diff options
-rw-r--r-- | ext/openssl/deprecation.rb | 1 | ||||
-rw-r--r-- | ext/openssl/extconf.rb | 1 | ||||
-rw-r--r-- | ext/openssl/ossl.c | 2 | ||||
-rw-r--r-- | ext/openssl/ossl.h | 2 | ||||
-rw-r--r-- | ext/openssl/ossl_bio.c | 3 | ||||
-rw-r--r-- | ext/openssl/ossl_cipher.c | 2 | ||||
-rw-r--r-- | ext/openssl/ossl_pkey_dsa.c | 4 | ||||
-rw-r--r-- | ext/openssl/ossl_rand.c | 10 | ||||
-rw-r--r-- | ext/openssl/ossl_ssl.c | 29 | ||||
-rw-r--r-- | ext/openssl/ossl_ssl.h | 2 | ||||
-rw-r--r-- | lib/openssl.rb | 1 | ||||
-rw-r--r-- | lib/openssl/bn.rb | 1 | ||||
-rw-r--r-- | lib/openssl/buffering.rb | 1 | ||||
-rw-r--r-- | lib/openssl/cipher.rb | 1 | ||||
-rw-r--r-- | lib/openssl/config.rb | 1 | ||||
-rw-r--r-- | lib/openssl/digest.rb | 1 | ||||
-rw-r--r-- | lib/openssl/pkey.rb | 1 | ||||
-rw-r--r-- | lib/openssl/ssl.rb | 3 | ||||
-rw-r--r-- | lib/openssl/x509.rb | 1 |
19 files changed, 40 insertions, 27 deletions
diff --git a/ext/openssl/deprecation.rb b/ext/openssl/deprecation.rb index 39ebfa0d..d7735367 100644 --- a/ext/openssl/deprecation.rb +++ b/ext/openssl/deprecation.rb @@ -1,3 +1,4 @@ +# frozen_string_literal: false module OpenSSL def self.deprecated_warning_flag unless flag = (@deprecated_warning_flag ||= nil) diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index 41dd9bed..7bb6cd8f 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -1,4 +1,5 @@ # -*- coding: us-ascii -*- +# frozen_string_literal: false =begin = Info 'OpenSSL for Ruby 2' project diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c index 5c14664c..92b5d1b1 100644 --- a/ext/openssl/ossl.c +++ b/ext/openssl/ossl.c @@ -566,7 +566,7 @@ static void Init_ossl_locks(void) * * If you use OSX, you should install another openssl and run ```./configure * --with-openssl-dir=/path/to/another-openssl```. For Homebrew user, run `brew - * install openssl` and then ```./configure --with-openssl-dir=`brew prefix + * install openssl` and then ```./configure --with-openssl-dir=`brew --prefix * openssl` ```. * * = Examples diff --git a/ext/openssl/ossl.h b/ext/openssl/ossl.h index eca0ef94..3be01b0c 100644 --- a/ext/openssl/ossl.h +++ b/ext/openssl/ossl.h @@ -44,7 +44,7 @@ extern "C" { # define assert(condition) #endif -#if defined(_WIN32) +#if defined(_WIN32) && !defined(LIBRESSL_VERSION_NUMBER) # include <openssl/e_os2.h> # define OSSL_NO_CONF_API 1 # if !defined(OPENSSL_SYS_WIN32) diff --git a/ext/openssl/ossl_bio.c b/ext/openssl/ossl_bio.c index 7e3b3070..cd258264 100644 --- a/ext/openssl/ossl_bio.c +++ b/ext/openssl/ossl_bio.c @@ -29,8 +29,9 @@ ossl_obj2bio(VALUE obj) } rb_update_max_fd(fd); if (!(fp = fdopen(fd, "r"))){ + int e = errno; close(fd); - rb_sys_fail(0); + rb_syserr_fail(e, 0); } if (!(bio = BIO_new_fp(fp, BIO_CLOSE))){ fclose(fp); diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c index 1318378c..09b021d9 100644 --- a/ext/openssl/ossl_cipher.c +++ b/ext/openssl/ossl_cipher.c @@ -91,7 +91,7 @@ static size_t ossl_cipher_memsize(const void *ptr) { const EVP_CIPHER_CTX *ctx = ptr; - return ctx ? sizeof(*ctx) : 0; + return sizeof(*ctx); } static VALUE diff --git a/ext/openssl/ossl_pkey_dsa.c b/ext/openssl/ossl_pkey_dsa.c index d5d55eec..04900cc6 100644 --- a/ext/openssl/ossl_pkey_dsa.c +++ b/ext/openssl/ossl_pkey_dsa.c @@ -110,7 +110,7 @@ dsa_generate(int size) unsigned long h; if (!dsa) return 0; - if (!RAND_bytes(seed, seed_len)) { + if (RAND_bytes(seed, seed_len) <= 0) { DSA_free(dsa); return 0; } @@ -144,7 +144,7 @@ dsa_generate(int size) int seed_len = 20, counter; unsigned long h; - if (!RAND_bytes(seed, seed_len)) { + if (RAND_bytes(seed, seed_len) <= 0) { return 0; } dsa = DSA_generate_parameters(size, seed, seed_len, &counter, &h, diff --git a/ext/openssl/ossl_rand.c b/ext/openssl/ossl_rand.c index 018ef977..daf866d7 100644 --- a/ext/openssl/ossl_rand.c +++ b/ext/openssl/ossl_rand.c @@ -110,10 +110,16 @@ ossl_rand_bytes(VALUE self, VALUE len) { VALUE str; int n = NUM2INT(len); + int ret; str = rb_str_new(0, n); - if (!RAND_bytes((unsigned char *)RSTRING_PTR(str), n)) { - ossl_raise(eRandomError, NULL); + ret = RAND_bytes((unsigned char *)RSTRING_PTR(str), n); + if (ret == 0){ + char buf[256]; + ERR_error_string_n(ERR_get_error(), buf, 256); + ossl_raise(eRandomError, "RAND_bytes error: %s", buf); + } else if (ret == -1) { + ossl_raise(eRandomError, "RAND_bytes is not supported"); } return str; diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index 538ba37f..4075d6f0 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -28,8 +28,8 @@ } while (0) VALUE mSSL; -VALUE mSSLExtConfig; -VALUE eSSLError; +static VALUE mSSLExtConfig; +static VALUE eSSLError; VALUE cSSLContext; VALUE cSSLSocket; @@ -75,7 +75,7 @@ static VALUE eSSLErrorWaitWritable; #define ossl_ssl_set_tmp_dh(o,v) rb_iv_set((o),"@tmp_dh",(v)) #define ossl_ssl_set_tmp_ecdh(o,v) rb_iv_set((o),"@tmp_ecdh",(v)) -ID ID_callback_state; +static ID ID_callback_state; static VALUE sym_exception, sym_wait_readable, sym_wait_writable; @@ -120,9 +120,9 @@ static const struct { #undef OSSL_SSL_METHOD_ENTRY }; -int ossl_ssl_ex_vcb_idx; -int ossl_ssl_ex_store_p; -int ossl_ssl_ex_ptr_idx; +static int ossl_ssl_ex_vcb_idx; +static int ossl_ssl_ex_store_p; +static int ossl_ssl_ex_ptr_idx; static void ossl_sslctx_free(void *ptr) @@ -585,19 +585,16 @@ ssl_npn_select_cb_common(VALUE cb, const unsigned char **out, unsigned char *out { VALUE selected; long len; - unsigned char l; VALUE protocols = rb_ary_new(); + unsigned char l; + const unsigned char *in_end = in + inlen; - /* The format is len_1|proto_1|...|len_n|proto_n\0 */ - while ((l = *in++) != '\0') { - VALUE protocol; - if (l > inlen) { - ossl_raise(eSSLError, "Invalid protocol name list"); - } - protocol = rb_str_new((const char *)in, l); - rb_ary_push(protocols, protocol); + /* assume OpenSSL verifies this format */ + /* The format is len_1|proto_1|...|len_n|proto_n */ + while (in < in_end) { + l = *in++; + rb_ary_push(protocols, rb_str_new((const char *)in, l)); in += l; - inlen -= l; } selected = rb_funcall(cb, rb_intern("call"), 1, protocols); diff --git a/ext/openssl/ossl_ssl.h b/ext/openssl/ossl_ssl.h index f92f0289..909f6798 100644 --- a/ext/openssl/ossl_ssl.h +++ b/ext/openssl/ossl_ssl.h @@ -29,9 +29,7 @@ extern const rb_data_type_t ossl_ssl_type; extern const rb_data_type_t ossl_ssl_session_type; extern VALUE mSSL; -extern VALUE eSSLError; extern VALUE cSSLSocket; -extern VALUE cSSLContext; extern VALUE cSSLSession; void Init_ossl_ssl(void); diff --git a/lib/openssl.rb b/lib/openssl.rb index 57f6f970..26d167a9 100644 --- a/lib/openssl.rb +++ b/lib/openssl.rb @@ -1,3 +1,4 @@ +# frozen_string_literal: false =begin = Info 'OpenSSL for Ruby 2' project diff --git a/lib/openssl/bn.rb b/lib/openssl/bn.rb index 17148f96..6d6c96e4 100644 --- a/lib/openssl/bn.rb +++ b/lib/openssl/bn.rb @@ -1,3 +1,4 @@ +# frozen_string_literal: false #-- # # = Ruby-space definitions that completes C-space funcs for BN diff --git a/lib/openssl/buffering.rb b/lib/openssl/buffering.rb index a97d9ead..d0821990 100644 --- a/lib/openssl/buffering.rb +++ b/lib/openssl/buffering.rb @@ -1,4 +1,5 @@ # coding: binary +# frozen_string_literal: false #-- #= Info # 'OpenSSL for Ruby 2' project diff --git a/lib/openssl/cipher.rb b/lib/openssl/cipher.rb index c7f0aec5..a69d5ac8 100644 --- a/lib/openssl/cipher.rb +++ b/lib/openssl/cipher.rb @@ -1,3 +1,4 @@ +# frozen_string_literal: false #-- # = Ruby-space predefined Cipher subclasses # diff --git a/lib/openssl/config.rb b/lib/openssl/config.rb index e1f5dbea..88225451 100644 --- a/lib/openssl/config.rb +++ b/lib/openssl/config.rb @@ -1,3 +1,4 @@ +# frozen_string_literal: false =begin = Ruby-space definitions that completes C-space funcs for Config diff --git a/lib/openssl/digest.rb b/lib/openssl/digest.rb index 8bf85103..1240bf59 100644 --- a/lib/openssl/digest.rb +++ b/lib/openssl/digest.rb @@ -1,3 +1,4 @@ +# frozen_string_literal: false #-- # = Ruby-space predefined Digest subclasses # diff --git a/lib/openssl/pkey.rb b/lib/openssl/pkey.rb index 007934f8..3f65adad 100644 --- a/lib/openssl/pkey.rb +++ b/lib/openssl/pkey.rb @@ -1,3 +1,4 @@ +# frozen_string_literal: false module OpenSSL module PKey if defined?(OpenSSL::PKey::DH) diff --git a/lib/openssl/ssl.rb b/lib/openssl/ssl.rb index d3ae155a..57519f2c 100644 --- a/lib/openssl/ssl.rb +++ b/lib/openssl/ssl.rb @@ -1,3 +1,4 @@ +# frozen_string_literal: false =begin = Info 'OpenSSL for Ruby 2' project @@ -250,7 +251,7 @@ module OpenSSL include SocketForwarder if ExtConfig::OPENSSL_NO_SOCK - def initialize(io, ctx = nil); raise NotImplmentedError; end + def initialize(io, ctx = nil); raise NotImplementedError; end else if ExtConfig::HAVE_TLSEXT_HOST_NAME attr_accessor :hostname diff --git a/lib/openssl/x509.rb b/lib/openssl/x509.rb index e76c6b8c..aef3456e 100644 --- a/lib/openssl/x509.rb +++ b/lib/openssl/x509.rb @@ -1,3 +1,4 @@ +# frozen_string_literal: false #-- # = Ruby-space definitions that completes C-space funcs for X509 and subclasses # |