diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2023-08-16 11:49:03 +0900 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-08-16 11:49:03 +0900 |
commit | 3f45150b6de3ca8542bd4fdf4cea6c5408948a93 (patch) | |
tree | 256ba44882d34de5f070532de99662c06e924d25 | |
parent | 283958a51848d9dff4ff885fcda2e2fee3bd45a0 (diff) | |
parent | 1c5bbdd68e902ca34f9a8cc4218babd5ebfc3a8c (diff) | |
download | ruby-openssl-3f45150b6de3ca8542bd4fdf4cea6c5408948a93.tar.gz |
Merge pull request #648 from rhenium/ky/error-additional-data
Include "additional data" message in OpenSSL errors
-rw-r--r-- | ext/openssl/ossl.c | 29 | ||||
-rw-r--r-- | test/openssl/test_config.rb | 12 | ||||
-rw-r--r-- | test/openssl/test_ossl.rb | 12 |
3 files changed, 33 insertions, 20 deletions
diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c index e21d1372..47b8b012 100644 --- a/ext/openssl/ossl.c +++ b/ext/openssl/ossl.c @@ -272,23 +272,28 @@ VALUE ossl_make_error(VALUE exc, VALUE str) { unsigned long e; + const char *data; + int flags; - e = ERR_peek_last_error(); + if (NIL_P(str)) + str = rb_str_new(NULL, 0); + +#ifdef HAVE_ERR_GET_ERROR_ALL + e = ERR_peek_last_error_all(NULL, NULL, NULL, &data, &flags); +#else + e = ERR_peek_last_error_line_data(NULL, NULL, &data, &flags); +#endif if (e) { - const char *msg = ERR_reason_error_string(e); + const char *msg = ERR_reason_error_string(e); - if (NIL_P(str)) { - if (msg) str = rb_str_new_cstr(msg); - } - else { - if (RSTRING_LEN(str)) rb_str_cat2(str, ": "); - rb_str_cat2(str, msg ? msg : "(null)"); - } - ossl_clear_error(); + if (RSTRING_LEN(str)) rb_str_cat_cstr(str, ": "); + rb_str_cat_cstr(str, msg ? msg : "(null)"); + if (flags & ERR_TXT_STRING && data) + rb_str_catf(str, " (%s)", data); + ossl_clear_error(); } - if (NIL_P(str)) str = rb_str_new(0, 0); - return rb_exc_new3(exc, str); + return rb_exc_new_str(exc, str); } void diff --git a/test/openssl/test_config.rb b/test/openssl/test_config.rb index 24a215a4..6dbb9c61 100644 --- a/test/openssl/test_config.rb +++ b/test/openssl/test_config.rb @@ -91,22 +91,19 @@ __EOC__ assert_equal('123baz456bar798', c['dollar']['qux']) assert_equal('123baz456bar798.123baz456bar798', c['dollar']['quxx']) - excn = assert_raise(OpenSSL::ConfigError) do + assert_raise_with_message(OpenSSL::ConfigError, /error in line 1: variable has no value/) do OpenSSL::Config.parse("foo = $bar") end - assert_equal("error in line 1: variable has no value", excn.message) - excn = assert_raise(OpenSSL::ConfigError) do + assert_raise_with_message(OpenSSL::ConfigError, /error in line 1: no close brace/) do OpenSSL::Config.parse("foo = $(bar") end - assert_equal("error in line 1: no close brace", excn.message) - excn = assert_raise(OpenSSL::ConfigError) do + assert_raise_with_message(OpenSSL::ConfigError, /error in line 1: missing equal sign/) do OpenSSL::Config.parse("f o =b ar # no space in key") end - assert_equal("error in line 1: missing equal sign", excn.message) - excn = assert_raise(OpenSSL::ConfigError) do + assert_raise_with_message(OpenSSL::ConfigError, /error in line 7: missing close square bracket/) do OpenSSL::Config.parse(<<__EOC__) # comment 1 # comments @@ -117,7 +114,6 @@ __EOC__ [third # section not terminated __EOC__ end - assert_equal("error in line 7: missing close square bracket", excn.message) end def test_s_parse_include diff --git a/test/openssl/test_ossl.rb b/test/openssl/test_ossl.rb index e1d86bd4..5759c75b 100644 --- a/test/openssl/test_ossl.rb +++ b/test/openssl/test_ossl.rb @@ -60,6 +60,18 @@ class OpenSSL::OSSL < OpenSSL::SSLTestCase assert_operator(a_b_time, :<, a_c_time * 10, "fixed_length_secure_compare timing test failed") assert_operator(a_c_time, :<, a_b_time * 10, "fixed_length_secure_compare timing test failed") end + + def test_error_data + # X509V3_EXT_nconf_nid() called from OpenSSL::X509::ExtensionFactory#create_ext is a function + # that uses ERR_raise_data() to append additional information about the error. + # + # The generated message should look like: + # "subjectAltName = IP:not.a.valid.ip.address: bad ip address (value=not.a.valid.ip.address)" + ef = OpenSSL::X509::ExtensionFactory.new + assert_raise_with_message(OpenSSL::X509::ExtensionError, /\(value=not.a.valid.ip.address\)/) { + ef.create_ext("subjectAltName", "IP:not.a.valid.ip.address") + } + end end end |