wip wip wip

author: Kazuki Yamaguchi <k@rhe.jp> 2016-04-10 11:46:12 +0900
committer: Kazuki Yamaguchi <k@rhe.jp> 2016-04-21 00:46:34 +0900
commit: a475d88bbb23fe15acc7154c39b10b735569b14c (patch)
tree: 3d13f53523202b45da21c9d97d5ba7b4a08e641e
parent: 07cfbe5c1dbd7c7fe98bda4701426c86fc76a8a0 (diff)
download: ruby-a475d88bbb23fe15acc7154c39b10b735569b14c.tar.gz
8 files changed, 65 insertions, 11 deletions
diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb
index a75855ddf7..4c9ba35169 100644
--- a/ext/openssl/extconf.rb
+++ b/ext/openssl/extconf.rb
@@ -107,6 +107,9 @@ have_func("X509_CRL_set_issuer_name")
 have_func("X509_CRL_set_version")
 have_func("X509_CRL_sort")
 have_func("X509_CRL_get0_signature")
+have_func("X509_REQ_get0_signature")
+have_func("X509_REVOKED_get0_serialNumber")
+have_func("X509_REVOKED_set_serialNumber")
 have_func("X509_NAME_hash_old")
 have_func("X509_STORE_get_ex_data")
 have_func("X509_STORE_set_ex_data")
diff --git a/ext/openssl/openssl_missing.c b/ext/openssl/openssl_missing.c
index 145ecfe5da..ac7202ee4a 100644
--- a/ext/openssl/openssl_missing.c
+++ b/ext/openssl/openssl_missing.c
@@ -514,3 +514,34 @@ X509_CRL_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, X509_CRL *crl
 	*palg = &crl->sig_alg;
 }
 #endif
+
+#if !defined(X509_REQ_GET0_SIGNATURE)
+void
+X509_REQ_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, X509_REQ req)
+{
+    if (psig != NULL)
+	*psig = &req->signature;
+    if (palg != NULL)
+	*palg = &ret->sig_alg;
+}
+#endif
+
+#if !defined(X509_REVOKED_GET0_SERIALNUMBER)
+ASN1_INTEGER *
+X509_REVOKED_get0_serialNumber(X509_REVOKED *x)
+{
+    return &x->serialNumber;
+}
+#endif
+
+#if !defined(X509_REVOKED_SET_SERIALNUMBER)
+int
+X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial)
+{
+    ASN1_INTEGER *in = x->serialNumber;
+    if (in != serial)
+        return ASN1_STRING_copy(in, serial);
+    return 1;
+}
+#endif
+
diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h
index ef0e301e99..f5d7622d4b 100644
--- a/ext/openssl/openssl_missing.h
+++ b/ext/openssl/openssl_missing.h
@@ -221,6 +221,18 @@ void X509_CRL_up_ref(X509_CRL *crl);
 void X509_CRL_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, X509_CRL *crl);
 #endif
 
+#if !defined(X509_REQ_GET0_SIGNATURE)
+void X509_REQ_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, X509_REQ *req);
+#endif
+
+#if !defined(X509_REVOKED_GET0_SERIALNUMBER)
+ASN1_INTEGER *X509_REVOKED_get0_serialNumber(X509_REVOKED *x);
+#endif
+
+#if !defined(X509_REVOKED_SET_SERIALNUMBER)
+int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial);
+#endif
+
 #if defined(__cplusplus)
 }
 #endif
diff --git a/ext/openssl/ossl_asn1.c b/ext/openssl/ossl_asn1.c
index 89da5949b8..9df4eee1d4 100644
--- a/ext/openssl/ossl_asn1.c
+++ b/ext/openssl/ossl_asn1.c
@@ -347,14 +347,15 @@ obj_to_asn1derstr(VALUE obj)
 static VALUE
 decode_bool(unsigned char* der, long length)
 {
-    int val;
     const unsigned char *p;
 
     p = der;
-    if((val = d2i_ASN1_BOOLEAN(NULL, &p, length)) < 0)
-	ossl_raise(eASN1Error, NULL);
+    if (*p++ != 1)
+	ossl_raise(eASN1Error, "not boolean");
+    if (*p++ != 1)
+	ossl_raise(eASN1Error, "length is not 1");
 
-    return val ? Qtrue : Qfalse;
+    return *p ? Qtrue : Qfalse;
 }
 
 static VALUE
diff --git a/ext/openssl/ossl_x509ext.c b/ext/openssl/ossl_x509ext.c
index 70a117cc4a..25a6827253 100644
--- a/ext/openssl/ossl_x509ext.c
+++ b/ext/openssl/ossl_x509ext.c
@@ -424,7 +424,7 @@ ossl_x509ext_get_value(VALUE obj)
     if (!(out = BIO_new(BIO_s_mem())))
 	ossl_raise(eX509ExtError, NULL);
     if (!X509V3_EXT_print(out, ext, 0, 0))
-	M_ASN1_OCTET_STRING_print(out, ext->value);
+	ASN1_STRING_print(out, (ASN1_STRING *)X509_EXTENSION_get_data(ext));
     ret = ossl_membio2str(out);
 
     return ret;
diff --git a/ext/openssl/ossl_x509name.c b/ext/openssl/ossl_x509name.c
index a0e28e29ec..ff307c0626 100644
--- a/ext/openssl/ossl_x509name.c
+++ b/ext/openssl/ossl_x509name.c
@@ -282,6 +282,7 @@ ossl_x509name_to_a(VALUE self)
     char long_name[512];
     const char *short_name;
     VALUE ary, vname, ret;
+    ASN1_STRING *value;
 
     GetX509Name(self, name);
     entries = X509_NAME_entry_count(name);
@@ -294,7 +295,8 @@ ossl_x509name_to_a(VALUE self)
 	if (!(entry = X509_NAME_get_entry(name, i))) {
 	    ossl_raise(eX509NameError, NULL);
 	}
-	if (!i2t_ASN1_OBJECT(long_name, sizeof(long_name), entry->object)) {
+	if (!i2t_ASN1_OBJECT(long_name, sizeof(long_name),
+			     X509_NAME_ENTRY_get_object(entry))) {
 	    ossl_raise(eX509NameError, NULL);
 	}
 	nid = OBJ_ln2nid(long_name);
@@ -304,10 +306,11 @@ ossl_x509name_to_a(VALUE self)
 	    short_name = OBJ_nid2sn(nid);
 	    vname = rb_str_new2(short_name); /*do not free*/
 	}
+	value = X509_NAME_ENTRY_get_data(entry);
 	ary = rb_ary_new3(3,
 			  vname,
-        		  rb_str_new((const char *)entry->value->data, entry->value->length),
-        		  INT2FIX(entry->value->type));
+			  rb_str_new((const char *)value->data, value->length),
+			  INT2FIX(value->type));
 	rb_ary_push(ret, ary);
     }
     return ret;
diff --git a/ext/openssl/ossl_x509req.c b/ext/openssl/ossl_x509req.c
index e5ce088a15..516ee3009f 100644
--- a/ext/openssl/ossl_x509req.c
+++ b/ext/openssl/ossl_x509req.c
@@ -302,6 +302,7 @@ static VALUE
 ossl_x509req_get_signature_algorithm(VALUE self)
 {
     X509_REQ *req;
+    X509_ALGOR *alg;
     BIO *out;
     BUF_MEM *buf;
     VALUE str;
@@ -311,7 +312,8 @@ ossl_x509req_get_signature_algorithm(VALUE self)
     if (!(out = BIO_new(BIO_s_mem()))) {
 	ossl_raise(eX509ReqError, NULL);
     }
-    if (!i2a_ASN1_OBJECT(out, req->sig_alg->algorithm)) {
+    X509_REQ_get0_signature(NULL, &alg, req);
+    if (!i2a_ASN1_OBJECT(out, alg->algorithm)) {
 	BIO_free(out);
 	ossl_raise(eX509ReqError, NULL);
     }
diff --git a/ext/openssl/ossl_x509revoked.c b/ext/openssl/ossl_x509revoked.c
index 46250e1225..0236738a7c 100644
--- a/ext/openssl/ossl_x509revoked.c
+++ b/ext/openssl/ossl_x509revoked.c
@@ -116,16 +116,18 @@ ossl_x509revoked_get_serial(VALUE self)
 
     GetX509Rev(self, rev);
 
-    return asn1integer_to_num(rev->serialNumber);
+    return asn1integer_to_num(X509_REVOKED_get0_serialNumber(rev));
 }
 
 static VALUE
 ossl_x509revoked_set_serial(VALUE self, VALUE num)
 {
     X509_REVOKED *rev;
+    ASN1_INTEGER *ai;
 
     GetX509Rev(self, rev);
-    rev->serialNumber = num_to_asn1integer(num, rev->serialNumber);
+    ai = X509_REVOKED_get0_serialNumber(rev);
+    X509_REVOKED_set_serialNumber(rev, num_to_asn1integer(num, ai));
 
     return num;
 }
author	Kazuki Yamaguchi <k@rhe.jp>	2016-04-10 11:46:12 +0900
committer	Kazuki Yamaguchi <k@rhe.jp>	2016-04-21 00:46:34 +0900
commit	a475d88bbb23fe15acc7154c39b10b735569b14c (patch)
tree	3d13f53523202b45da21c9d97d5ba7b4a08e641e
parent	07cfbe5c1dbd7c7fe98bda4701426c86fc76a8a0 (diff)
download	ruby-a475d88bbb23fe15acc7154c39b10b735569b14c.tar.gz