From 96211a3e4ed8242832b74f166d6435144438bd43 Mon Sep 17 00:00:00 2001
From: Kazuki Yamaguchi <k@rhe.jp>
Date: Fri, 21 Jul 2017 15:35:46 +0900
Subject: ossl_pem_passwd_cb: handle nil from the block explicitly

There is code that returns nil in the passphrase block on purpose (to
prevent OpenSSL from prompting on stdin):

	OpenSSL::PKey.read(File.read("file.pem")) { nil }

This is working just by chance because the TypeError from StringValue()
is silently ignored. Let's short circuit in that case and save raising
a needless exception, as this pattern has become too common.
---
 test/test_pkey_rsa.rb | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'test')

diff --git a/test/test_pkey_rsa.rb b/test/test_pkey_rsa.rb
index 381e7603..93760f74 100644
--- a/test/test_pkey_rsa.rb
+++ b/test/test_pkey_rsa.rb
@@ -248,6 +248,9 @@ class OpenSSL::TestPKeyRSA < OpenSSL::PKeyTestCase
     assert_match (/ENCRYPTED/), pem3c
     assert_equal key.to_der, OpenSSL::PKey.read(pem3c, "key").to_der
     assert_equal key.to_der, OpenSSL::PKey.read(pem3c) { "key" }.to_der
+    assert_raise(OpenSSL::PKey::PKeyError) {
+      OpenSSL::PKey.read(pem3c) { nil }
+    }
   end
 
   def test_dup
-- 
cgit v1.2.3