merge revision(s) 55057:

* ext/openssl/ossl_pkcs12.c (ossl_pkcs12_initialize): pop errors leaked by PKCS12_parse(). This is a bug in OpenSSL, which exists in the versions before the version 1.0.0t, 1.0.1p, 1.0.2d. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_3@56258 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2022-11-09 12:17:21 -05:00 · 2016-09-26 14:41:15 +00:00 · 2016-09-26 14:41:15 +00:00 · dce01373fd
commit dce01373fd
parent 6ccadbafcd
3 changed files with 11 additions and 1 deletions
--- a/6
+++ b/6
@ -1,3 +1,9 @@
+Mon Sep 26 23:34:09 2016  Kazuki Yamaguchi  <k@rhe.jp>
+
+	* ext/openssl/ossl_pkcs12.c (ossl_pkcs12_initialize): pop errors
+	  leaked by PKCS12_parse(). This is a bug in OpenSSL, which exists
+	  in the versions before the version 1.0.0t, 1.0.1p, 1.0.2d.
+
 Mon Sep 26 23:10:43 2016  NARUSE, Yui  <naruse@ruby-lang.org>

 	* vm_dump.c (backtrace): use rip in the saved context for the case
--- a/ext/openssl/ossl_pkcs12.c
+++ b/ext/openssl/ossl_pkcs12.c
@ -165,8 +165,12 @@ ossl_pkcs12_initialize(int argc, VALUE *argv, VALUE self)
    BIO_free(in);

    pkey = cert = ca = Qnil;
+    /* OpenSSL's bug; PKCS12_parse() puts errors even if it succeeds.
+     * Fixed in OpenSSL 1.0.0t, 1.0.1p, 1.0.2d */
+    ERR_set_mark();
    if(!PKCS12_parse(pkcs, passphrase, &key, &x509, &x509s))
 	ossl_raise(ePKCS12Error, "PKCS12_parse");
+    ERR_pop_to_mark();
    pkey = rb_protect((VALUE(*)_((VALUE)))ossl_pkey_new, (VALUE)key,
 		      &st); /* NO DUP */
    if(st) goto err;
--- a/version.h
+++ b/version.h
@ -1,6 +1,6 @@
 #define RUBY_VERSION "2.3.2"
 #define RUBY_RELEASE_DATE "2016-09-26"
-#define RUBY_PATCHLEVEL 190
+#define RUBY_PATCHLEVEL 191

 #define RUBY_RELEASE_YEAR 2016
 #define RUBY_RELEASE_MONTH 9