ssl: check return value of SSL_CTX_set_alpn_protos()

The function can fail on memory allocation error. Note that the function returns 0 on success unlike other almost all functions in OpenSSL.
author: Kazuki Yamaguchi <k@rhe.jp> 2016-08-30 02:27:20 +0900
committer: Kazuki Yamaguchi <k@rhe.jp> 2016-08-30 10:37:05 +0900
commit: b72957c1bc6bed62312abcb4b13b2acb08ffc0d2 (patch)
tree: 8b73f9f029b49aea96c0ffe4ee7a0fb7257f9da7 /ext/openssl
parent: 3a926047a729f125df28946ede28f302d5c084ac (diff)
download: ruby-openssl-b72957c1bc6bed62312abcb4b13b2acb08ffc0d2.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c
index bf3a8dd8..28a4633b 100644
--- a/ext/openssl/ossl_ssl.c
+++ b/ext/openssl/ossl_ssl.c
@@ -916,7 +916,11 @@ ossl_sslctx_setup(VALUE self)
     val = rb_iv_get(self, "@alpn_protocols");
     if (!NIL_P(val)) {
 	VALUE rprotos = ssl_encode_npn_protocols(val);
-	SSL_CTX_set_alpn_protos(ctx, (unsigned char *)RSTRING_PTR(rprotos), RSTRING_LENINT(rprotos));
+
+	/* returns 0 on success */
+	if (SSL_CTX_set_alpn_protos(ctx, (unsigned char *)RSTRING_PTR(rprotos),
+				    RSTRING_LENINT(rprotos)))
+	    ossl_raise(eSSLError, "SSL_CTX_set_alpn_protos");
 	OSSL_Debug("SSL ALPN values added");
     }
     if (RTEST(rb_iv_get(self, "@alpn_select_cb"))) {
author	Kazuki Yamaguchi <k@rhe.jp>	2016-08-30 02:27:20 +0900
committer	Kazuki Yamaguchi <k@rhe.jp>	2016-08-30 10:37:05 +0900
commit	b72957c1bc6bed62312abcb4b13b2acb08ffc0d2 (patch)
tree	8b73f9f029b49aea96c0ffe4ee7a0fb7257f9da7 /ext/openssl
parent	3a926047a729f125df28946ede28f302d5c084ac (diff)
download	ruby-openssl-b72957c1bc6bed62312abcb4b13b2acb08ffc0d2.tar.gz