aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKazuki Yamaguchi <k@rhe.jp>2016-04-20 17:13:41 +0900
committerKazuki Yamaguchi <k@rhe.jp>2016-04-27 23:07:41 +0900
commit94cdf4aa2f4aa0dcacaca5127b4c8beb009d9e9f (patch)
treefcbfb0a585b42f059ca1cd1ef0621a6f5a8c2e5c
parent578935718790e8137dd3afd5c5b10c23bbeec51f (diff)
downloadruby-94cdf4aa2f4aa0dcacaca5127b4c8beb009d9e9f.tar.gz
ext/openssl: OCSP_SINGLERESP and OCSP_CERTID are also made opaque
-rw-r--r--ext/openssl/extconf.rb1
-rw-r--r--ext/openssl/openssl_missing.h4
-rw-r--r--ext/openssl/ossl_ocsp.c10
3 files changed, 11 insertions, 4 deletions
diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb
index acfc09d..3dc53a6 100644
--- a/ext/openssl/extconf.rb
+++ b/ext/openssl/extconf.rb
@@ -104,6 +104,7 @@ have_func("HMAC_CTX_reset")
have_func("RAND_pseudo_bytes", ["openssl/rand.h"], "-Werror=deprecated-declarations")
have_func("X509_STORE_get_ex_data")
have_func("X509_STORE_set_ex_data")
+have_func("OCSP_SINGLERESP_get0_id")
have_struct_member("X509_ATTRIBUTE", "single", "openssl/x509.h")
Logging::message "=== Checking done. ===\n"
diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h
index 7227c46..e1ea7d8 100644
--- a/ext/openssl/openssl_missing.h
+++ b/ext/openssl/openssl_missing.h
@@ -69,6 +69,10 @@ void *X509_STORE_get_ex_data(X509_STORE *str, int idx);
int X509_STORE_set_ex_data(X509_STORE *str, int idx, void *data);
#endif
+#if !defined(HAVE_OCSP_SINGLERESP_GET0_ID)
+# define OCSP_SINGLERESP_get0_id(s) ((s)->certId)
+#endif
+
#if defined(__cplusplus)
}
#endif
diff --git a/ext/openssl/ossl_ocsp.c b/ext/openssl/ossl_ocsp.c
index a3a32bf..7dde73a 100644
--- a/ext/openssl/ossl_ocsp.c
+++ b/ext/openssl/ossl_ocsp.c
@@ -706,8 +706,8 @@ ossl_ocspbres_add_status(VALUE self, VALUE cid, VALUE status,
if(!NIL_P(ext)){
X509_EXTENSION *x509ext;
- sk_X509_EXTENSION_pop_free(single->singleExtensions, X509_EXTENSION_free);
- single->singleExtensions = NULL;
+ while ((x509ext = OCSP_SINGLERESP_delete_ext(single, 0)))
+ X509_EXTENSION_free(x509ext);
for(i = 0; i < RARRAY_LEN(ext); i++){
x509ext = DupX509ExtPtr(RARRAY_AREF(ext, i));
if(!OCSP_SINGLERESP_add_ext(single, x509ext, -1)){
@@ -762,7 +762,7 @@ ossl_ocspbres_get_status(VALUE self)
status = OCSP_single_get0_status(single, &reason, &revtime,
&thisupd, &nextupd);
if(status < 0) continue;
- if(!(cid = OCSP_CERTID_dup(single->certId)))
+ if(!(cid = OCSP_CERTID_dup(OCSP_SINGLERESP_get0_id(single))))
ossl_raise(eOCSPError, NULL);
ary = rb_ary_new();
rb_ary_push(ary, ossl_ocspcertid_new(cid));
@@ -961,10 +961,12 @@ static VALUE
ossl_ocspcid_get_serial(VALUE self)
{
OCSP_CERTID *id;
+ ASN1_INTEGER *serial;
GetOCSPCertId(self, id);
+ OCSP_id_get0_info(NULL, NULL, NULL, &serial, id);
- return asn1integer_to_num(id->serialNumber);
+ return asn1integer_to_num(serial);
}
void