxiwkjnlVZQc3whgnEt9FpVMvQ9eknyeGB5KHfayAc3+hUAvI3/Cr3 def fileno to_io.fileno end - + def addr to_io.addr end |