diff options
| author | Kazuki Yamaguchi <k@rhe.jp> | 2016-05-18 01:06:14 +0900 |
|---|---|---|
| committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-05-18 13:05:33 +0900 |
| commit | e0bf4c6884a6e3f92998fa34a13ec4a15a464516 (patch) | |
| tree | d2b44188726eae2ab06a875f2a1a1779aad28ed5 /test/openssl/test_pkey_ec.rb | |
| parent | f7bfb15529d25cf247dcaaa8ccad431c11779c3e (diff) | |
| download | ruby-topic/openssl-clear-error-queue.tar.gz | |
openssl: clear OpenSSL error queue before return to Rubytopic/openssl-clear-error-queue
* ext/openssl/ossl_x509cert.c (ossl_x509_verify): X509_verify()
family may put errors on 0 return (0 means verification failure).
Clear OpenSSL error queue before return to Ruby. Since the queue is
thread global, remaining errors in the queue can cause an unexpected
error in the next OpenSSL operation. [ruby-core:48284] [Bug #7215]
* ext/openssl/ossl_x509crl.c (ossl_x509crl_verify): ditto.
* ext/openssl/ossl_x509req.c (ossl_x509req_verify): ditto.
* ext/openssl/ossl_x509store.c (ossl_x509stctx_verify): ditto.
* ext/openssl/ossl_pkey_dh.c (dh_generate): clear the OpenSSL error
queue before re-raising exception.
* ext/openssl/ossl_pkey_dsa.c (dsa_generate): ditto.
* ext/openssl/ossl_pkey_rsa.c (rsa_generate): ditto.
* ext/openssl/ossl_ssl.c (ossl_start_ssl): ditto.
* test/openssl: check that OpenSSL.errors is empty every time after
running a test case.
Diffstat (limited to 'test/openssl/test_pkey_ec.rb')
| -rw-r--r-- | test/openssl/test_pkey_ec.rb | 7 |
1 files changed, 1 insertions, 6 deletions
diff --git a/test/openssl/test_pkey_ec.rb b/test/openssl/test_pkey_ec.rb index d3edcc47b4..c530ee06b0 100644 --- a/test/openssl/test_pkey_ec.rb +++ b/test/openssl/test_pkey_ec.rb @@ -3,7 +3,7 @@ require_relative 'utils' if defined?(OpenSSL::TestUtils) && defined?(OpenSSL::PKey::EC) -class OpenSSL::TestEC < Test::Unit::TestCase +class OpenSSL::TestEC < OpenSSL::TestCase def setup @data1 = 'foo' @data2 = 'bar' * 1000 # data too long for DSA sig @@ -131,7 +131,6 @@ class OpenSSL::TestEC < Test::Unit::TestCase ec2 = OpenSSL::PKey.read(der) assert(ec2.private_key?) assert_equal(der, ec2.to_der) - assert_equal([], OpenSSL.errors) end def test_read_private_key_pem @@ -140,7 +139,6 @@ class OpenSSL::TestEC < Test::Unit::TestCase ec2 = OpenSSL::PKey.read(pem) assert(ec2.private_key?) assert_equal(pem, ec2.to_pem) - assert_equal([], OpenSSL.errors) end def test_read_public_key_der @@ -151,7 +149,6 @@ class OpenSSL::TestEC < Test::Unit::TestCase ec3 = OpenSSL::PKey.read(der) assert(!ec3.private_key?) assert_equal(der, ec3.to_der) - assert_equal([], OpenSSL.errors) end def test_read_public_key_pem @@ -162,7 +159,6 @@ class OpenSSL::TestEC < Test::Unit::TestCase ec3 = OpenSSL::PKey.read(pem) assert(!ec3.private_key?) assert_equal(pem, ec3.to_pem) - assert_equal([], OpenSSL.errors) end def test_read_private_key_pem_pw @@ -177,7 +173,6 @@ class OpenSSL::TestEC < Test::Unit::TestCase ec2 = OpenSSL::PKey.read(pem, 'secret') assert(ec2.private_key?) #omit pem equality check, will be different due to cipher iv - assert_equal([], OpenSSL.errors) end def test_export_password_length |