diff options
| author | thekuwayama <thekuwayama@gmail.com> | 2019-12-31 21:48:52 +0900 |
|---|---|---|
| committer | Samuel Williams <samuel.williams@oriontransfer.co.nz> | 2020-01-25 00:30:40 +1300 |
| commit | 443d13e9b2c127230fde2733959eaa4d41eb355d (patch) | |
| tree | 19d36db3da61db38cf125e3b2bc06bd50f85d533 /ext | |
| parent | 5d866038920edf2729865653d6dc9309589f089a (diff) | |
| download | ruby-openssl-443d13e9b2c127230fde2733959eaa4d41eb355d.tar.gz | |
modify ossl_sslctx_add_certificate_chain_file() to raise Error and to return self
add test_add_certificate_chain_file_multiple_certs
Diffstat (limited to 'ext')
| -rw-r--r-- | ext/openssl/ossl_ssl.c | 23 |
1 files changed, 13 insertions, 10 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index 4ee698cd..ee56edc0 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -1324,7 +1324,7 @@ ossl_sslctx_add_certificate(int argc, VALUE *argv, VALUE self) /* * call-seq: - * ctx.add_certificate_chain_file(certs_path, pkey_path) -> true | false + * ctx.add_certificate_chain_file(certs_path, pkey_path) -> self * * Loads chain certificates from _certs_path_ and a private key from * _pkey_path_. @@ -1336,11 +1336,19 @@ ossl_sslctx_add_certificate(int argc, VALUE *argv, VALUE self) * _pkey_path_:: * A path to a private key file. An instance of String. * + * === Example + * ctx.add_certificate_chain(rsa_cert_path, rsa_key_path) + * + * ctx.add_certificate_chain(ecdsa_cert_path, ecdsa_key_path) + * * === Note * The file format of the certificate and private key must be PEM. * * The certificate file must be starting with the subject's certificate and - * followed by intermediate CA certificates (and root CA certificate). + * followed by intermediate CA certificate(s). + * + * OpenSSL before the version 1.0.2 could handle only one extra chain across + * all key types. Calling this method discards the chain set previously. */ static VALUE ossl_sslctx_add_certificate_chain_file(VALUE self, VALUE certs_path, VALUE pkey_path) @@ -1348,20 +1356,15 @@ ossl_sslctx_add_certificate_chain_file(VALUE self, VALUE certs_path, VALUE pkey_ SSL_CTX *ctx; GetSSLCTX(self, ctx); - if (NIL_P(certs_path)) - ossl_raise(rb_eArgError, "certs_path must be the path to certificates"); - - if (NIL_P(pkey_path)) - ossl_raise(rb_eArgError, "pkey_path must be the path to private key"); /* SSL_CTX_use_certificate_chain_file() loads PEM format file. */ if (SSL_CTX_use_certificate_chain_file(ctx, StringValueCStr(certs_path)) != 1) - return Qfalse; + ossl_raise(eSSLError, "SSL_CTX_use_certificate_chain_file"); if (SSL_CTX_use_PrivateKey_file(ctx, StringValueCStr(pkey_path), SSL_FILETYPE_PEM) != 1) - return Qfalse; + ossl_raise(eSSLError, "SSL_CTX_use_PrivateKey_file"); - return Qtrue; + return self; } /* |