From d9064190ca892708f71da500a6e24fb2615c6ccb Mon Sep 17 00:00:00 2001
From: Kazuki Yamaguchi <k@rhe.jp>
Date: Wed, 19 Feb 2020 05:11:54 +0000
Subject: config: replace DupConfigPtr() with GetConfig()

Now that OpenSSL::Config wraps a real CONF object, the caller can just
borrow it rather than creating a new temporary CONF object. CONF object
is usually treated as immutable.

DupConfigPtr() is now removed, and GetConfig() is exported instead.
---
 ext/openssl/ossl_config.c  | 38 +-------------------------------------
 ext/openssl/ossl_config.h  |  2 +-
 ext/openssl/ossl_x509ext.c |  3 +--
 3 files changed, 3 insertions(+), 40 deletions(-)

diff --git a/ext/openssl/ossl_config.c b/ext/openssl/ossl_config.c
index 52d96e1e..21c327b2 100644
--- a/ext/openssl/ossl_config.c
+++ b/ext/openssl/ossl_config.c
@@ -25,7 +25,7 @@ static const rb_data_type_t ossl_config_type = {
     0, 0, RUBY_TYPED_FREE_IMMEDIATELY,
 };
 
-static CONF *
+CONF *
 GetConfig(VALUE obj)
 {
     CONF *conf;
@@ -50,42 +50,6 @@ config_s_alloc(VALUE klass)
     return obj;
 }
 
-/*
- * DupConfigPtr is a public C-level function for getting OpenSSL CONF struct
- * from an OpenSSL::Config(eConfig) instance.  We decided to implement
- * OpenSSL::Config in Ruby level but we need to pass native CONF struct for
- * some OpenSSL features such as X509V3_EXT_*.
- */
-CONF *
-DupConfigPtr(VALUE obj)
-{
-    CONF *conf;
-    VALUE str;
-    BIO *bio;
-    long eline = -1;
-
-    OSSL_Check_Kind(obj, cConfig);
-    str = rb_funcall(obj, rb_intern("to_s"), 0);
-    bio = ossl_obj2bio(&str);
-    conf = NCONF_new(NULL);
-    if(!conf){
-	BIO_free(bio);
-	ossl_raise(eConfigError, NULL);
-    }
-    if(!NCONF_load_bio(conf, bio, &eline)){
-	BIO_free(bio);
-	NCONF_free(conf);
-	if (eline <= 0)
-	    ossl_raise(eConfigError, "wrong config format");
-	else
-	    ossl_raise(eConfigError, "error in line %d", eline);
-    }
-    BIO_free(bio);
-
-    return conf;
-}
-
-
 static void
 config_load_bio(CONF *conf, BIO *bio)
 {
diff --git a/ext/openssl/ossl_config.h b/ext/openssl/ossl_config.h
index c96a00f7..4e604f1a 100644
--- a/ext/openssl/ossl_config.h
+++ b/ext/openssl/ossl_config.h
@@ -10,7 +10,7 @@
 #ifndef OSSL_CONFIG_H
 #define OSSL_CONFIG_H
 
-CONF *DupConfigPtr(VALUE obj);
+CONF *GetConfig(VALUE obj);
 void Init_ossl_config(void);
 
 #endif /* OSSL_CONFIG_H */
diff --git a/ext/openssl/ossl_x509ext.c b/ext/openssl/ossl_x509ext.c
index 5eb9bd75..e54102c7 100644
--- a/ext/openssl/ossl_x509ext.c
+++ b/ext/openssl/ossl_x509ext.c
@@ -226,11 +226,10 @@ ossl_x509extfactory_create_ext(int argc, VALUE *argv, VALUE self)
     GetX509ExtFactory(self, ctx);
     obj = NewX509Ext(cX509Ext);
     rconf = rb_iv_get(self, "@config");
-    conf = NIL_P(rconf) ? NULL : DupConfigPtr(rconf);
+    conf = NIL_P(rconf) ? NULL : GetConfig(rconf);
     X509V3_set_nconf(ctx, conf);
     ext = X509V3_EXT_nconf_nid(conf, ctx, nid, RSTRING_PTR(valstr));
     X509V3_set_ctx_nodb(ctx);
-    NCONF_free(conf);
     if (!ext){
 	ossl_raise(eX509ExtError, "%"PRIsVALUE" = %"PRIsVALUE, oid, valstr);
     }
-- 
cgit v1.2.3