diff options
author | gotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2003-09-17 09:05:02 +0000 |
---|---|---|
committer | gotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2003-09-17 09:05:02 +0000 |
commit | 30103702c367c5cdaa18b6a622f3916cec6c701e (patch) | |
tree | c236089aa9c6b4183729735e221606a9b536d217 /ext/openssl/ossl_ocsp.c | |
parent | 12196ee24fce0e601106036e67526819cac07291 (diff) | |
download | ruby-30103702c367c5cdaa18b6a622f3916cec6c701e.tar.gz |
* ext/openssl: all files are reviewed to simplify and avoid memory leak.
* ext/openssl/extconf.rb: add check for assert.h.
* ext/openssl/ossl.c (ossl_buf2str): new function to convert
C buffer to String and free buffer.
* ext/openssl/ossl.c (ossl_x509_ary2sk): new function to convert
Array of OpenSSL::X509 to STACK_OF(X509) with exception safe.
* ext/openssl/ossl.c (ossl_to_der, ossl_to_der_if_possible): new
functions to convert object to DER string.
* ext/openssl/ossl.h: ditto.
* ext/openssl/ossl_bio.c (ossl_membio2str): new function to convert
BIO to String object and free BIO.
* ext/openssl/ossl_bio.h: ditto.
* ext/openssl/ossl_pkcs7.c (ossl_pkcs7_to_der): add for "to_der".
* ext/openssl/ossl_x509name.c (ossl_x509name_to_der): ditto.
* ext/openssl/ossl_x509ext.c (ossl_x509ext_to_der): ditto.
* ext/openssl/ossl_x509ext.c (create_ext_from_array): removed
and reimplement in openssl/x509.rb.
* ext/openssl/ossl_x509attr.c: reimplemented and disable some
method temporarily. this class doesn't work fine without ASN.1
data support;-) I'll rewrite in near future.
* ext/openssl/lib/openssl/x509.c (X509::Attribute): get rid off
unused code.
* ext/openssl/lib/openssl/x509.c (X509::ExtensionFactory): refine all.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4558 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext/openssl/ossl_ocsp.c')
-rw-r--r-- | ext/openssl/ossl_ocsp.c | 70 |
1 files changed, 36 insertions, 34 deletions
diff --git a/ext/openssl/ossl_ocsp.c b/ext/openssl/ossl_ocsp.c index 57d9cbee18..836bacfbc1 100644 --- a/ext/openssl/ossl_ocsp.c +++ b/ext/openssl/ossl_ocsp.c @@ -103,16 +103,16 @@ static VALUE ossl_ocspreq_initialize(int argc, VALUE *argv, VALUE self) { VALUE arg; - BIO *bio; + unsigned char *p; rb_scan_args(argc, argv, "01", &arg); if(!NIL_P(arg)){ - bio = ossl_obj2bio(arg); - if(!d2i_OCSP_REQUEST_bio(bio, (OCSP_REQUEST**)&DATA_PTR(self))){ - BIO_free(bio); + arg = ossl_to_der_if_possible(arg); + p = (unsigned char*)RSTRING(arg)->ptr; + if(!d2i_OCSP_REQUEST((OCSP_REQUEST**)&DATA_PTR(self), &p, + RSTRING(arg)->len)){ ossl_raise(eOCSPError, "cannot load DER encoded request"); } - BIO_free(bio); } return self; @@ -210,7 +210,7 @@ ossl_ocspreq_sign(int argc, VALUE *argv, VALUE self) EVP_PKEY *key; STACK_OF(X509) *x509s; unsigned long flg; - int ret, status = 0; + int ret; rb_scan_args(argc, argv, "22", &signer_cert, &signer_key, &certs, &flags); GetOCSPReq(self, req); @@ -221,11 +221,7 @@ ossl_ocspreq_sign(int argc, VALUE *argv, VALUE self) x509s = sk_X509_new_null(); flags |= OCSP_NOCERTS; } - else x509s = ossl_protect_x509_ary2sk(certs, &status); - if(status){ - sk_X509_pop_free(x509s, X509_free); - rb_jump_tag(status); - } + else x509s = ossl_x509_ary2sk(certs); ret = OCSP_request_sign(req, signer, key, EVP_sha1(), x509s, flg); sk_X509_pop_free(x509s, X509_free); if(!ret) ossl_raise(eOCSPError, NULL); @@ -258,16 +254,19 @@ static VALUE ossl_ocspreq_to_der(VALUE self) { OCSP_REQUEST *req; - BIO *bio; VALUE str; - int status = 0; + unsigned char *p; + long len; GetOCSPReq(self, req); - if(!(bio = BIO_new(BIO_s_mem()))) rb_raise(eOCSPError, NULL); - i2d_OCSP_REQUEST_bio(bio, req); - str = ossl_protect_membio2str(bio, &status); - BIO_free(bio); - if(status) rb_jump_tag(status); + + if((len = i2d_OCSP_REQUEST(req, NULL)) <= 0) + ossl_raise(eOCSPError, NULL); + str = rb_str_new(0, len); + p = RSTRING(str)->ptr; + if(i2d_OCSP_REQUEST(req, &p) <= 0) + ossl_raise(eOCSPError, NULL); + ossl_str_adjust(str, p); return str; } @@ -308,15 +307,17 @@ static VALUE ossl_ocspres_initialize(int argc, VALUE *argv, VALUE self) { VALUE arg; - BIO *bio; + unsigned char *p; rb_scan_args(argc, argv, "01", &arg); - bio = ossl_obj2bio(arg); - if(!d2i_OCSP_RESPONSE_bio(bio, (OCSP_RESPONSE**)&DATA_PTR(self))){ - BIO_free(bio); - ossl_raise(eOCSPError, "cannot load DER encoded response"); + if(!NIL_P(arg)){ + arg = ossl_to_der_if_possible(arg); + p = RSTRING(arg)->ptr; + if(!d2i_OCSP_RESPONSE((OCSP_RESPONSE**)&DATA_PTR(self), &p, + RSTRING(arg)->len)){ + ossl_raise(eOCSPError, "cannot load DER encoded response"); + } } - BIO_free(bio); return self; } @@ -364,16 +365,18 @@ static VALUE ossl_ocspres_to_der(VALUE self) { OCSP_RESPONSE *res; - BIO *bio; VALUE str; - int status = 0; + long len; + unsigned char *p; GetOCSPRes(self, res); - if(!(bio = BIO_new(BIO_s_mem()))) rb_raise(eOCSPError, NULL); - i2d_OCSP_RESPONSE_bio(bio, res); - str = ossl_protect_membio2str(bio, &status); - BIO_free(bio); - if(status) rb_jump_tag(status); + if((len = i2d_OCSP_RESPONSE(res, NULL)) <= 0) + ossl_raise(eOCSPError, NULL); + str = rb_str_new(0, len); + p = RSTRING(str)->ptr; + if(i2d_OCSP_RESPONSE(res, NULL) <= 0) + ossl_raise(eOCSPError, NULL); + ossl_str_adjust(str, p); return str; } @@ -556,7 +559,7 @@ ossl_ocspbres_sign(int argc, VALUE *argv, VALUE self) EVP_PKEY *key; STACK_OF(X509) *x509s; unsigned long flg; - int ret, status = 0; + int ret; rb_scan_args(argc, argv, "22", &signer_cert, &signer_key, &certs, &flags); GetOCSPBasicRes(self, bs); @@ -568,8 +571,7 @@ ossl_ocspbres_sign(int argc, VALUE *argv, VALUE self) flg |= OCSP_NOCERTS; } else{ - x509s = ossl_protect_x509_ary2sk(certs, &status); - if(status) rb_jump_tag(status); + x509s = ossl_x509_ary2sk(certs); } ret = OCSP_basic_sign(bs, signer, key, EVP_sha1(), x509s, flg); sk_X509_pop_free(x509s, X509_free); |