diff options
| author | Kazuki Yamaguchi <k@rhe.jp> | 2016-04-20 17:13:41 +0900 |
|---|---|---|
| committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-04-27 23:07:41 +0900 |
| commit | 94cdf4aa2f4aa0dcacaca5127b4c8beb009d9e9f (patch) | |
| tree | fcbfb0a585b42f059ca1cd1ef0621a6f5a8c2e5c | |
| parent | 578935718790e8137dd3afd5c5b10c23bbeec51f (diff) | |
| download | ruby-94cdf4aa2f4aa0dcacaca5127b4c8beb009d9e9f.tar.gz | |
ext/openssl: OCSP_SINGLERESP and OCSP_CERTID are also made opaque
| -rw-r--r-- | ext/openssl/extconf.rb | 1 | ||||
| -rw-r--r-- | ext/openssl/openssl_missing.h | 4 | ||||
| -rw-r--r-- | ext/openssl/ossl_ocsp.c | 10 |
3 files changed, 11 insertions, 4 deletions
diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index acfc09d376..3dc53a63b6 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -104,6 +104,7 @@ have_func("HMAC_CTX_reset") have_func("RAND_pseudo_bytes", ["openssl/rand.h"], "-Werror=deprecated-declarations") have_func("X509_STORE_get_ex_data") have_func("X509_STORE_set_ex_data") +have_func("OCSP_SINGLERESP_get0_id") have_struct_member("X509_ATTRIBUTE", "single", "openssl/x509.h") Logging::message "=== Checking done. ===\n" diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h index 7227c4611e..e1ea7d8001 100644 --- a/ext/openssl/openssl_missing.h +++ b/ext/openssl/openssl_missing.h @@ -69,6 +69,10 @@ void *X509_STORE_get_ex_data(X509_STORE *str, int idx); int X509_STORE_set_ex_data(X509_STORE *str, int idx, void *data); #endif +#if !defined(HAVE_OCSP_SINGLERESP_GET0_ID) +# define OCSP_SINGLERESP_get0_id(s) ((s)->certId) +#endif + #if defined(__cplusplus) } #endif diff --git a/ext/openssl/ossl_ocsp.c b/ext/openssl/ossl_ocsp.c index a3a32bf135..7dde73afba 100644 --- a/ext/openssl/ossl_ocsp.c +++ b/ext/openssl/ossl_ocsp.c @@ -706,8 +706,8 @@ ossl_ocspbres_add_status(VALUE self, VALUE cid, VALUE status, if(!NIL_P(ext)){ X509_EXTENSION *x509ext; - sk_X509_EXTENSION_pop_free(single->singleExtensions, X509_EXTENSION_free); - single->singleExtensions = NULL; + while ((x509ext = OCSP_SINGLERESP_delete_ext(single, 0))) + X509_EXTENSION_free(x509ext); for(i = 0; i < RARRAY_LEN(ext); i++){ x509ext = DupX509ExtPtr(RARRAY_AREF(ext, i)); if(!OCSP_SINGLERESP_add_ext(single, x509ext, -1)){ @@ -762,7 +762,7 @@ ossl_ocspbres_get_status(VALUE self) status = OCSP_single_get0_status(single, &reason, &revtime, &thisupd, &nextupd); if(status < 0) continue; - if(!(cid = OCSP_CERTID_dup(single->certId))) + if(!(cid = OCSP_CERTID_dup(OCSP_SINGLERESP_get0_id(single)))) ossl_raise(eOCSPError, NULL); ary = rb_ary_new(); rb_ary_push(ary, ossl_ocspcertid_new(cid)); @@ -961,10 +961,12 @@ static VALUE ossl_ocspcid_get_serial(VALUE self) { OCSP_CERTID *id; + ASN1_INTEGER *serial; GetOCSPCertId(self, id); + OCSP_id_get0_info(NULL, NULL, NULL, &serial, id); - return asn1integer_to_num(id->serialNumber); + return asn1integer_to_num(serial); } void |