diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2016-08-30 02:27:20 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-08-30 10:37:05 +0900 |
commit | b72957c1bc6bed62312abcb4b13b2acb08ffc0d2 (patch) | |
tree | 8b73f9f029b49aea96c0ffe4ee7a0fb7257f9da7 /ext/openssl | |
parent | 3a926047a729f125df28946ede28f302d5c084ac (diff) | |
download | ruby-openssl-b72957c1bc6bed62312abcb4b13b2acb08ffc0d2.tar.gz |
ssl: check return value of SSL_CTX_set_alpn_protos()
The function can fail on memory allocation error. Note that the
function returns 0 on success unlike other almost all functions in
OpenSSL.
Diffstat (limited to 'ext/openssl')
-rw-r--r-- | ext/openssl/ossl_ssl.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index bf3a8dd8..28a4633b 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -916,7 +916,11 @@ ossl_sslctx_setup(VALUE self) val = rb_iv_get(self, "@alpn_protocols"); if (!NIL_P(val)) { VALUE rprotos = ssl_encode_npn_protocols(val); - SSL_CTX_set_alpn_protos(ctx, (unsigned char *)RSTRING_PTR(rprotos), RSTRING_LENINT(rprotos)); + + /* returns 0 on success */ + if (SSL_CTX_set_alpn_protos(ctx, (unsigned char *)RSTRING_PTR(rprotos), + RSTRING_LENINT(rprotos))) + ossl_raise(eSSLError, "SSL_CTX_set_alpn_protos"); OSSL_Debug("SSL ALPN values added"); } if (RTEST(rb_iv_get(self, "@alpn_select_cb"))) { |