diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2016-05-05 16:00:49 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-05-14 17:06:50 +0900 |
commit | f2e3ad91380f799e1650c38b5bd6c24b7ed6fc5b (patch) | |
tree | 0bcc096b8079fd914b7f14f61f0c08e65b1e4290 | |
parent | b8a970578aa636de6d534547902749c09c7492da (diff) | |
download | ruby-f2e3ad91380f799e1650c38b5bd6c24b7ed6fc5b.tar.gz |
ext/openssl: register new ex_data index also for X509_STORE
X509_STORE_get_ex_new_index() is required in addition to
X509_STORE_CTX_get_ex_new_index() because they are independent.
-rw-r--r-- | ext/openssl/openssl_missing.c | 14 | ||||
-rw-r--r-- | ext/openssl/openssl_missing.h | 8 | ||||
-rw-r--r-- | ext/openssl/ossl.c | 15 | ||||
-rw-r--r-- | ext/openssl/ossl.h | 3 | ||||
-rw-r--r-- | ext/openssl/ossl_ssl.c | 2 | ||||
-rw-r--r-- | ext/openssl/ossl_x509store.c | 4 |
6 files changed, 20 insertions, 26 deletions
diff --git a/ext/openssl/openssl_missing.c b/ext/openssl/openssl_missing.c index bd8eef5ea9..31f2d0a5f9 100644 --- a/ext/openssl/openssl_missing.c +++ b/ext/openssl/openssl_missing.c @@ -34,20 +34,6 @@ HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in) #endif /* HAVE_HMAC_CTX_COPY */ #endif /* NO_HMAC */ -#if !defined(HAVE_X509_STORE_SET_EX_DATA) -int X509_STORE_set_ex_data(X509_STORE *str, int idx, void *data) -{ - return CRYPTO_set_ex_data(&str->ex_data, idx, data); -} -#endif - -#if !defined(HAVE_X509_STORE_GET_EX_DATA) -void *X509_STORE_get_ex_data(X509_STORE *str, int idx) -{ - return CRYPTO_get_ex_data(&str->ex_data, idx); -} -#endif - #if !defined(HAVE_EVP_MD_CTX_CREATE) EVP_MD_CTX * EVP_MD_CTX_create(void) diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h index 6cf45a0d82..7067f7d750 100644 --- a/ext/openssl/openssl_missing.h +++ b/ext/openssl/openssl_missing.h @@ -133,11 +133,15 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, EVP_CIPHER_CTX *in); #endif #if !defined(HAVE_X509_STORE_GET_EX_DATA) -void *X509_STORE_get_ex_data(X509_STORE *str, int idx); +# define X509_STORE_get_ex_data(x, idx) \ + CRYPTO_get_ex_data(&(x)->ex_data, idx) #endif #if !defined(HAVE_X509_STORE_SET_EX_DATA) -int X509_STORE_set_ex_data(X509_STORE *str, int idx, void *data); +# define X509_STORE_set_ex_data(x, idx, data) \ + CRYPTO_set_ex_data(&(x)->ex_data, idx, data) +# define X509_STORE_get_ex_new_index(l, p, newf, dupf, freef) \ + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE, l, p, newf, dupf, freef) #endif #if !defined(HAVE_X509_CRL_SET_VERSION) diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c index d03dfa7ad0..91e741367f 100644 --- a/ext/openssl/ossl.c +++ b/ext/openssl/ossl.c @@ -198,7 +198,8 @@ ossl_pem_passwd_cb(char *buf, int max_len, int flag, void *pwd) /* * Verify callback */ -int ossl_verify_cb_idx; +int ossl_store_ctx_ex_verify_cb_idx; +int ossl_store_ex_verify_cb_idx; VALUE ossl_call_verify_cb_proc(struct ossl_verify_cb_args *args) @@ -214,10 +215,10 @@ ossl_verify_cb(int ok, X509_STORE_CTX *ctx) struct ossl_verify_cb_args args; int state = 0; - proc = (VALUE)X509_STORE_CTX_get_ex_data(ctx, ossl_verify_cb_idx); - if ((void*)proc == 0) - proc = (VALUE)X509_STORE_get_ex_data(ctx->ctx, ossl_verify_cb_idx); - if ((void*)proc == 0) + proc = (VALUE)X509_STORE_CTX_get_ex_data(ctx, ossl_store_ctx_ex_verify_cb_idx); + if (!proc) + proc = (VALUE)X509_STORE_get_ex_data(ctx->ctx, ossl_store_ex_verify_cb_idx); + if (!proc) return ok; if (!NIL_P(proc)) { ret = Qfalse; @@ -1130,8 +1131,10 @@ Init_openssl(void) /* * Verify callback Proc index for ext-data */ - if ((ossl_verify_cb_idx = X509_STORE_CTX_get_ex_new_index(0, (void *)"ossl_verify_cb_idx", 0, 0, 0)) < 0) + if ((ossl_store_ctx_ex_verify_cb_idx = X509_STORE_CTX_get_ex_new_index(0, (void *)"ossl_store_ctx_ex_verify_cb_idx", 0, 0, 0)) < 0) ossl_raise(eOSSLError, "X509_STORE_CTX_get_ex_new_index"); + if ((ossl_store_ex_verify_cb_idx = X509_STORE_get_ex_new_index(0, (void *)"ossl_store_ex_verify_cb_idx", 0, 0, 0)) < 0) + ossl_raise(eOSSLError, "X509_STORE_get_ex_new_index"); /* * Init debug core diff --git a/ext/openssl/ossl.h b/ext/openssl/ossl.h index 3be01b0cb6..8e6f2ce7e3 100644 --- a/ext/openssl/ossl.h +++ b/ext/openssl/ossl.h @@ -167,7 +167,8 @@ VALUE ossl_exc_new(VALUE, const char *, ...); /* * Verify callback */ -extern int ossl_verify_cb_idx; +extern int ossl_store_ctx_ex_verify_cb_idx; +extern int ossl_store_ex_verify_cb_idx; struct ossl_verify_cb_args { VALUE proc; diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index 96c7990046..1ffceb0dc6 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -308,7 +308,7 @@ ossl_ssl_verify_callback(int preverify_ok, X509_STORE_CTX *ctx) ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()); cb = (VALUE)SSL_get_ex_data(ssl, ossl_ssl_ex_vcb_idx); - X509_STORE_CTX_set_ex_data(ctx, ossl_verify_cb_idx, (void*)cb); + X509_STORE_CTX_set_ex_data(ctx, ossl_store_ctx_ex_verify_cb_idx, (void*)cb); return ossl_verify_cb(preverify_ok, ctx); } diff --git a/ext/openssl/ossl_x509store.c b/ext/openssl/ossl_x509store.c index bb6fe14d87..ab4df5129c 100644 --- a/ext/openssl/ossl_x509store.c +++ b/ext/openssl/ossl_x509store.c @@ -130,7 +130,7 @@ ossl_x509store_set_vfy_cb(VALUE self, VALUE cb) X509_STORE *store; GetX509Store(self, store); - X509_STORE_set_ex_data(store, ossl_verify_cb_idx, (void*)cb); + X509_STORE_set_ex_data(store, ossl_store_ex_verify_cb_idx, (void*)cb); rb_iv_set(self, "@verify_callback", cb); return cb; @@ -467,7 +467,7 @@ ossl_x509stctx_verify(VALUE self) int result; GetX509StCtx(self, ctx); - X509_STORE_CTX_set_ex_data(ctx, ossl_verify_cb_idx, + X509_STORE_CTX_set_ex_data(ctx, ossl_store_ctx_ex_verify_cb_idx, (void*)rb_iv_get(self, "@verify_callback")); result = X509_verify_cert(ctx); |