ext/openssl: small cleanups

Including the following changes.

* Remove function prototype:
  - ossl_call_verify_cb_proc()
  - ossl_x509_ary2sk0()
  - Init_openssl()

* Remove macro definition:
  - OSSL_Check_Instance()
  - OSSL_Check_Same_Class()

* Use OSSL_MIN_PWD_LEN instead of magic number 4

5 files changed, 24 insertions, 27 deletions

diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c
index d03dfa7ad0..71ef09bc9f 100644
--- a/ext/openssl/ossl.c
+++ b/ext/openssl/ossl.c
@@ -136,6 +136,8 @@ ossl_buf2str(char *buf, int len)
     VALUE str;
     int status = 0;
 
+    /* This is needed because rb_str_new() may raise. In that case, we can't
+     * free buf. */
     str = rb_protect((VALUE(*)_((VALUE)))ossl_str_new, len, &status);
     if(!NIL_P(str)) memcpy(RSTRING_PTR(str), buf, len);
     OPENSSL_free(buf);
@@ -181,8 +183,8 @@ ossl_pem_passwd_cb(char *buf, int max_len, int flag, void *pwd)
 	    return -1;
 	}
 	len = RSTRING_LENINT(pass);
-	if (len < 4) { /* 4 is OpenSSL hardcoded limit */
-	    rb_warning("password must be longer than 4 bytes");
+	if (len < OSSL_MIN_PWD_LEN) {
+	    rb_warning("password must be longer than %d bytes", OSSL_MIN_PWD_LEN);
 	    continue;
 	}
 	if (len > max_len) {
@@ -200,7 +202,7 @@ ossl_pem_passwd_cb(char *buf, int max_len, int flag, void *pwd)
  */
 int ossl_verify_cb_idx;
 
-VALUE
+static VALUE
 ossl_call_verify_cb_proc(struct ossl_verify_cb_args *args)
 {
     return rb_funcall(args->proc, rb_intern("call"), 2,
diff --git a/ext/openssl/ossl.h b/ext/openssl/ossl.h
index 3be01b0cb6..ea9f3be50d 100644
--- a/ext/openssl/ossl.h
+++ b/ext/openssl/ossl.h
@@ -97,21 +97,8 @@ extern VALUE eOSSLError;
  */
 #define OSSL_Check_Kind(obj, klass) do {\
   if (!rb_obj_is_kind_of((obj), (klass))) {\
-    ossl_raise(rb_eTypeError, "wrong argument (%"PRIsVALUE")! (Expected kind of %"PRIsVALUE")",\
-               rb_obj_class(obj), (klass));\
-  }\
-} while (0)
-
-#define OSSL_Check_Instance(obj, klass) do {\
-  if (!rb_obj_is_instance_of((obj), (klass))) {\
-    ossl_raise(rb_eTypeError, "wrong argument (%"PRIsVALUE")! (Expected instance of %"PRIsVALUE")",\
-               rb_obj_class(obj), (klass));\
-  }\
-} while (0)
-
-#define OSSL_Check_Same_Class(obj1, obj2) do {\
-  if (!rb_obj_is_instance_of((obj1), rb_obj_class(obj2))) {\
-    ossl_raise(rb_eTypeError, "wrong argument type");\
+    rb_raise(rb_eTypeError, "wrong argument (%"PRIsVALUE")! (Expected kind of %"PRIsVALUE")",\
+	     rb_obj_class(obj), (klass));\
   }\
 } while (0)
 
@@ -130,13 +117,19 @@ int string2hex(const unsigned char *, int, char **, int *);
 /*
  * Data Conversion
  */
-STACK_OF(X509) *ossl_x509_ary2sk0(VALUE);
+/* Convert STACK_OF(xx) <-> Array */
 STACK_OF(X509) *ossl_x509_ary2sk(VALUE);
 STACK_OF(X509) *ossl_protect_x509_ary2sk(VALUE,int*);
 VALUE ossl_x509_sk2ary(STACK_OF(X509) *certs);
 VALUE ossl_x509crl_sk2ary(STACK_OF(X509_CRL) *crl);
 VALUE ossl_x509name_sk2ary(STACK_OF(X509_NAME) *names);
+/* Create a new String and copy buf into it. buf will be freed. */
 VALUE ossl_buf2str(char *buf, int len);
+/* Adjust String length. We call OpenSSL's i2d_ functions with NULL buffer first
+ * to estimate the length, and we allocate a String and then call these
+ * functions with pointer of +p+. However the estimated length can be inaccurate.
+ * OpenSSL increments +p+ to point just after the data written. See the manpage
+ * of i2d_X509 for details */
 #define ossl_str_adjust(str, p) \
 do{\
     long len = RSTRING_LEN(str);\
@@ -154,8 +147,10 @@ int ossl_pem_passwd_cb(char *, int, int, void *);
  * Clear BIO* with this in PEM/DER fallback scenarios to avoid decoding
  * errors piling up in OpenSSL::Errors
  */
-#define OSSL_BIO_reset(bio)	(void)BIO_reset((bio)); \
-				ERR_clear_error();
+#define OSSL_BIO_reset(bio) do { \
+	(void)BIO_reset((bio)); \
+	ERR_clear_error(); \
+} while (0)
 
 /*
  * ERRor messages
@@ -175,7 +170,6 @@ struct ossl_verify_cb_args {
     VALUE store_ctx;
 };
 
-VALUE ossl_call_verify_cb_proc(struct ossl_verify_cb_args *);
 int ossl_verify_cb(int, X509_STORE_CTX *);
 
 /*
@@ -239,8 +233,6 @@ void ossl_debug(const char *, ...);
 #include "ossl_x509.h"
 #include "ossl_engine.h"
 
-void Init_openssl(void);
-
 #if defined(__cplusplus)
 }
 #endif
diff --git a/ext/openssl/ossl_pkey_dsa.c b/ext/openssl/ossl_pkey_dsa.c
index 04900cc649..2ff8f7896e 100644
--- a/ext/openssl/ossl_pkey_dsa.c
+++ b/ext/openssl/ossl_pkey_dsa.c
@@ -323,7 +323,8 @@ ossl_dsa_export(int argc, VALUE *argv, VALUE self)
 	if (!NIL_P(pass)) {
 	    StringValue(pass);
 	    if (RSTRING_LENINT(pass) < OSSL_MIN_PWD_LEN)
-		ossl_raise(eOSSLError, "OpenSSL requires passwords to be at least four characters long");
+		ossl_raise(eOSSLError, "OpenSSL requires passwords to be at "
+			   "least %d characters long", OSSL_MIN_PWD_LEN);
 	    passwd = RSTRING_PTR(pass);
 	}
     }
diff --git a/ext/openssl/ossl_pkey_ec.c b/ext/openssl/ossl_pkey_ec.c
index c93e3cfb99..19a7617e4a 100644
--- a/ext/openssl/ossl_pkey_ec.c
+++ b/ext/openssl/ossl_pkey_ec.c
@@ -499,7 +499,8 @@ static VALUE ossl_ec_key_to_string(VALUE self, VALUE ciph, VALUE pass, int forma
 		if (!NIL_P(pass)) {
 		    StringValue(pass);
 		    if (RSTRING_LENINT(pass) < OSSL_MIN_PWD_LEN)
-			ossl_raise(eOSSLError, "OpenSSL requires passwords to be at least four characters long");
+			ossl_raise(eOSSLError, "OpenSSL requires passwords to be at "
+				   "least %d characters long", OSSL_MIN_PWD_LEN);
 		    password = RSTRING_PTR(pass);
 		}
 	    }
diff --git a/ext/openssl/ossl_pkey_rsa.c b/ext/openssl/ossl_pkey_rsa.c
index 20b993abb8..270b2b1882 100644
--- a/ext/openssl/ossl_pkey_rsa.c
+++ b/ext/openssl/ossl_pkey_rsa.c
@@ -318,7 +318,8 @@ ossl_rsa_export(int argc, VALUE *argv, VALUE self)
 	if (!NIL_P(pass)) {
 	    StringValue(pass);
 	    if (RSTRING_LENINT(pass) < OSSL_MIN_PWD_LEN)
-		ossl_raise(eOSSLError, "OpenSSL requires passwords to be at least four characters long");
+		ossl_raise(eOSSLError, "OpenSSL requires passwords to be at "
+			   "least %d characters long", OSSL_MIN_PWD_LEN);
 	    passwd = RSTRING_PTR(pass);
 	}
     }