* ext/openssl/ossl.c (class OpenSSL): Fixed ExtensionFactory example.

Patch by Richard Bradley. [ruby-trunk - Bug #7551] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@39309 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2022-11-09 12:17:21 -05:00 · 2013-02-19 01:27:33 +00:00 · 2013-02-19 01:27:33 +00:00 · b043b0592b
commit b043b0592b
parent cc16b2139b
2 changed files with 26 additions and 11 deletions
--- a/5
+++ b/5
@ -1,3 +1,8 @@
+Tue Feb 19 10:27:12 2013  Eric Hodel  <drbrain@segment7.net>
+
+	* ext/openssl/ossl.c (class OpenSSL):  Fixed ExtensionFactory example.
+	  Patch by Richard Bradley.  [ruby-trunk - Bug #7551]
+
 Tue Feb 19 08:32:11 2013  Koichi Sasada  <ko1@atdot.net>

 	* vm_eval.c (vm_call0_body): check interrupts after method dispatch
--- a/ext/openssl/ossl.c
+++ b/ext/openssl/ossl.c
@ -701,10 +701,15 @@ ossl_fips_mode_set(VALUE self, VALUE enabled)
 *
 *   extension_factory = OpenSSL::X509::ExtensionFactory.new nil, cert
 *
- *   extension_factory.create_extension 'basicConstraints', 'CA:FALSE'
- *   extension_factory.create_extension 'keyUsage',
- *     'keyEncipherment,dataEncipherment,digitalSignature'
- *   extension_factory.create_extension 'subjectKeyIdentifier', 'hash'
+ *   cert.add_extension(extension_factory.create_extension
+ *     'basicConstraints', 'CA:FALSE')
+ *   cert.add_extension(extension_factory.create_extension
+ *     'keyUsage', 'keyEncipherment,dataEncipherment,digitalSignature')
+ *   cert.add_extension(extension_factory.create_extension
+ *     'subjectKeyIdentifier', 'hash')
+ *
+ * The list of supported extensions (and in some cases their possible values)
+ * can be derived from the "objects.h" file in the OpenSSL source code.
 *
 * === Signing a Certificate
 *
@ -772,16 +777,19 @@ ossl_fips_mode_set(VALUE self, VALUE enabled)
 *   extension_factory.subject_certificate = ca_cert
 *   extension_factory.issuer_certificate = ca_cert
 *
- *   extension_factory.create_extension 'subjectKeyIdentifier', 'hash'
+ *   ca_cert.add_extension(extension_factory.create_extension
+ *     'subjectKeyIdentifier', 'hash')
 *
 * This extension indicates the CA's key may be used as a CA.
 *
- *   extension_factory.create_extension 'basicConstraints', 'CA:TRUE', true
+ *   ca_cert.add_extension(extension_factory.create_extension
+ *     'basicConstraints', 'CA:TRUE', true)
 *
 * This extension indicates the CA's key may be used to verify signatures on
 * both certificates and certificate revocations.
 *
- *   extension_factory.create_extension 'keyUsage', 'cRLSign,keyCertSign', true
+ *   ca_cert.add_extension(extension_factory.create_extension
+ *     'keyUsage', 'cRLSign,keyCertSign', true)
 *
 * Root CA certificates are self-signed.
 *
@ -837,10 +845,12 @@ ossl_fips_mode_set(VALUE self, VALUE enabled)
 *   extension_factory.subject_certificate = csr_cert
 *   extension_factory.issuer_certificate = ca_cert
 *
- *   extension_factory.create_extension 'basicConstraints', 'CA:FALSE'
- *   extension_factory.create_extension 'keyUsage',
- *     'keyEncipherment,dataEncipherment,digitalSignature'
- *   extension_factory.create_extension 'subjectKeyIdentifier', 'hash'
+ *   csr_cert.add_extension(extension_factory.create_extension
+ *     'basicConstraints', 'CA:FALSE')
+ *   csr_cert.add_extension(extension_factory.create_extension
+ *     'keyUsage', 'keyEncipherment,dataEncipherment,digitalSignature')
+ *   csr_cert.add_extension(extension_factory.create_extension
+ *     'subjectKeyIdentifier', 'hash')
 *
 *   csr_cert.sign ca_key, OpenSSL::Digest::SHA1.new
 *