* ext/openssl/extconf.rb: Check existence of accessor functions that
don't exist in OpenSSL 0.9.8. OpenSSL 1.1.0 made most of its
structures opaque and requires use of these accessor functions.
[ruby-core:75225] [Feature #12324]
* ext/openssl/openssl_missing.[ch]: Implement them if missing.
* ext/openssl/ossl*.c: Use these accessor functions.
* test/openssl/test_hmac.rb: Add missing test for HMAC#reset.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55287 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_x509cert.c (ossl_x509_verify): X509_verify()
family may put errors on 0 return (0 means verification failure).
Clear OpenSSL error queue before return to Ruby. Since the queue is
thread global, remaining errors in the queue can cause an unexpected
error in the next OpenSSL operation. [ruby-core:48284] [Bug #7215]
* ext/openssl/ossl_x509crl.c (ossl_x509crl_verify): ditto.
* ext/openssl/ossl_x509req.c (ossl_x509req_verify): ditto.
* ext/openssl/ossl_x509store.c (ossl_x509stctx_verify): ditto.
* ext/openssl/ossl_pkey_dh.c (dh_generate): clear the OpenSSL error
queue before re-raising exception.
* ext/openssl/ossl_pkey_dsa.c (dsa_generate): ditto.
* ext/openssl/ossl_pkey_rsa.c (rsa_generate): ditto.
* ext/openssl/ossl_ssl.c (ossl_start_ssl): ditto.
* test/openssl: check that OpenSSL.errors is empty every time after
running a test case.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55051 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/bigdecimal/bigdecimal.c: use RARRAY_CONST_PTR just fore
reference instead of RARRAY_PTR, to keep the array WB-protected.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52448 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext: use long for index instead of int and RARRAY_LENINT.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52447 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl: make wrapper objects before allocating structs to
get rid of potential memory leaks.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50673 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
CertificateError when Request#to_der gets an error from OpenSSL.
Patch from Ippei Obayashi, see #4420. I cannot write a test for
this... Request does not allow to create broken bytes...
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32005 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
(RARRAY_LEN): defined for accessing array members.
(RARRAY_PTR): ditto.
* array.c: use RARRAY_LEN and RARRAY_PTR.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@10833 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
(RSTRING_LEN): defined for accessing string members.
(RSTRING_PTR): ditto.
* string.c: use RSTRING_LEN and RSTRING_PTR.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@10809 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
the argument as a string.
* ext/openssl/ossl_ns_pki.c (ossl_spki_to_der): new method.
* ext/openssl/ossl_x509store.c (ossl_x509store_initialize): should
set @time to avoid warning.
* ext/openssl/ossl_x509store.c (ossl_x509store_set_default_paths,
X509_STORE_add_cert, X509_STORE_add_crl): should raise error if
wrapped functions fails.
* ext/openssl/ossl_ssl.c (ossl_sslctx_set_ciphers): fix error message.
* ext/openssl/ossl_x509req.c (ossl_x509req_set_attributes): get rid
of unused variable.
* test/openssl/test_ns_spki.rb: add new file.
* test/openssl/test_x509store.rb: add test for error.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@9021 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
SSLSocket#peer_cert_chain.
* ext/openssl/ossl_x509req.c (GetX509ReqPtr): new function
which returns underlying X509_REQ.
* ext/openssl/ossl_x509ext.c (ossl_x509extfactory_set_issuer_cert,
ossl_x509extfactory_set_subject_cert, ossl_x509extfactory_set_crl,
ossl_x509extfactory_set_subject_req, ossl_x509extfactory_set_config):
use underlying C struct without duplication not to leak momory.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4884 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/extconf.rb: add check for assert.h.
* ext/openssl/ossl.c (ossl_buf2str): new function to convert
C buffer to String and free buffer.
* ext/openssl/ossl.c (ossl_x509_ary2sk): new function to convert
Array of OpenSSL::X509 to STACK_OF(X509) with exception safe.
* ext/openssl/ossl.c (ossl_to_der, ossl_to_der_if_possible): new
functions to convert object to DER string.
* ext/openssl/ossl.h: ditto.
* ext/openssl/ossl_bio.c (ossl_membio2str): new function to convert
BIO to String object and free BIO.
* ext/openssl/ossl_bio.h: ditto.
* ext/openssl/ossl_pkcs7.c (ossl_pkcs7_to_der): add for "to_der".
* ext/openssl/ossl_x509name.c (ossl_x509name_to_der): ditto.
* ext/openssl/ossl_x509ext.c (ossl_x509ext_to_der): ditto.
* ext/openssl/ossl_x509ext.c (create_ext_from_array): removed
and reimplement in openssl/x509.rb.
* ext/openssl/ossl_x509attr.c: reimplemented and disable some
method temporarily. this class doesn't work fine without ASN.1
data support;-) I'll rewrite in near future.
* ext/openssl/lib/openssl/x509.c (X509::Attribute): get rid off
unused code.
* ext/openssl/lib/openssl/x509.c (X509::ExtensionFactory): refine all.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4558 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
compatibility stuff. and remove DEFINE_ALLOC_WRAPPER from
all sources.
* ext/openssl/ossl_x509ext.c (X509::Extension.new): new method.
* ext/openssl/ossl_x509ext.c (X509::Extension#oid=): new method.
* ext/openssl/ossl_x509ext.c (X509::Extension#value=): new method.
* ext/openssl/ossl_x509ext.c (X509::Extension#critical=): new method.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4522 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
