diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2017-07-21 15:35:46 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2017-07-22 21:58:56 +0900 |
commit | 96211a3e4ed8242832b74f166d6435144438bd43 (patch) | |
tree | 702ea51e49c0dc9dc753e0a7cadffd631f9d60af /ext | |
parent | 2a5ae3c7a53978145122a163e63a490a6a6c9993 (diff) | |
download | ruby-openssl-96211a3e4ed8242832b74f166d6435144438bd43.tar.gz |
ossl_pem_passwd_cb: handle nil from the block explicitlyky/pem-passwd-cb-get-rid-of-minlen
There is code that returns nil in the passphrase block on purpose (to
prevent OpenSSL from prompting on stdin):
OpenSSL::PKey.read(File.read("file.pem")) { nil }
This is working just by chance because the TypeError from StringValue()
is silently ignored. Let's short circuit in that case and save raising
a needless exception, as this pattern has become too common.
Diffstat (limited to 'ext')
-rw-r--r-- | ext/openssl/ossl.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c index 562241c5..c22966df 100644 --- a/ext/openssl/ossl.c +++ b/ext/openssl/ossl.c @@ -148,11 +148,10 @@ ossl_pem_passwd_value(VALUE pass) static VALUE ossl_pem_passwd_cb0(VALUE flag) { - VALUE pass; - - pass = rb_yield(flag); + VALUE pass = rb_yield(flag); + if (NIL_P(pass)) + return Qnil; StringValue(pass); - return pass; } @@ -195,6 +194,8 @@ ossl_pem_passwd_cb(char *buf, int max_len, int flag, void *pwd_) rb_set_errinfo(Qnil); return -1; } + if (NIL_P(pass)) + return -1; len = RSTRING_LEN(pass); if (len > max_len) { rb_warning("password must not be longer than %d bytes", max_len); |