[macruby-changes] [2907] MacRuby/trunk/ext/openssl
source_changes at macosforge.org
source_changes at macosforge.org
Tue Oct 27 18:11:13 PDT 2009
Revision: 2907
http://trac.macosforge.org/projects/ruby/changeset/2907
Author: lsansonetti at apple.com
Date: 2009-10-27 18:11:13 -0700 (Tue, 27 Oct 2009)
Log Message:
-----------
sync with 1.9 trunk
Modified Paths:
--------------
MacRuby/trunk/ext/openssl/extconf.rb
MacRuby/trunk/ext/openssl/lib/openssl/bn.rb
MacRuby/trunk/ext/openssl/lib/openssl/buffering.rb
MacRuby/trunk/ext/openssl/lib/openssl/cipher.rb
MacRuby/trunk/ext/openssl/lib/openssl/digest.rb
MacRuby/trunk/ext/openssl/lib/openssl/ssl.rb
MacRuby/trunk/ext/openssl/lib/openssl/x509.rb
MacRuby/trunk/ext/openssl/lib/openssl.rb
MacRuby/trunk/ext/openssl/openssl_missing.c
MacRuby/trunk/ext/openssl/openssl_missing.h
MacRuby/trunk/ext/openssl/ossl.c
MacRuby/trunk/ext/openssl/ossl.h
MacRuby/trunk/ext/openssl/ossl_asn1.c
MacRuby/trunk/ext/openssl/ossl_asn1.h
MacRuby/trunk/ext/openssl/ossl_bio.c
MacRuby/trunk/ext/openssl/ossl_bio.h
MacRuby/trunk/ext/openssl/ossl_bn.c
MacRuby/trunk/ext/openssl/ossl_bn.h
MacRuby/trunk/ext/openssl/ossl_cipher.c
MacRuby/trunk/ext/openssl/ossl_cipher.h
MacRuby/trunk/ext/openssl/ossl_config.c
MacRuby/trunk/ext/openssl/ossl_config.h
MacRuby/trunk/ext/openssl/ossl_digest.c
MacRuby/trunk/ext/openssl/ossl_digest.h
MacRuby/trunk/ext/openssl/ossl_engine.c
MacRuby/trunk/ext/openssl/ossl_engine.h
MacRuby/trunk/ext/openssl/ossl_hmac.c
MacRuby/trunk/ext/openssl/ossl_hmac.h
MacRuby/trunk/ext/openssl/ossl_ns_spki.c
MacRuby/trunk/ext/openssl/ossl_ns_spki.h
MacRuby/trunk/ext/openssl/ossl_ocsp.c
MacRuby/trunk/ext/openssl/ossl_ocsp.h
MacRuby/trunk/ext/openssl/ossl_pkcs12.c
MacRuby/trunk/ext/openssl/ossl_pkcs12.h
MacRuby/trunk/ext/openssl/ossl_pkcs5.c
MacRuby/trunk/ext/openssl/ossl_pkcs7.c
MacRuby/trunk/ext/openssl/ossl_pkcs7.h
MacRuby/trunk/ext/openssl/ossl_pkey.c
MacRuby/trunk/ext/openssl/ossl_pkey.h
MacRuby/trunk/ext/openssl/ossl_pkey_dh.c
MacRuby/trunk/ext/openssl/ossl_pkey_dsa.c
MacRuby/trunk/ext/openssl/ossl_pkey_ec.c
MacRuby/trunk/ext/openssl/ossl_pkey_rsa.c
MacRuby/trunk/ext/openssl/ossl_rand.c
MacRuby/trunk/ext/openssl/ossl_rand.h
MacRuby/trunk/ext/openssl/ossl_ssl.c
MacRuby/trunk/ext/openssl/ossl_ssl.h
MacRuby/trunk/ext/openssl/ossl_ssl_session.c
MacRuby/trunk/ext/openssl/ossl_version.h
MacRuby/trunk/ext/openssl/ossl_x509.c
MacRuby/trunk/ext/openssl/ossl_x509.h
MacRuby/trunk/ext/openssl/ossl_x509attr.c
MacRuby/trunk/ext/openssl/ossl_x509cert.c
MacRuby/trunk/ext/openssl/ossl_x509crl.c
MacRuby/trunk/ext/openssl/ossl_x509ext.c
MacRuby/trunk/ext/openssl/ossl_x509name.c
MacRuby/trunk/ext/openssl/ossl_x509req.c
MacRuby/trunk/ext/openssl/ossl_x509revoked.c
MacRuby/trunk/ext/openssl/ossl_x509store.c
MacRuby/trunk/ext/openssl/ruby_missing.h
Added Paths:
-----------
MacRuby/trunk/ext/openssl/lib/openssl/ssl-internal.rb
MacRuby/trunk/ext/openssl/lib/openssl/x509-internal.rb
Modified: MacRuby/trunk/ext/openssl/extconf.rb
===================================================================
--- MacRuby/trunk/ext/openssl/extconf.rb 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/extconf.rb 2009-10-28 01:11:13 UTC (rev 2907)
@@ -11,7 +11,7 @@
(See the file 'LICENCE'.)
= Version
- $Id: extconf.rb 12571 2007-06-18 08:56:21Z technorama $
+ $Id: extconf.rb 25189 2009-10-02 12:04:37Z akr $
=end
require "mkmf"
@@ -19,8 +19,6 @@
dir_config("openssl")
dir_config("kerberos")
-$defs << "-DRUBY_VERSION_CODE=#{RUBY_VERSION.gsub(/\D/, '')}"
-
message "=== OpenSSL for Ruby configurator ===\n"
##
@@ -30,7 +28,7 @@
if with_config("debug") or enable_config("debug")
$defs.push("-DOSSL_DEBUG") unless $defs.include? "-DOSSL_DEBUG"
- if /gcc/ =~ CONFIG["CC"]
+ if CONFIG['GCC'] == 'yes'
$CPPFLAGS += " -Wall" unless $CPPFLAGS.split.include? "-Wall"
end
end
@@ -98,7 +96,10 @@
have_func("OBJ_NAME_do_all_sorted")
have_func("SSL_SESSION_get_id")
have_func("OPENSSL_cleanse")
-if try_compile("#define FOO(a, ...) foo(a, ##__VA_ARGS__)\n int x(){FOO(1);FOO(1,2);FOO(1,2,3);}\n")
+unless have_func("SSL_set_tlsext_host_name", ['openssl/ssl.h'])
+ have_macro("SSL_set_tlsext_host_name", ['openssl/ssl.h']) && $defs.push("-DHAVE_SSL_SET_TLSEXT_HOST_NAME")
+end
+if try_compile("#define FOO(...) foo(__VA_ARGS__)\n int x(){FOO(1);FOO(1,2);FOO(1,2,3);}\n")
$defs.push("-DHAVE_VA_ARGS_MACRO")
end
if have_header("openssl/engine.h")
Modified: MacRuby/trunk/ext/openssl/lib/openssl/bn.rb
===================================================================
--- MacRuby/trunk/ext/openssl/lib/openssl/bn.rb 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/lib/openssl/bn.rb 2009-10-28 01:11:13 UTC (rev 2907)
@@ -11,7 +11,7 @@
(See the file 'LICENCE'.)
= Version
- $Id: bn.rb 11708 2007-02-12 23:01:19Z shyouhei $
+ $Id: bn.rb 25189 2009-10-02 12:04:37Z akr $
=end
##
Modified: MacRuby/trunk/ext/openssl/lib/openssl/buffering.rb
===================================================================
--- MacRuby/trunk/ext/openssl/lib/openssl/buffering.rb 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/lib/openssl/buffering.rb 2009-10-28 01:11:13 UTC (rev 2907)
@@ -11,9 +11,10 @@
(See the file 'LICENCE'.)
= Version
- $Id: buffering.rb 14261 2007-12-17 07:06:16Z gotoyuzo $
+ $Id: buffering.rb 25189 2009-10-02 12:04:37Z akr $
=end
+module OpenSSL
module Buffering
include Enumerable
attr_accessor :sync
@@ -99,6 +100,59 @@
ret
end
+ # Reads at most _maxlen_ bytes in the non-blocking manner.
+ #
+ # When no data can be read without blocking,
+ # It raises OpenSSL::SSL::SSLError extended by
+ # IO::WaitReadable or IO::WaitWritable.
+ #
+ # IO::WaitReadable means SSL needs to read internally.
+ # So read_nonblock should be called again after
+ # underlying IO is readable.
+ #
+ # IO::WaitWritable means SSL needs to write internally.
+ # So read_nonblock should be called again after
+ # underlying IO is writable.
+ #
+ # So OpenSSL::Buffering#read_nonblock needs two rescue clause as follows.
+ #
+ # # emulates blocking read (readpartial).
+ # begin
+ # result = ssl.read_nonblock(maxlen)
+ # rescue IO::WaitReadable
+ # IO.select([io])
+ # retry
+ # rescue IO::WaitWritable
+ # IO.select(nil, [io])
+ # retry
+ # end
+ #
+ # Note that one reason that read_nonblock write to a underlying IO
+ # is the peer requests a new TLS/SSL handshake.
+ # See openssl FAQ for more details.
+ # http://www.openssl.org/support/faq.html
+ #
+ def read_nonblock(maxlen, buf=nil)
+ if maxlen == 0
+ if buf
+ buf.clear
+ return buf
+ else
+ return ""
+ end
+ end
+ if @rbuffer.empty?
+ return sysread_nonblock(maxlen, buf)
+ end
+ ret = consume_rbuff(maxlen)
+ if buf
+ buf.replace(ret)
+ ret = buf
+ end
+ raise EOFError if ret.empty?
+ ret
+ end
+
def gets(eol=$/, limit=nil)
idx = @rbuffer.index(eol)
until @eof
@@ -196,6 +250,48 @@
s.length
end
+ # Writes _str_ in the non-blocking manner.
+ #
+ # If there are buffered data, it is flushed at first.
+ # This may block.
+ #
+ # write_nonblock returns number of bytes written to the SSL connection.
+ #
+ # When no data can be written without blocking,
+ # It raises OpenSSL::SSL::SSLError extended by
+ # IO::WaitReadable or IO::WaitWritable.
+ #
+ # IO::WaitReadable means SSL needs to read internally.
+ # So write_nonblock should be called again after
+ # underlying IO is readable.
+ #
+ # IO::WaitWritable means SSL needs to write internally.
+ # So write_nonblock should be called again after
+ # underlying IO is writable.
+ #
+ # So OpenSSL::Buffering#write_nonblock needs two rescue clause as follows.
+ #
+ # # emulates blocking write.
+ # begin
+ # result = ssl.write_nonblock(str)
+ # rescue IO::WaitReadable
+ # IO.select([io])
+ # retry
+ # rescue IO::WaitWritable
+ # IO.select(nil, [io])
+ # retry
+ # end
+ #
+ # Note that one reason that write_nonblock read from a underlying IO
+ # is the peer requests a new TLS/SSL handshake.
+ # See openssl FAQ for more details.
+ # http://www.openssl.org/support/faq.html
+ #
+ def write_nonblock(s)
+ flush
+ syswrite_nonblock(s)
+ end
+
def << (s)
do_write(s)
self
@@ -240,3 +336,4 @@
sysclose
end
end
+end
Modified: MacRuby/trunk/ext/openssl/lib/openssl/cipher.rb
===================================================================
--- MacRuby/trunk/ext/openssl/lib/openssl/cipher.rb 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/lib/openssl/cipher.rb 2009-10-28 01:11:13 UTC (rev 2907)
@@ -11,7 +11,7 @@
(See the file 'LICENCE'.)
= Version
- $Id: cipher.rb 12148 2007-04-05 05:59:22Z technorama $
+ $Id: cipher.rb 25189 2009-10-02 12:04:37Z akr $
=end
##
Modified: MacRuby/trunk/ext/openssl/lib/openssl/digest.rb
===================================================================
--- MacRuby/trunk/ext/openssl/lib/openssl/digest.rb 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/lib/openssl/digest.rb 2009-10-28 01:11:13 UTC (rev 2907)
@@ -11,7 +11,7 @@
(See the file 'LICENCE'.)
= Version
- $Id: digest.rb 15602 2008-02-25 08:51:18Z technorama $
+ $Id: digest.rb 25189 2009-10-02 12:04:37Z akr $
=end
##
@@ -40,7 +40,7 @@
super(name, data.first)
}
}
- singleton = (class <<klass; self; end)
+ singleton = (class << klass; self; end)
singleton.class_eval{
define_method(:digest){|data| Digest.digest(name, data) }
define_method(:hexdigest){|data| Digest.hexdigest(name, data) }
Added: MacRuby/trunk/ext/openssl/lib/openssl/ssl-internal.rb
===================================================================
--- MacRuby/trunk/ext/openssl/lib/openssl/ssl-internal.rb (rev 0)
+++ MacRuby/trunk/ext/openssl/lib/openssl/ssl-internal.rb 2009-10-28 01:11:13 UTC (rev 2907)
@@ -0,0 +1,177 @@
+=begin
+= $RCSfile$ -- Ruby-space definitions that completes C-space funcs for SSL
+
+= Info
+ 'OpenSSL for Ruby 2' project
+ Copyright (C) 2001 GOTOU YUUZOU <gotoyuzo at notwork.org>
+ All rights reserved.
+
+= Licence
+ This program is licenced under the same licence as Ruby.
+ (See the file 'LICENCE'.)
+
+= Version
+ $Id: ssl-internal.rb 25189 2009-10-02 12:04:37Z akr $
+=end
+
+require "openssl/buffering"
+require "fcntl"
+
+module OpenSSL
+ module SSL
+ class SSLContext
+ DEFAULT_PARAMS = {
+ :ssl_version => "SSLv23",
+ :verify_mode => OpenSSL::SSL::VERIFY_PEER,
+ :ciphers => "ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW",
+ :options => OpenSSL::SSL::OP_ALL,
+ }
+
+ DEFAULT_CERT_STORE = OpenSSL::X509::Store.new
+ DEFAULT_CERT_STORE.set_default_paths
+ if defined?(OpenSSL::X509::V_FLAG_CRL_CHECK_ALL)
+ DEFAULT_CERT_STORE.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
+ end
+
+ def set_params(params={})
+ params = DEFAULT_PARAMS.merge(params)
+ params.each{|name, value| self.__send__("#{name}=", value) }
+ if self.verify_mode != OpenSSL::SSL::VERIFY_NONE
+ unless self.ca_file or self.ca_path or self.cert_store
+ self.cert_store = DEFAULT_CERT_STORE
+ end
+ end
+ return params
+ end
+ end
+
+ module SocketForwarder
+ def addr
+ to_io.addr
+ end
+
+ def peeraddr
+ to_io.peeraddr
+ end
+
+ def setsockopt(level, optname, optval)
+ to_io.setsockopt(level, optname, optval)
+ end
+
+ def getsockopt(level, optname)
+ to_io.getsockopt(level, optname)
+ end
+
+ def fcntl(*args)
+ to_io.fcntl(*args)
+ end
+
+ def closed?
+ to_io.closed?
+ end
+
+ def do_not_reverse_lookup=(flag)
+ to_io.do_not_reverse_lookup = flag
+ end
+ end
+
+ module Nonblock
+ def initialize(*args)
+ flag = File::NONBLOCK
+ flag |= @io.fcntl(Fcntl::F_GETFL) if defined?(Fcntl::F_GETFL)
+ @io.fcntl(Fcntl::F_SETFL, flag)
+ super
+ end
+ end
+
+ def verify_certificate_identity(cert, hostname)
+ should_verify_common_name = true
+ cert.extensions.each{|ext|
+ next if ext.oid != "subjectAltName"
+ ext.value.split(/,\s+/).each{|general_name|
+ if /\ADNS:(.*)/ =~ general_name
+ should_verify_common_name = false
+ reg = Regexp.escape($1).gsub(/\\\*/, "[^.]+")
+ return true if /\A#{reg}\z/i =~ hostname
+ elsif /\AIP Address:(.*)/ =~ general_name
+ should_verify_common_name = false
+ return true if $1 == hostname
+ end
+ }
+ }
+ if should_verify_common_name
+ cert.subject.to_a.each{|oid, value|
+ if oid == "CN"
+ reg = Regexp.escape(value).gsub(/\\\*/, "[^.]+")
+ return true if /\A#{reg}\z/i =~ hostname
+ end
+ }
+ end
+ return false
+ end
+ module_function :verify_certificate_identity
+
+ class SSLSocket
+ include Buffering
+ include SocketForwarder
+ include Nonblock
+
+ def post_connection_check(hostname)
+ unless OpenSSL::SSL.verify_certificate_identity(peer_cert, hostname)
+ raise SSLError, "hostname was not match with the server certificate"
+ end
+ return true
+ end
+
+ def session
+ SSL::Session.new(self)
+ rescue SSL::Session::SessionError
+ nil
+ end
+ end
+
+ class SSLServer
+ include SocketForwarder
+ attr_accessor :start_immediately
+
+ def initialize(svr, ctx)
+ @svr = svr
+ @ctx = ctx
+ unless ctx.session_id_context
+ session_id = OpenSSL::Digest::MD5.hexdigest($0)
+ @ctx.session_id_context = session_id
+ end
+ @start_immediately = true
+ end
+
+ def to_io
+ @svr
+ end
+
+ def listen(backlog=5)
+ @svr.listen(backlog)
+ end
+
+ def shutdown(how=Socket::SHUT_RDWR)
+ @svr.shutdown(how)
+ end
+
+ def accept
+ sock = @svr.accept
+ begin
+ ssl = OpenSSL::SSL::SSLSocket.new(sock, @ctx)
+ ssl.sync_close = true
+ ssl.accept if @start_immediately
+ ssl
+ rescue SSLError => ex
+ sock.close
+ raise ex
+ end
+ end
+
+ def close
+ @svr.close
+ end
+ end
+ end
+end
Modified: MacRuby/trunk/ext/openssl/lib/openssl/ssl.rb
===================================================================
--- MacRuby/trunk/ext/openssl/lib/openssl/ssl.rb 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/lib/openssl/ssl.rb 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,178 +1 @@
-=begin
-= $RCSfile$ -- Ruby-space definitions that completes C-space funcs for SSL
-
-= Info
- 'OpenSSL for Ruby 2' project
- Copyright (C) 2001 GOTOU YUUZOU <gotoyuzo at notwork.org>
- All rights reserved.
-
-= Licence
- This program is licenced under the same licence as Ruby.
- (See the file 'LICENCE'.)
-
-= Version
- $Id: ssl.rb 14479 2007-12-22 08:31:53Z gotoyuzo $
-=end
-
-require "openssl"
-require "openssl/buffering"
-require "fcntl"
-
-module OpenSSL
- module SSL
- class SSLContext
- DEFAULT_PARAMS = {
- :ssl_version => "SSLv23",
- :verify_mode => OpenSSL::SSL::VERIFY_PEER,
- :ciphers => "ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW",
- :options => OpenSSL::SSL::OP_ALL,
- }
-
- DEFAULT_CERT_STORE = OpenSSL::X509::Store.new
- DEFAULT_CERT_STORE.set_default_paths
- if defined?(OpenSSL::X509::V_FLAG_CRL_CHECK_ALL)
- DEFAULT_CERT_STORE.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
- end
-
- def set_params(params={})
- params = DEFAULT_PARAMS.merge(params)
- params.each{|name, value| self.__send__("#{name}=", value) }
- if self.verify_mode != OpenSSL::SSL::VERIFY_NONE
- unless self.ca_file or self.ca_path or self.cert_store
- self.cert_store = DEFAULT_CERT_STORE
- end
- end
- return params
- end
- end
-
- module SocketForwarder
- def addr
- to_io.addr
- end
-
- def peeraddr
- to_io.peeraddr
- end
-
- def setsockopt(level, optname, optval)
- to_io.setsockopt(level, optname, optval)
- end
-
- def getsockopt(level, optname)
- to_io.getsockopt(level, optname)
- end
-
- def fcntl(*args)
- to_io.fcntl(*args)
- end
-
- def closed?
- to_io.closed?
- end
-
- def do_not_reverse_lookup=(flag)
- to_io.do_not_reverse_lookup = flag
- end
- end
-
- module Nonblock
- def initialize(*args)
- flag = File::NONBLOCK
- flag |= @io.fcntl(Fcntl::F_GETFL) if defined?(Fcntl::F_GETFL)
- @io.fcntl(Fcntl::F_SETFL, flag)
- super
- end
- end
-
- def verify_certificate_identity(cert, hostname)
- should_verify_common_name = true
- cert.extensions.each{|ext|
- next if ext.oid != "subjectAltName"
- ext.value.split(/,\s+/).each{|general_name|
- if /\ADNS:(.*)/ =~ general_name
- should_verify_common_name = false
- reg = Regexp.escape($1).gsub(/\\\*/, "[^.]+")
- return true if /\A#{reg}\z/i =~ hostname
- elsif /\AIP Address:(.*)/ =~ general_name
- should_verify_common_name = false
- return true if $1 == hostname
- end
- }
- }
- if should_verify_common_name
- cert.subject.to_a.each{|oid, value|
- if oid == "CN"
- reg = Regexp.escape(value).gsub(/\\\*/, "[^.]+")
- return true if /\A#{reg}\z/i =~ hostname
- end
- }
- end
- return false
- end
- module_function :verify_certificate_identity
-
- class SSLSocket
- include Buffering
- include SocketForwarder
- include Nonblock
-
- def post_connection_check(hostname)
- unless OpenSSL::SSL.verify_certificate_identity(peer_cert, hostname)
- raise SSLError, "hostname was not match with the server certificate"
- end
- return true
- end
-
- def session
- SSL::Session.new(self)
- rescue SSL::Session::SessionError
- nil
- end
- end
-
- class SSLServer
- include SocketForwarder
- attr_accessor :start_immediately
-
- def initialize(svr, ctx)
- @svr = svr
- @ctx = ctx
- unless ctx.session_id_context
- session_id = OpenSSL::Digest::MD5.hexdigest($0)
- @ctx.session_id_context = session_id
- end
- @start_immediately = true
- end
-
- def to_io
- @svr
- end
-
- def listen(backlog=5)
- @svr.listen(backlog)
- end
-
- def shutdown(how=Socket::SHUT_RDWR)
- @svr.shutdown(how)
- end
-
- def accept
- sock = @svr.accept
- begin
- ssl = OpenSSL::SSL::SSLSocket.new(sock, @ctx)
- ssl.sync_close = true
- ssl.accept if @start_immediately
- ssl
- rescue SSLError => ex
- sock.close
- raise ex
- end
- end
-
- def close
- @svr.close
- end
- end
- end
-end
+require 'openssl'
Added: MacRuby/trunk/ext/openssl/lib/openssl/x509-internal.rb
===================================================================
--- MacRuby/trunk/ext/openssl/lib/openssl/x509-internal.rb (rev 0)
+++ MacRuby/trunk/ext/openssl/lib/openssl/x509-internal.rb 2009-10-28 01:11:13 UTC (rev 2907)
@@ -0,0 +1,153 @@
+=begin
+= $RCSfile$ -- Ruby-space definitions that completes C-space funcs for X509 and subclasses
+
+= Info
+ 'OpenSSL for Ruby 2' project
+ Copyright (C) 2002 Michal Rokos <m.rokos at sh.cvut.cz>
+ All rights reserved.
+
+= Licence
+ This program is licenced under the same licence as Ruby.
+ (See the file 'LICENCE'.)
+
+= Version
+ $Id: x509-internal.rb 25189 2009-10-02 12:04:37Z akr $
+=end
+
+module OpenSSL
+ module X509
+ class ExtensionFactory
+ def create_extension(*arg)
+ if arg.size > 1
+ create_ext(*arg)
+ else
+ send("create_ext_from_"+arg[0].class.name.downcase, arg[0])
+ end
+ end
+
+ def create_ext_from_array(ary)
+ raise ExtensionError, "unexpected array form" if ary.size > 3
+ create_ext(ary[0], ary[1], ary[2])
+ end
+
+ def create_ext_from_string(str) # "oid = critical, value"
+ oid, value = str.split(/=/, 2)
+ oid.strip!
+ value.strip!
+ create_ext(oid, value)
+ end
+
+ def create_ext_from_hash(hash)
+ create_ext(hash["oid"], hash["value"], hash["critical"])
+ end
+ end
+
+ class Extension
+ def to_s # "oid = critical, value"
+ str = self.oid
+ str << " = "
+ str << "critical, " if self.critical?
+ str << self.value.gsub(/\n/, ", ")
+ end
+
+ def to_h # {"oid"=>sn|ln, "value"=>value, "critical"=>true|false}
+ {"oid"=>self.oid,"value"=>self.value,"critical"=>self.critical?}
+ end
+
+ def to_a
+ [ self.oid, self.value, self.critical? ]
+ end
+ end
+
+ class Name
+ module RFC2253DN
+ Special = ',=+<>#;'
+ HexChar = /[0-9a-fA-F]/
+ HexPair = /#{HexChar}#{HexChar}/
+ HexString = /#{HexPair}+/
+ Pair = /\\(?:[#{Special}]|\\|"|#{HexPair})/
+ StringChar = /[^#{Special}\\"]/
+ QuoteChar = /[^\\"]/
+ AttributeType = /[a-zA-Z][0-9a-zA-Z]*|[0-9]+(?:\.[0-9]+)*/
+ AttributeValue = /
+ (?!["#])((?:#{StringChar}|#{Pair})*)|
+ \#(#{HexString})|
+ "((?:#{QuoteChar}|#{Pair})*)"
+ /x
+ TypeAndValue = /\A(#{AttributeType})=#{AttributeValue}/
+
+ module_function
+
+ def expand_pair(str)
+ return nil unless str
+ return str.gsub(Pair){
+ pair = $&
+ case pair.size
+ when 2 then pair[1,1]
+ when 3 then Integer("0x#{pair[1,2]}").chr
+ else raise OpenSSL::X509::NameError, "invalid pair: #{str}"
+ end
+ }
+ end
+
+ def expand_hexstring(str)
+ return nil unless str
+ der = str.gsub(HexPair){$&.to_i(16).chr }
+ a1 = OpenSSL::ASN1.decode(der)
+ return a1.value, a1.tag
+ end
+
+ def expand_value(str1, str2, str3)
+ value = expand_pair(str1)
+ value, tag = expand_hexstring(str2) unless value
+ value = expand_pair(str3) unless value
+ return value, tag
+ end
+
+ def scan(dn)
+ str = dn
+ ary = []
+ while true
+ if md = TypeAndValue.match(str)
+ matched = md.to_s
+ remain = md.post_match
+ type = md[1]
+ value, tag = expand_value(md[2], md[3], md[4]) rescue nil
+ if value
+ type_and_value = [type, value]
+ type_and_value.push(tag) if tag
+ ary.unshift(type_and_value)
+ if remain.length > 2 && remain[0] == ?,
+ str = remain[1..-1]
+ next
+ elsif remain.length > 2 && remain[0] == ?+
+ raise OpenSSL::X509::NameError,
+ "multi-valued RDN is not supported: #{dn}"
+ elsif remain.empty?
+ break
+ end
+ end
+ end
+ msg_dn = dn[0, dn.length - str.length] + " =>" + str
+ raise OpenSSL::X509::NameError, "malformed RDN: #{msg_dn}"
+ end
+ return ary
+ end
+ end
+
+ class <<self
+ def parse_rfc2253(str, template=OBJECT_TYPE_TEMPLATE)
+ ary = OpenSSL::X509::Name::RFC2253DN.scan(str)
+ self.new(ary, template)
+ end
+
+ def parse_openssl(str, template=OBJECT_TYPE_TEMPLATE)
+ ary = str.scan(/\s*([^\/,]+)\s*/).collect{|i| i[0].split("=", 2) }
+ self.new(ary, template)
+ end
+
+ alias parse parse_openssl
+ end
+ end
+ end
+end
Modified: MacRuby/trunk/ext/openssl/lib/openssl/x509.rb
===================================================================
--- MacRuby/trunk/ext/openssl/lib/openssl/x509.rb 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/lib/openssl/x509.rb 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,155 +1 @@
-=begin
-= $RCSfile$ -- Ruby-space definitions that completes C-space funcs for X509 and subclasses
-
-= Info
- 'OpenSSL for Ruby 2' project
- Copyright (C) 2002 Michal Rokos <m.rokos at sh.cvut.cz>
- All rights reserved.
-
-= Licence
- This program is licenced under the same licence as Ruby.
- (See the file 'LICENCE'.)
-
-= Version
- $Id: x509.rb 15442 2008-02-12 06:18:06Z naruse $
-=end
-
-require "openssl"
-
-module OpenSSL
- module X509
- class ExtensionFactory
- def create_extension(*arg)
- if arg.size > 1
- create_ext(*arg)
- else
- send("create_ext_from_"+arg[0].class.name.downcase, arg[0])
- end
- end
-
- def create_ext_from_array(ary)
- raise ExtensionError, "unexpected array form" if ary.size > 3
- create_ext(ary[0], ary[1], ary[2])
- end
-
- def create_ext_from_string(str) # "oid = critical, value"
- oid, value = str.split(/=/, 2)
- oid.strip!
- value.strip!
- create_ext(oid, value)
- end
-
- def create_ext_from_hash(hash)
- create_ext(hash["oid"], hash["value"], hash["critical"])
- end
- end
-
- class Extension
- def to_s # "oid = critical, value"
- str = self.oid
- str << " = "
- str << "critical, " if self.critical?
- str << self.value.gsub(/\n/, ", ")
- end
-
- def to_h # {"oid"=>sn|ln, "value"=>value, "critical"=>true|false}
- {"oid"=>self.oid,"value"=>self.value,"critical"=>self.critical?}
- end
-
- def to_a
- [ self.oid, self.value, self.critical? ]
- end
- end
-
- class Name
- module RFC2253DN
- Special = ',=+<>#;'
- HexChar = /[0-9a-fA-F]/
- HexPair = /#{HexChar}#{HexChar}/
- HexString = /#{HexPair}+/
- Pair = /\\(?:[#{Special}]|\\|"|#{HexPair})/
- StringChar = /[^#{Special}\\"]/
- QuoteChar = /[^\\"]/
- AttributeType = /[a-zA-Z][0-9a-zA-Z]*|[0-9]+(?:\.[0-9]+)*/
- AttributeValue = /
- (?!["#])((?:#{StringChar}|#{Pair})*)|
- \#(#{HexString})|
- "((?:#{QuoteChar}|#{Pair})*)"
- /x
- TypeAndValue = /\A(#{AttributeType})=#{AttributeValue}/
-
- module_function
-
- def expand_pair(str)
- return nil unless str
- return str.gsub(Pair){
- pair = $&
- case pair.size
- when 2 then pair[1,1]
- when 3 then Integer("0x#{pair[1,2]}").chr
- else raise OpenSSL::X509::NameError, "invalid pair: #{str}"
- end
- }
- end
-
- def expand_hexstring(str)
- return nil unless str
- der = str.gsub(HexPair){$&.to_i(16).chr }
- a1 = OpenSSL::ASN1.decode(der)
- return a1.value, a1.tag
- end
-
- def expand_value(str1, str2, str3)
- value = expand_pair(str1)
- value, tag = expand_hexstring(str2) unless value
- value = expand_pair(str3) unless value
- return value, tag
- end
-
- def scan(dn)
- str = dn
- ary = []
- while true
- if md = TypeAndValue.match(str)
- matched = md.to_s
- remain = md.post_match
- type = md[1]
- value, tag = expand_value(md[2], md[3], md[4]) rescue nil
- if value
- type_and_value = [type, value]
- type_and_value.push(tag) if tag
- ary.unshift(type_and_value)
- if remain.length > 2 && remain[0] == ?,
- str = remain[1..-1]
- next
- elsif remain.length > 2 && remain[0] == ?+
- raise OpenSSL::X509::NameError,
- "multi-valued RDN is not supported: #{dn}"
- elsif remain.empty?
- break
- end
- end
- end
- msg_dn = dn[0, dn.length - str.length] + " =>" + str
- raise OpenSSL::X509::NameError, "malformed RDN: #{msg_dn}"
- end
- return ary
- end
- end
-
- class <<self
- def parse_rfc2253(str, template=OBJECT_TYPE_TEMPLATE)
- ary = OpenSSL::X509::Name::RFC2253DN.scan(str)
- self.new(ary, template)
- end
-
- def parse_openssl(str, template=OBJECT_TYPE_TEMPLATE)
- ary = str.scan(/\s*([^\/,]+)\s*/).collect{|i| i[0].split("=", 2) }
- self.new(ary, template)
- end
-
- alias parse parse_openssl
- end
- end
- end
-end
+require 'openssl'
Modified: MacRuby/trunk/ext/openssl/lib/openssl.rb
===================================================================
--- MacRuby/trunk/ext/openssl/lib/openssl.rb 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/lib/openssl.rb 2009-10-28 01:11:13 UTC (rev 2907)
@@ -11,14 +11,14 @@
(See the file 'LICENCE'.)
= Version
- $Id: openssl.rb 11708 2007-02-12 23:01:19Z shyouhei $
+ $Id: openssl.rb 25189 2009-10-02 12:04:37Z akr $
=end
-require 'openssl.bundle'
+require 'openssl.so'
require 'openssl/bn'
require 'openssl/cipher'
require 'openssl/digest'
-require 'openssl/ssl'
-require 'openssl/x509'
+require 'openssl/ssl-internal'
+require 'openssl/x509-internal'
Modified: MacRuby/trunk/ext/openssl/openssl_missing.c
===================================================================
--- MacRuby/trunk/ext/openssl/openssl_missing.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/openssl_missing.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: openssl_missing.c 16422 2008-05-15 09:44:38Z matz $
+ * $Id: openssl_missing.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
Modified: MacRuby/trunk/ext/openssl/openssl_missing.h
===================================================================
--- MacRuby/trunk/ext/openssl/openssl_missing.h 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/openssl_missing.h 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: openssl_missing.h 16422 2008-05-15 09:44:38Z matz $
+ * $Id: openssl_missing.h 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -15,45 +15,52 @@
extern "C" {
#endif
+#ifndef TYPEDEF_D2I_OF
+typedef char *d2i_of_void();
+#endif
+#ifndef TYPEDEF_I2D_OF
+typedef int i2d_of_void();
+#endif
+
/*
* These functions are not included in headers of OPENSSL <= 0.9.6b
*/
#if !defined(PEM_read_bio_DSAPublicKey)
# define PEM_read_bio_DSAPublicKey(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_DSAPublicKey,PEM_STRING_DSA_PUBLIC,bp,(char **)x,cb,u)
+ (d2i_of_void *)d2i_DSAPublicKey,PEM_STRING_DSA_PUBLIC,bp,(void **)x,cb,u)
#endif
#if !defined(PEM_write_bio_DSAPublicKey)
# define PEM_write_bio_DSAPublicKey(bp,x) \
- PEM_ASN1_write_bio((int (*)())i2d_DSAPublicKey,\
+ PEM_ASN1_write_bio((i2d_of_void *)i2d_DSAPublicKey,\
PEM_STRING_DSA_PUBLIC,\
bp,(char *)x, NULL, NULL, 0, NULL, NULL)
#endif
#if !defined(DSAPrivateKey_dup)
-# define DSAPrivateKey_dup(dsa) (DSA *)ASN1_dup((int (*)())i2d_DSAPrivateKey, \
- (char *(*)())d2i_DSAPrivateKey,(char *)dsa)
+# define DSAPrivateKey_dup(dsa) (DSA *)ASN1_dup((i2d_of_void *)i2d_DSAPrivateKey, \
+ (d2i_of_void *)d2i_DSAPrivateKey,(char *)dsa)
#endif
#if !defined(DSAPublicKey_dup)
-# define DSAPublicKey_dup(dsa) (DSA *)ASN1_dup((int (*)())i2d_DSAPublicKey, \
- (char *(*)())d2i_DSAPublicKey,(char *)dsa)
+# define DSAPublicKey_dup(dsa) (DSA *)ASN1_dup((i2d_of_void *)i2d_DSAPublicKey, \
+ (d2i_of_void *)d2i_DSAPublicKey,(char *)dsa)
#endif
#if !defined(X509_REVOKED_dup)
-# define X509_REVOKED_dup(rev) (X509_REVOKED *)ASN1_dup((int (*)())i2d_X509_REVOKED, \
- (char *(*)())d2i_X509_REVOKED, (char *)rev)
+# define X509_REVOKED_dup(rev) (X509_REVOKED *)ASN1_dup((i2d_of_void *)i2d_X509_REVOKED, \
+ (d2i_of_void *)d2i_X509_REVOKED, (char *)rev)
#endif
#if !defined(PKCS7_SIGNER_INFO_dup)
-# define PKCS7_SIGNER_INFO_dup(si) (PKCS7_SIGNER_INFO *)ASN1_dup((int (*)())i2d_PKCS7_SIGNER_INFO, \
- (char *(*)())d2i_PKCS7_SIGNER_INFO, (char *)si)
+# define PKCS7_SIGNER_INFO_dup(si) (PKCS7_SIGNER_INFO *)ASN1_dup((i2d_of_void *)i2d_PKCS7_SIGNER_INFO, \
+ (d2i_of_void *)d2i_PKCS7_SIGNER_INFO, (char *)si)
#endif
#if !defined(PKCS7_RECIP_INFO_dup)
-# define PKCS7_RECIP_INFO_dup(ri) (PKCS7_RECIP_INFO *)ASN1_dup((int (*)())i2d_PKCS7_RECIP_INFO, \
- (char *(*)())d2i_PKCS7_RECIP_INFO, (char *)ri)
+# define PKCS7_RECIP_INFO_dup(ri) (PKCS7_RECIP_INFO *)ASN1_dup((i2d_of_void *)i2d_PKCS7_RECIP_INFO, \
+ (d2i_of_void *)d2i_PKCS7_RECIP_INFO, (char *)ri)
#endif
#if !defined(HAVE_EVP_MD_CTX_INIT)
Modified: MacRuby/trunk/ext/openssl/ossl.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl.c 12148 2007-04-05 05:59:22Z technorama $
+ * $Id: ossl.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -15,7 +15,7 @@
* String to HEXString conversion
*/
int
-string2hex(char *buf, int buf_len, char **hexbuf, int *hexbuf_len)
+string2hex(const unsigned char *buf, int buf_len, char **hexbuf, int *hexbuf_len)
{
static const char hex[]="0123456789abcdef";
int i, len = 2 * buf_len;
@@ -272,10 +272,9 @@
/*
* Errors
*/
-void
-ossl_raise(VALUE exc, const char *fmt, ...)
+static VALUE
+ossl_make_error(VALUE exc, const char *fmt, va_list args)
{
- va_list args;
char buf[BUFSIZ];
const char *msg;
long e;
@@ -287,17 +286,14 @@
e = ERR_peek_error();
#endif
if (fmt) {
- va_start(args, fmt);
len = vsnprintf(buf, BUFSIZ, fmt, args);
- va_end(args);
}
if (len < BUFSIZ && e) {
if (dOSSL == Qtrue) /* FULL INFO */
msg = ERR_error_string(e, NULL);
else
msg = ERR_reason_error_string(e);
- fmt = len ? ": %s" : "%s";
- len += snprintf(buf+len, BUFSIZ-len, fmt, msg);
+ len += snprintf(buf+len, BUFSIZ-len, "%s%s", (len ? ": " : ""), msg);
}
if (dOSSL == Qtrue){ /* show all errors on the stack */
while ((e = ERR_get_error()) != 0){
@@ -307,9 +303,31 @@
ERR_clear_error();
if(len > BUFSIZ) len = strlen(buf);
- rb_exc_raise(rb_exc_new(exc, buf, len));
+ return rb_exc_new(exc, buf, len);
}
+void
+ossl_raise(VALUE exc, const char *fmt, ...)
+{
+ va_list args;
+ VALUE err;
+ va_start(args, fmt);
+ err = ossl_make_error(exc, fmt, args);
+ va_end(args);
+ rb_exc_raise(err);
+}
+
+VALUE
+ossl_exc_new(VALUE exc, const char *fmt, ...)
+{
+ va_list args;
+ VALUE err;
+ va_start(args, fmt);
+ err = ossl_make_error(exc, fmt, args);
+ va_end(args);
+ return err;
+}
+
/*
* call-seq:
* OpenSSL.errors -> [String...]
@@ -446,7 +464,7 @@
/*
* Verify callback Proc index for ext-data
*/
- if ((ossl_verify_cb_idx = X509_STORE_CTX_get_ex_new_index(0, "ossl_verify_cb_idx", 0, 0, 0)) < 0)
+ if ((ossl_verify_cb_idx = X509_STORE_CTX_get_ex_new_index(0, (void *)"ossl_verify_cb_idx", 0, 0, 0)) < 0)
ossl_raise(eOSSLError, "X509_STORE_CTX_get_ex_new_index");
/*
@@ -488,7 +506,7 @@
* Check if all symbols are OK with 'make LDSHARED=gcc all'
*/
int
-main(int argc, char *argv[], char *env[])
+main(int argc, char *argv[])
{
return 0;
}
Modified: MacRuby/trunk/ext/openssl/ossl.h
===================================================================
--- MacRuby/trunk/ext/openssl/ossl.h 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl.h 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl.h 12799 2007-07-15 13:24:39Z nobu $
+ * $Id: ossl.h 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -29,7 +29,7 @@
# undef RFILE
#endif
#include <ruby.h>
-#include <rubyio.h>
+#include <ruby/io.h>
/*
* Check the OpenSSL version
@@ -106,7 +106,7 @@
/*
* String to HEXString conversion
*/
-int string2hex(char *, int, char **, int *);
+int string2hex(const unsigned char *, int, char **, int *);
/*
* Data Conversion
@@ -135,6 +135,7 @@
*/
#define OSSL_ErrMsg() ERR_reason_error_string(ERR_get_error())
NORETURN(void ossl_raise(VALUE, const char *, ...));
+VALUE ossl_exc_new(VALUE, const char *, ...);
/*
* Verify callback
@@ -163,10 +164,10 @@
extern VALUE dOSSL;
#if defined(HAVE_VA_ARGS_MACRO)
-#define OSSL_Debug(fmt, ...) do { \
+#define OSSL_Debug(...) do { \
if (dOSSL == Qtrue) { \
fprintf(stderr, "OSSL_DEBUG: "); \
- fprintf(stderr, fmt, ##__VA_ARGS__); \
+ fprintf(stderr, __VA_ARGS__); \
fprintf(stderr, " [%s:%d]\n", __FILE__, __LINE__); \
} \
} while (0)
Modified: MacRuby/trunk/ext/openssl/ossl_asn1.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_asn1.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_asn1.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_asn1.c 15610 2008-02-26 07:07:26Z technorama $
+ * $Id: ossl_asn1.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' team members
* Copyright (C) 2003
* All rights reserved.
@@ -33,7 +33,7 @@
switch (time->type) {
case V_ASN1_UTCTIME:
- if (sscanf(time->data, "%2d%2d%2d%2d%2d%2dZ", &tm.tm_year, &tm.tm_mon,
+ if (sscanf((const char *)time->data, "%2d%2d%2d%2d%2d%2dZ", &tm.tm_year, &tm.tm_mon,
&tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) != 6) {
ossl_raise(rb_eTypeError, "bad UTCTIME format");
}
@@ -44,7 +44,7 @@
}
break;
case V_ASN1_GENERALIZEDTIME:
- if (sscanf(time->data, "%4d%2d%2d%2d%2d%2dZ", &tm.tm_year, &tm.tm_mon,
+ if (sscanf((const char *)time->data, "%4d%2d%2d%2d%2d%2dZ", &tm.tm_year, &tm.tm_mon,
&tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) != 6) {
ossl_raise(rb_eTypeError, "bad GENERALIZEDTIME format" );
}
@@ -80,7 +80,7 @@
VALUE
asn1str_to_str(ASN1_STRING *str)
{
- return rb_str_new(str->data, str->length);
+ return rb_str_new((const char *)str->data, str->length);
}
/*
@@ -214,7 +214,7 @@
StringValue(obj);
if(!(bstr = ASN1_BIT_STRING_new()))
ossl_raise(eASN1Error, NULL);
- ASN1_BIT_STRING_set(bstr, RSTRING_PTR(obj), RSTRING_LEN(obj));
+ ASN1_BIT_STRING_set(bstr, (unsigned char *)RSTRING_PTR(obj), RSTRING_LEN(obj));
bstr->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */
bstr->flags |= ASN1_STRING_FLAG_BITS_LEFT|(unused_bits&0x07);
@@ -306,21 +306,21 @@
static VALUE
decode_bool(unsigned char* der, int length)
{
- int flag;
- unsigned char *p;
+ int val;
+ const unsigned char *p;
p = der;
- if((flag = d2i_ASN1_BOOLEAN(NULL, &p, length)) < 0)
+ if((val = d2i_ASN1_BOOLEAN(NULL, &p, length)) < 0)
ossl_raise(eASN1Error, NULL);
- return flag ? Qtrue : Qfalse;
+ return val ? Qtrue : Qfalse;
}
static VALUE
decode_int(unsigned char* der, int length)
{
ASN1_INTEGER *ai;
- unsigned char *p;
+ const unsigned char *p;
VALUE ret;
int status = 0;
@@ -339,7 +339,7 @@
decode_bstr(unsigned char* der, int length, long *unused_bits)
{
ASN1_BIT_STRING *bstr;
- unsigned char *p, *buf;
+ const unsigned char *p;
long len;
VALUE ret;
@@ -350,7 +350,7 @@
*unused_bits = 0;
if(bstr->flags & ASN1_STRING_FLAG_BITS_LEFT)
*unused_bits = bstr->flags & 0x07;
- ret = rb_str_new(bstr->data, len);
+ ret = rb_str_new((const char *)bstr->data, len);
ASN1_BIT_STRING_free(bstr);
return ret;
@@ -360,7 +360,7 @@
decode_enum(unsigned char* der, int length)
{
ASN1_ENUMERATED *ai;
- unsigned char *p;
+ const unsigned char *p;
VALUE ret;
int status = 0;
@@ -379,7 +379,7 @@
decode_null(unsigned char* der, int length)
{
ASN1_NULL *null;
- unsigned char *p;
+ const unsigned char *p;
p = der;
if(!(null = d2i_ASN1_NULL(NULL, &p, length)))
@@ -393,7 +393,7 @@
decode_obj(unsigned char* der, int length)
{
ASN1_OBJECT *obj;
- unsigned char *p;
+ const unsigned char *p;
VALUE ret;
int nid;
BIO *bio;
@@ -422,7 +422,7 @@
decode_time(unsigned char* der, int length)
{
ASN1_TIME *time;
- unsigned char *p;
+ const unsigned char *p;
VALUE ret;
int status = 0;
@@ -495,7 +495,7 @@
value = ossl_asn1_get_value(obj);
switch(tag){
case V_ASN1_BOOLEAN:
- ptr = (void*)obj_to_asn1bool(value);
+ ptr = (void*)(VALUE)obj_to_asn1bool(value);
free_func = NULL;
break;
case V_ASN1_INTEGER: /* FALLTHROUGH */
@@ -697,7 +697,7 @@
if((length = ASN1_object_size(1, RSTRING_LEN(value), tag)) <= 0)
ossl_raise(eASN1Error, NULL);
der = rb_str_new(0, length);
- p = RSTRING_PTR(der);
+ p = (unsigned char *)RSTRING_PTR(der);
ASN1_put_object(&p, is_cons, RSTRING_LEN(value), tag, tag_class);
memcpy(p, RSTRING_PTR(value), RSTRING_LEN(value));
p += RSTRING_LEN(value);
@@ -711,6 +711,7 @@
int once, int yield)
{
unsigned char *start, *p;
+ const unsigned char *p0;
long len, off = *offset;
int hlen, tag, tc, j;
VALUE ary, asn1data, value, tag_class;
@@ -719,7 +720,9 @@
p = *pp;
while(length > 0){
start = p;
- j = ASN1_get_object(&p, &len, &tag, &tc, length);
+ p0 = p;
+ j = ASN1_get_object(&p0, &len, &tag, &tc, length);
+ p = (unsigned char *)p0;
if(j & 0x80) ossl_raise(eASN1Error, NULL);
hlen = p - start;
if(yield){
@@ -754,7 +757,7 @@
else value = ossl_asn1_decode0(&p, len, &off, depth+1, 0, yield);
}
else{
- value = rb_str_new(p, len);
+ value = rb_str_new((const char *)p, len);
p += len;
off += len;
}
@@ -819,7 +822,7 @@
obj = ossl_to_der_if_possible(obj);
tmp = rb_str_new4(StringValue(obj));
- p = RSTRING_PTR(tmp);
+ p = (unsigned char *)RSTRING_PTR(tmp);
ossl_asn1_decode0(&p, RSTRING_LEN(tmp), &offset, 0, 0, 1);
return Qnil;
@@ -835,7 +838,7 @@
obj = ossl_to_der_if_possible(obj);
tmp = rb_str_new4(StringValue(obj));
- p = RSTRING_PTR(tmp);
+ p = (unsigned char *)RSTRING_PTR(tmp);
ary = ossl_asn1_decode0(&p, RSTRING_LEN(tmp), &offset, 0, 1, 0);
ret = rb_ary_entry(ary, 0);
@@ -852,7 +855,7 @@
obj = ossl_to_der_if_possible(obj);
tmp = rb_str_new4(StringValue(obj));
- p = RSTRING_PTR(tmp);
+ p = (unsigned char *)RSTRING_PTR(tmp);
ret = ossl_asn1_decode0(&p, RSTRING_LEN(tmp), &offset, 0, 0, 0);
return ret;
@@ -947,7 +950,7 @@
ossl_ASN1_TYPE_free(asn1);
reallen = p - buf;
assert(reallen <= len);
- str = ossl_buf2str(buf, reallen); /* buf will be free in ossl_buf2str */
+ str = ossl_buf2str((char *)buf, reallen); /* buf will be free in ossl_buf2str */
return str;
}
@@ -969,7 +972,7 @@
seq_len = ASN1_object_size(1, RSTRING_LEN(value), tag);
length = ASN1_object_size(1, seq_len, tn);
str = rb_str_new(0, length);
- p = RSTRING_PTR(str);
+ p = (unsigned char *)RSTRING_PTR(str);
if(tc == V_ASN1_UNIVERSAL)
ASN1_put_object(&p, 1, RSTRING_LEN(value), tn, tc);
else{
Modified: MacRuby/trunk/ext/openssl/ossl_asn1.h
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_asn1.h 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_asn1.h 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_asn1.h 11708 2007-02-12 23:01:19Z shyouhei $
+ * $Id: ossl_asn1.h 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' team members
* Copyright (C) 2003
* All rights reserved.
Modified: MacRuby/trunk/ext/openssl/ossl_bio.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_bio.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_bio.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_bio.c 12133 2007-04-02 19:00:23Z technorama $
+ * $Id: ossl_bio.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' team members
* Copyright (C) 2003
* All rights reserved.
Modified: MacRuby/trunk/ext/openssl/ossl_bio.h
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_bio.h 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_bio.h 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_bio.h 11708 2007-02-12 23:01:19Z shyouhei $
+ * $Id: ossl_bio.h 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' team members
* Copyright (C) 2003
* All rights reserved.
Modified: MacRuby/trunk/ext/openssl/ossl_bn.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_bn.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_bn.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_bn.c 16689 2008-05-29 17:41:56Z knu $
+ * $Id: ossl_bn.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Technorama team <oss-ruby at technorama.net>
* All rights reserved.
@@ -131,12 +131,12 @@
switch (base) {
case 0:
- if (!BN_mpi2bn(RSTRING_PTR(str), RSTRING_LEN(str), bn)) {
+ if (!BN_mpi2bn((unsigned char *)RSTRING_PTR(str), RSTRING_LEN(str), bn)) {
ossl_raise(eBNError, NULL);
}
break;
case 2:
- if (!BN_bin2bn(RSTRING_PTR(str), RSTRING_LEN(str), bn)) {
+ if (!BN_bin2bn((unsigned char *)RSTRING_PTR(str), RSTRING_LEN(str), bn)) {
ossl_raise(eBNError, NULL);
}
break;
@@ -185,13 +185,13 @@
case 0:
len = BN_bn2mpi(bn, NULL);
str = rb_str_new(0, len);
- if (BN_bn2mpi(bn, RSTRING_PTR(str)) != len)
+ if (BN_bn2mpi(bn, (unsigned char *)RSTRING_PTR(str)) != len)
ossl_raise(eBNError, NULL);
break;
case 2:
len = BN_num_bytes(bn);
str = rb_str_new(0, len);
- if (BN_bn2bin(bn, RSTRING_PTR(str)) != len)
+ if (BN_bn2bin(bn, (unsigned char *)RSTRING_PTR(str)) != len)
ossl_raise(eBNError, NULL);
break;
case 10:
@@ -272,9 +272,9 @@
} \
return Qfalse; \
}
-BIGNUM_BOOL1(is_zero);
-BIGNUM_BOOL1(is_one);
-BIGNUM_BOOL1(is_odd);
+BIGNUM_BOOL1(is_zero)
+BIGNUM_BOOL1(is_one)
+BIGNUM_BOOL1(is_odd)
#define BIGNUM_1c(func) \
/* \
@@ -298,7 +298,7 @@
WrapBN(CLASS_OF(self), obj, result); \
return obj; \
}
-BIGNUM_1c(sqr);
+BIGNUM_1c(sqr)
#define BIGNUM_2(func) \
/* \
@@ -322,8 +322,8 @@
WrapBN(CLASS_OF(self), obj, result); \
return obj; \
}
-BIGNUM_2(add);
-BIGNUM_2(sub);
+BIGNUM_2(add)
+BIGNUM_2(sub)
#define BIGNUM_2c(func) \
/* \
@@ -347,12 +347,12 @@
WrapBN(CLASS_OF(self), obj, result); \
return obj; \
}
-BIGNUM_2c(mul);
-BIGNUM_2c(mod);
-BIGNUM_2c(exp);
-BIGNUM_2c(gcd);
-BIGNUM_2c(mod_sqr);
-BIGNUM_2c(mod_inverse);
+BIGNUM_2c(mul)
+BIGNUM_2c(mod)
+BIGNUM_2c(exp)
+BIGNUM_2c(gcd)
+BIGNUM_2c(mod_sqr)
+BIGNUM_2c(mod_inverse)
/*
* call-seq:
@@ -407,10 +407,10 @@
WrapBN(CLASS_OF(self), obj, result); \
return obj; \
}
-BIGNUM_3c(mod_add);
-BIGNUM_3c(mod_sub);
-BIGNUM_3c(mod_mul);
-BIGNUM_3c(mod_exp);
+BIGNUM_3c(mod_add)
+BIGNUM_3c(mod_sub)
+BIGNUM_3c(mod_mul)
+BIGNUM_3c(mod_exp)
#define BIGNUM_BIT(func) \
/* \
@@ -428,9 +428,9 @@
} \
return self; \
}
-BIGNUM_BIT(set_bit);
-BIGNUM_BIT(clear_bit);
-BIGNUM_BIT(mask_bits);
+BIGNUM_BIT(set_bit)
+BIGNUM_BIT(clear_bit)
+BIGNUM_BIT(mask_bits)
/*
* call-seq:
@@ -474,8 +474,8 @@
WrapBN(CLASS_OF(self), obj, result); \
return obj; \
}
-BIGNUM_SHIFT(lshift);
-BIGNUM_SHIFT(rshift);
+BIGNUM_SHIFT(lshift)
+BIGNUM_SHIFT(rshift)
#define BIGNUM_SELF_SHIFT(func) \
/* \
@@ -494,8 +494,8 @@
ossl_raise(eBNError, NULL); \
return self; \
}
-BIGNUM_SELF_SHIFT(lshift);
-BIGNUM_SELF_SHIFT(rshift);
+BIGNUM_SELF_SHIFT(lshift)
+BIGNUM_SELF_SHIFT(rshift)
#define BIGNUM_RAND(func) \
/* \
@@ -528,8 +528,8 @@
WrapBN(klass, obj, result); \
return obj; \
}
-BIGNUM_RAND(rand);
-BIGNUM_RAND(pseudo_rand);
+BIGNUM_RAND(rand)
+BIGNUM_RAND(pseudo_rand)
#define BIGNUM_RAND_RANGE(func) \
/* \
@@ -552,8 +552,8 @@
WrapBN(klass, obj, result); \
return obj; \
}
-BIGNUM_RAND_RANGE(rand);
-BIGNUM_RAND_RANGE(pseudo_rand);
+BIGNUM_RAND_RANGE(rand)
+BIGNUM_RAND_RANGE(pseudo_rand)
/*
* call-seq:
@@ -608,8 +608,8 @@
GetBN(self, bn); \
return INT2FIX(BN_##func(bn)); \
}
-BIGNUM_NUM(num_bytes);
-BIGNUM_NUM(num_bits);
+BIGNUM_NUM(num_bytes)
+BIGNUM_NUM(num_bits)
static VALUE
ossl_bn_copy(VALUE self, VALUE other)
@@ -642,8 +642,8 @@
GetBN(self, bn1); \
return INT2FIX(BN_##func(bn1, bn2)); \
}
-BIGNUM_CMP(cmp);
-BIGNUM_CMP(ucmp);
+BIGNUM_CMP(cmp)
+BIGNUM_CMP(ucmp)
static VALUE
ossl_bn_eql(VALUE self, VALUE other)
Modified: MacRuby/trunk/ext/openssl/ossl_bn.h
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_bn.h 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_bn.h 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_bn.h 12139 2007-04-03 07:02:44Z technorama $
+ * $Id: ossl_bn.h 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
Modified: MacRuby/trunk/ext/openssl/ossl_cipher.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_cipher.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_cipher.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_cipher.c 12148 2007-04-05 05:59:22Z technorama $
+ * $Id: ossl_cipher.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -67,7 +67,7 @@
{
if (ctx) {
EVP_CIPHER_CTX_cleanup(ctx);
- free(ctx);
+ ruby_xfree(ctx);
}
}
@@ -124,13 +124,16 @@
return self;
}
+#ifdef HAVE_OBJ_NAME_DO_ALL_SORTED
static void*
add_cipher_name_to_ary(const OBJ_NAME *name, VALUE ary)
{
rb_ary_push(ary, rb_str_new2(name->name));
return NULL;
}
+#endif
+#ifdef HAVE_OBJ_NAME_DO_ALL_SORTED
/*
* call-seq:
* Cipher.ciphers -> array[string...]
@@ -140,7 +143,6 @@
static VALUE
ossl_s_ciphers(VALUE self)
{
-#ifdef HAVE_OBJ_NAME_DO_ALL_SORTED
VALUE ary;
ary = rb_ary_new();
@@ -149,10 +151,10 @@
(void*)ary);
return ary;
+}
#else
- rb_notimplement();
+#define ossl_s_ciphers rb_f_notimplement
#endif
-}
/*
* call-seq:
@@ -186,7 +188,7 @@
* We deprecated the arguments for this method, but we decided
* keeping this behaviour for backward compatibility.
*/
- char *cname = rb_class2name(rb_obj_class(self));
+ const char *cname = rb_class2name(rb_obj_class(self));
rb_warn("argumtents for %s#encrypt and %s#decrypt were deprecated; "
"use %s#pkcs5_keyivgen to derive key and IV",
cname, cname, cname);
@@ -202,7 +204,7 @@
else memcpy(iv, RSTRING_PTR(init_v), sizeof(iv));
}
EVP_BytesToKey(EVP_CIPHER_CTX_cipher(ctx), EVP_md5(), iv,
- RSTRING_PTR(pass), RSTRING_LEN(pass), 1, key, NULL);
+ (unsigned char *)RSTRING_PTR(pass), RSTRING_LEN(pass), 1, key, NULL);
p_key = key;
p_iv = iv;
}
@@ -279,13 +281,13 @@
StringValue(vsalt);
if(RSTRING_LEN(vsalt) != PKCS5_SALT_LEN)
rb_raise(eCipherError, "salt must be an 8-octet string");
- salt = RSTRING_PTR(vsalt);
+ salt = (unsigned char *)RSTRING_PTR(vsalt);
}
iter = NIL_P(viter) ? 2048 : NUM2INT(viter);
digest = NIL_P(vdigest) ? EVP_md5() : GetDigestPtr(vdigest);
GetCipher(self, ctx);
EVP_BytesToKey(EVP_CIPHER_CTX_cipher(ctx), digest, salt,
- RSTRING_PTR(vpass), RSTRING_LEN(vpass), iter, key, iv);
+ (unsigned char *)RSTRING_PTR(vpass), RSTRING_LEN(vpass), iter, key, iv);
if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, -1) != 1)
ossl_raise(eCipherError, NULL);
OPENSSL_cleanse(key, sizeof key);
@@ -297,26 +299,6 @@
/*
* call-seq:
- * cipher << data -> string
- *
- * === Parameters
- * +data+ is a nonempty string.
- *
- * This method is deprecated and not available in 1.9.x or later.
- */
-static VALUE
-ossl_cipher_update_deprecated(VALUE self, VALUE data)
-{
- char *cname;
-
- cname = rb_class2name(rb_obj_class(self));
- rb_warning("%s#<< is deprecated; use %s#update instead", cname, cname);
- return rb_funcall(self, rb_intern("update"), 1, data);
-}
-
-
-/*
- * call-seq:
* cipher.update(data [, buffer]) -> string or buffer
*
* === Parameters
@@ -327,14 +309,14 @@
ossl_cipher_update(int argc, VALUE *argv, VALUE self)
{
EVP_CIPHER_CTX *ctx;
- char *in;
+ unsigned char *in;
int in_len, out_len;
VALUE data, str;
rb_scan_args(argc, argv, "11", &data, &str);
StringValue(data);
- in = RSTRING_PTR(data);
+ in = (unsigned char *)RSTRING_PTR(data);
if ((in_len = RSTRING_LEN(data)) == 0)
rb_raise(rb_eArgError, "data must not be empty");
GetCipher(self, ctx);
@@ -347,7 +329,7 @@
rb_str_resize(str, out_len);
}
- if (!EVP_CipherUpdate(ctx, RSTRING_PTR(str), &out_len, in, in_len))
+ if (!EVP_CipherUpdate(ctx, (unsigned char *)RSTRING_PTR(str), &out_len, in, in_len))
ossl_raise(eCipherError, NULL);
assert(out_len < RSTRING_LEN(str));
rb_str_set_len(str, out_len);
@@ -372,7 +354,7 @@
GetCipher(self, ctx);
str = rb_str_new(0, EVP_CIPHER_CTX_block_size(ctx));
- if (!EVP_CipherFinal_ex(ctx, RSTRING_PTR(str), &out_len))
+ if (!EVP_CipherFinal_ex(ctx, (unsigned char *)RSTRING_PTR(str), &out_len))
ossl_raise(eCipherError, NULL);
assert(out_len <= RSTRING_LEN(str));
rb_str_set_len(str, out_len);
@@ -415,7 +397,7 @@
if (RSTRING_LEN(key) < EVP_CIPHER_CTX_key_length(ctx))
ossl_raise(eCipherError, "key length too short");
- if (EVP_CipherInit_ex(ctx, NULL, NULL, RSTRING_PTR(key), NULL, -1) != 1)
+ if (EVP_CipherInit_ex(ctx, NULL, NULL, (unsigned char *)RSTRING_PTR(key), NULL, -1) != 1)
ossl_raise(eCipherError, NULL);
return key;
@@ -440,7 +422,7 @@
if (RSTRING_LEN(iv) < EVP_CIPHER_CTX_iv_length(ctx))
ossl_raise(eCipherError, "iv length too short");
- if (EVP_CipherInit_ex(ctx, NULL, NULL, NULL, RSTRING_PTR(iv), -1) != 1)
+ if (EVP_CipherInit_ex(ctx, NULL, NULL, NULL, (unsigned char *)RSTRING_PTR(iv), -1) != 1)
ossl_raise(eCipherError, NULL);
return iv;
@@ -471,6 +453,7 @@
return key_length;
}
+#if defined(HAVE_EVP_CIPHER_CTX_SET_PADDING)
/*
* call-seq:
* cipher.padding = integer -> integer
@@ -484,18 +467,17 @@
static VALUE
ossl_cipher_set_padding(VALUE self, VALUE padding)
{
-#if defined(HAVE_EVP_CIPHER_CTX_SET_PADDING)
EVP_CIPHER_CTX *ctx;
int pad = NUM2INT(padding);
GetCipher(self, ctx);
if (EVP_CIPHER_CTX_set_padding(ctx, pad) != 1)
ossl_raise(eCipherError, NULL);
-#else
- rb_notimplement();
-#endif
return padding;
}
+#else
+#define ossl_cipher_set_padding rb_f_notimplement
+#endif
#define CIPHER_0ARG_INT(func) \
static VALUE \
@@ -551,9 +533,6 @@
rb_define_method(cCipher, "decrypt", ossl_cipher_decrypt, -1);
rb_define_method(cCipher, "pkcs5_keyivgen", ossl_cipher_pkcs5_keyivgen, -1);
rb_define_method(cCipher, "update", ossl_cipher_update, -1);
-#if RUBY_VERSION_CODE < 190
- rb_define_method(cCipher, "<<", ossl_cipher_update_deprecated, 1);
-#endif
rb_define_method(cCipher, "final", ossl_cipher_final, 0);
rb_define_method(cCipher, "name", ossl_cipher_name, 0);
rb_define_method(cCipher, "key=", ossl_cipher_set_key, 1);
Modified: MacRuby/trunk/ext/openssl/ossl_cipher.h
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_cipher.h 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_cipher.h 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_cipher.h 12148 2007-04-05 05:59:22Z technorama $
+ * $Id: ossl_cipher.h 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
Modified: MacRuby/trunk/ext/openssl/ossl_config.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_config.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_config.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_config.c 16125 2008-04-21 08:48:33Z knu $
+ * $Id: ossl_config.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -192,7 +192,26 @@
#endif
}
+static void
+rb_ossl_config_modify_check(VALUE config)
+{
+ if (OBJ_FROZEN(config)) rb_error_frozen("OpenSSL::Config");
+ if (!OBJ_UNTRUSTED(config) && rb_safe_level() >= 4)
+ rb_raise(rb_eSecurityError, "Insecure: can't modify OpenSSL config");
+}
+
+#if !defined(OSSL_NO_CONF_API)
static VALUE
+ossl_config_add_value_m(VALUE self, VALUE section, VALUE name, VALUE value)
+{
+ rb_ossl_config_modify_check(self);
+ return ossl_config_add_value(self, section, name, value);
+}
+#else
+#define ossl_config_add_value_m rb_f_notimplement
+#endif
+
+static VALUE
ossl_config_get_value(VALUE self, VALUE section, VALUE name)
{
CONF *conf;
@@ -247,6 +266,7 @@
{
VALUE arg[2];
+ rb_ossl_config_modify_check(self);
arg[0] = self;
arg[1] = section;
rb_block_call(hash, rb_intern("each"), 0, 0, set_conf_section_i, (VALUE)arg);
@@ -300,7 +320,7 @@
rb_ary_push(ary, rb_str_new2(cv->section));
}
-static IMPLEMENT_LHASH_DOALL_ARG_FN(get_conf_section, CONF_VALUE*, VALUE);
+static IMPLEMENT_LHASH_DOALL_ARG_FN(get_conf_section, CONF_VALUE*, VALUE)
static VALUE
ossl_config_get_sections(VALUE self)
@@ -338,7 +358,7 @@
rb_str_cat2(str, "\n");
}
-static IMPLEMENT_LHASH_DOALL_ARG_FN(dump_conf_value, CONF_VALUE*, VALUE);
+static IMPLEMENT_LHASH_DOALL_ARG_FN(dump_conf_value, CONF_VALUE*, VALUE)
static VALUE
dump_conf(CONF *conf)
@@ -382,7 +402,7 @@
}
}
-static IMPLEMENT_LHASH_DOALL_ARG_FN(each_conf_value, CONF_VALUE*, void*);
+static IMPLEMENT_LHASH_DOALL_ARG_FN(each_conf_value, CONF_VALUE*, void*)
static VALUE
ossl_config_each(VALUE self)
@@ -423,7 +443,7 @@
ossl_config_inspect(VALUE self)
{
VALUE str, ary = ossl_config_get_sections(self);
- char *cname = rb_class2name(rb_obj_class(self));
+ const char *cname = rb_class2name(rb_obj_class(self));
str = rb_str_new2("#<");
rb_str_cat2(str, cname);
@@ -440,11 +460,14 @@
void
Init_ossl_config()
{
+ char *default_config_file;
eConfigError = rb_define_class_under(mOSSL, "ConfigError", eOSSLError);
cConfig = rb_define_class_under(mOSSL, "Config", rb_cObject);
+ default_config_file = CONF_get1_default_config_file();
rb_define_const(cConfig, "DEFAULT_CONFIG_FILE",
- rb_str_new2(CONF_get1_default_config_file()));
+ rb_str_new2(default_config_file));
+ OPENSSL_free(default_config_file);
rb_include_module(cConfig, rb_mEnumerable);
rb_define_singleton_method(cConfig, "parse", ossl_config_s_parse, 1);
rb_define_alias(CLASS_OF(cConfig), "load", "new");
@@ -453,7 +476,7 @@
rb_define_method(cConfig, "initialize", ossl_config_initialize, -1);
rb_define_method(cConfig, "get_value", ossl_config_get_value, 2);
rb_define_method(cConfig, "value", ossl_config_get_value_old, -1);
- rb_define_method(cConfig, "add_value", ossl_config_add_value, 3);
+ rb_define_method(cConfig, "add_value", ossl_config_add_value_m, 3);
rb_define_method(cConfig, "[]", ossl_config_get_section, 1);
rb_define_method(cConfig, "section", ossl_config_get_section_old, 1);
rb_define_method(cConfig, "[]=", ossl_config_set_section, 2);
Modified: MacRuby/trunk/ext/openssl/ossl_config.h
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_config.h 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_config.h 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_config.h 11708 2007-02-12 23:01:19Z shyouhei $
+ * $Id: ossl_config.h 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
Modified: MacRuby/trunk/ext/openssl/ossl_digest.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_digest.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_digest.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_digest.c 15602 2008-02-25 08:51:18Z technorama $
+ * $Id: ossl_digest.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -38,7 +38,7 @@
const EVP_MD *md;
if (TYPE(obj) == T_STRING) {
- const char *name = STR2CSTR(obj);
+ const char *name = StringValueCStr(obj);
md = EVP_get_digestbyname(name);
if (!md)
@@ -96,7 +96,6 @@
{
EVP_MD_CTX *ctx;
const EVP_MD *md;
- char *name;
VALUE type, data;
rb_scan_args(argc, argv, "11", &type, &data);
@@ -182,7 +181,7 @@
rb_str_resize(str, EVP_MD_CTX_size(ctx));
}
- EVP_DigestFinal_ex(ctx, RSTRING_PTR(str), NULL);
+ EVP_DigestFinal_ex(ctx, (unsigned char *)RSTRING_PTR(str), NULL);
return str;
}
@@ -234,7 +233,6 @@
void
Init_ossl_digest()
{
- rb_require("openssl");
rb_require("digest");
#if 0 /* let rdoc know about mOSSL */
Modified: MacRuby/trunk/ext/openssl/ossl_digest.h
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_digest.h 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_digest.h 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_digest.h 12148 2007-04-05 05:59:22Z technorama $
+ * $Id: ossl_digest.h 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
Modified: MacRuby/trunk/ext/openssl/ossl_engine.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_engine.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_engine.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_engine.c 11708 2007-02-12 23:01:19Z shyouhei $
+ * $Id: ossl_engine.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2003 GOTOU Yuuzou <gotoyuzo at notwork.org>
* All rights reserved.
@@ -119,7 +119,7 @@
if(!ENGINE_init(e))
ossl_raise(eEngineError, NULL);
ENGINE_ctrl(e, ENGINE_CTRL_SET_PASSWORD_CALLBACK,
- 0, NULL, (void(*)())ossl_pem_passwd_cb);
+ 0, NULL, (void(*)(void))ossl_pem_passwd_cb);
ERR_clear_error();
return obj;
@@ -166,10 +166,10 @@
return Qnil;
}
+#if defined(HAVE_ENGINE_GET_CIPHER)
static VALUE
ossl_engine_get_cipher(VALUE self, VALUE name)
{
-#if defined(HAVE_ENGINE_GET_CIPHER)
ENGINE *e;
const EVP_CIPHER *ciph, *tmp;
char *s;
@@ -184,15 +184,15 @@
if(!ciph) ossl_raise(eEngineError, NULL);
return ossl_cipher_new(ciph);
+}
#else
- rb_notimplement();
+#define ossl_engine_get_cipher rb_f_notimplement
#endif
-}
+#if defined(HAVE_ENGINE_GET_DIGEST)
static VALUE
ossl_engine_get_digest(VALUE self, VALUE name)
{
-#if defined(HAVE_ENGINE_GET_DIGEST)
ENGINE *e;
const EVP_MD *md, *tmp;
char *s;
@@ -207,10 +207,10 @@
if(!md) ossl_raise(eEngineError, NULL);
return ossl_digest_new(md);
+}
#else
- rb_notimplement();
+#define ossl_engine_get_digest rb_f_notimplement
#endif
-}
static VALUE
ossl_engine_load_privkey(int argc, VALUE *argv, VALUE self)
@@ -326,7 +326,7 @@
ossl_engine_inspect(VALUE self)
{
VALUE str;
- char *cname = rb_class2name(rb_obj_class(self));
+ const char *cname = rb_class2name(rb_obj_class(self));
str = rb_str_new2("#<");
rb_str_cat2(str, cname);
Modified: MacRuby/trunk/ext/openssl/ossl_engine.h
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_engine.h 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_engine.h 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_engine.h 11708 2007-02-12 23:01:19Z shyouhei $
+ * $Id: ossl_engine.h 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2003 Michal Rokos <m.rokos at sh.cvut.cz>
* Copyright (C) 2003 GOTOU Yuuzou <gotoyuzo at notwork.org>
Modified: MacRuby/trunk/ext/openssl/ossl_hmac.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_hmac.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_hmac.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_hmac.c 16422 2008-05-15 09:44:38Z matz $
+ * $Id: ossl_hmac.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -42,7 +42,7 @@
ossl_hmac_free(HMAC_CTX *ctx)
{
HMAC_CTX_cleanup(ctx);
- free(ctx);
+ ruby_xfree(ctx);
}
static VALUE
@@ -103,13 +103,13 @@
StringValue(data);
GetHMAC(self, ctx);
- HMAC_Update(ctx, RSTRING_PTR(data), RSTRING_LEN(data));
+ HMAC_Update(ctx, (unsigned char *)RSTRING_PTR(data), RSTRING_LEN(data));
return self;
}
static void
-hmac_final(HMAC_CTX *ctx, char **buf, int *buf_len)
+hmac_final(HMAC_CTX *ctx, unsigned char **buf, unsigned int *buf_len)
{
HMAC_CTX final;
@@ -132,13 +132,13 @@
ossl_hmac_digest(VALUE self)
{
HMAC_CTX *ctx;
- char *buf;
- int buf_len;
+ unsigned char *buf;
+ unsigned int buf_len;
VALUE digest;
GetHMAC(self, ctx);
hmac_final(ctx, &buf, &buf_len);
- digest = ossl_buf2str(buf, buf_len);
+ digest = ossl_buf2str((char *)buf, buf_len);
return digest;
}
@@ -152,8 +152,9 @@
ossl_hmac_hexdigest(VALUE self)
{
HMAC_CTX *ctx;
- char *buf, *hexbuf;
- int buf_len;
+ unsigned char *buf;
+ char *hexbuf;
+ unsigned int buf_len;
VALUE hexdigest;
GetHMAC(self, ctx);
@@ -192,15 +193,15 @@
static VALUE
ossl_hmac_s_digest(VALUE klass, VALUE digest, VALUE key, VALUE data)
{
- char *buf;
- int buf_len;
+ unsigned char *buf;
+ unsigned int buf_len;
StringValue(key);
StringValue(data);
buf = HMAC(GetDigestPtr(digest), RSTRING_PTR(key), RSTRING_LEN(key),
- RSTRING_PTR(data), RSTRING_LEN(data), NULL, &buf_len);
+ (unsigned char *)RSTRING_PTR(data), RSTRING_LEN(data), NULL, &buf_len);
- return rb_str_new(buf, buf_len);
+ return rb_str_new((const char *)buf, buf_len);
}
/*
@@ -211,15 +212,16 @@
static VALUE
ossl_hmac_s_hexdigest(VALUE klass, VALUE digest, VALUE key, VALUE data)
{
- char *buf, *hexbuf;
- int buf_len;
+ unsigned char *buf;
+ char *hexbuf;
+ unsigned int buf_len;
VALUE hexdigest;
StringValue(key);
StringValue(data);
buf = HMAC(GetDigestPtr(digest), RSTRING_PTR(key), RSTRING_LEN(key),
- RSTRING_PTR(data), RSTRING_LEN(data), NULL, &buf_len);
+ (unsigned char *)RSTRING_PTR(data), RSTRING_LEN(data), NULL, &buf_len);
if (string2hex(buf, buf_len, &hexbuf, NULL) != 2 * buf_len) {
ossl_raise(eHMACError, "Cannot convert buf to hexbuf");
}
Modified: MacRuby/trunk/ext/openssl/ossl_hmac.h
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_hmac.h 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_hmac.h 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_hmac.h 11708 2007-02-12 23:01:19Z shyouhei $
+ * $Id: ossl_hmac.h 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
Modified: MacRuby/trunk/ext/openssl/ossl_ns_spki.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_ns_spki.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_ns_spki.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_ns_spki.c 11708 2007-02-12 23:01:19Z shyouhei $
+ * $Id: ossl_ns_spki.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -56,14 +56,14 @@
{
NETSCAPE_SPKI *spki;
VALUE buffer;
- unsigned char *p;
+ const unsigned char *p;
if (rb_scan_args(argc, argv, "01", &buffer) == 0) {
return self;
}
StringValue(buffer);
if (!(spki = NETSCAPE_SPKI_b64_decode(RSTRING_PTR(buffer), -1))) {
- p = RSTRING_PTR(buffer);
+ p = (unsigned char *)RSTRING_PTR(buffer);
if (!(spki = d2i_NETSCAPE_SPKI(NULL, &p, RSTRING_LEN(buffer)))) {
ossl_raise(eSPKIError, NULL);
}
@@ -87,7 +87,7 @@
if ((len = i2d_NETSCAPE_SPKI(spki, NULL)) <= 0)
ossl_raise(eX509CertError, NULL);
str = rb_str_new(0, len);
- p = RSTRING_PTR(str);
+ p = (unsigned char *)RSTRING_PTR(str);
if (i2d_NETSCAPE_SPKI(spki, &p) <= 0)
ossl_raise(eX509CertError, NULL);
ossl_str_adjust(str, p);
@@ -172,7 +172,7 @@
return rb_str_new(0, 0);
}
- return rb_str_new(spki->spkac->challenge->data,
+ return rb_str_new((const char *)spki->spkac->challenge->data,
spki->spkac->challenge->length);
}
Modified: MacRuby/trunk/ext/openssl/ossl_ns_spki.h
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_ns_spki.h 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_ns_spki.h 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_ns_spki.h 11708 2007-02-12 23:01:19Z shyouhei $
+ * $Id: ossl_ns_spki.h 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
Modified: MacRuby/trunk/ext/openssl/ossl_ocsp.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_ocsp.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_ocsp.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_ocsp.c 11708 2007-02-12 23:01:19Z shyouhei $
+ * $Id: ossl_ocsp.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2003 Michal Rokos <m.rokos at sh.cvut.cz>
* Copyright (C) 2003 GOTOU Yuuzou <gotoyuzo at notwork.org>
@@ -103,15 +103,17 @@
ossl_ocspreq_initialize(int argc, VALUE *argv, VALUE self)
{
VALUE arg;
- unsigned char *p;
+ const unsigned char *p;
rb_scan_args(argc, argv, "01", &arg);
if(!NIL_P(arg)){
+ OCSP_REQUEST *req = DATA_PTR(self), *x;
arg = ossl_to_der_if_possible(arg);
StringValue(arg);
p = (unsigned char*)RSTRING_PTR(arg);
- if(!d2i_OCSP_REQUEST((OCSP_REQUEST**)&DATA_PTR(self), &p,
- RSTRING_LEN(arg))){
+ x = d2i_OCSP_REQUEST(&req, &p, RSTRING_LEN(arg));
+ DATA_PTR(self) = req;
+ if(!x){
ossl_raise(eOCSPError, "cannot load DER encoded request");
}
}
@@ -134,7 +136,7 @@
else{
StringValue(val);
GetOCSPReq(self, req);
- ret = OCSP_request_add1_nonce(req, RSTRING_PTR(val), RSTRING_LEN(val));
+ ret = OCSP_request_add1_nonce(req, (unsigned char *)RSTRING_PTR(val), RSTRING_LEN(val));
}
if(!ret) ossl_raise(eOCSPError, NULL);
@@ -265,7 +267,7 @@
if((len = i2d_OCSP_REQUEST(req, NULL)) <= 0)
ossl_raise(eOCSPError, NULL);
str = rb_str_new(0, len);
- p = RSTRING_PTR(str);
+ p = (unsigned char *)RSTRING_PTR(str);
if(i2d_OCSP_REQUEST(req, &p) <= 0)
ossl_raise(eOCSPError, NULL);
ossl_str_adjust(str, p);
@@ -310,15 +312,17 @@
ossl_ocspres_initialize(int argc, VALUE *argv, VALUE self)
{
VALUE arg;
- unsigned char *p;
+ const unsigned char *p;
rb_scan_args(argc, argv, "01", &arg);
if(!NIL_P(arg)){
+ OCSP_RESPONSE *res = DATA_PTR(self), *x;
arg = ossl_to_der_if_possible(arg);
StringValue(arg);
- p = RSTRING_PTR(arg);
- if(!d2i_OCSP_RESPONSE((OCSP_RESPONSE**)&DATA_PTR(self), &p,
- RSTRING_LEN(arg))){
+ p = (unsigned char *)RSTRING_PTR(arg);
+ x = d2i_OCSP_RESPONSE(&res, &p, RSTRING_LEN(arg));
+ DATA_PTR(self) = res;
+ if(!x){
ossl_raise(eOCSPError, "cannot load DER encoded response");
}
}
@@ -377,8 +381,8 @@
if((len = i2d_OCSP_RESPONSE(res, NULL)) <= 0)
ossl_raise(eOCSPError, NULL);
str = rb_str_new(0, len);
- p = RSTRING_PTR(str);
- if(i2d_OCSP_RESPONSE(res, NULL) <= 0)
+ p = (unsigned char *)RSTRING_PTR(str);
+ if(i2d_OCSP_RESPONSE(res, &p) <= 0)
ossl_raise(eOCSPError, NULL);
ossl_str_adjust(str, p);
@@ -436,7 +440,7 @@
else{
StringValue(val);
GetOCSPBasicRes(self, bs);
- ret = OCSP_basic_add1_nonce(bs, RSTRING_PTR(val), RSTRING_LEN(val));
+ ret = OCSP_basic_add1_nonce(bs, (unsigned char *)RSTRING_PTR(val), RSTRING_LEN(val));
}
if(!ret) ossl_raise(eOCSPError, NULL);
@@ -462,7 +466,7 @@
/* All ary's members should be X509Extension */
Check_Type(ext, T_ARRAY);
for (i = 0; i < RARRAY_LEN(ext); i++)
- OSSL_Check_Kind(RARRAY_AT(ext, i), cX509Ext);
+ OSSL_Check_Kind(RARRAY_PTR(ext)[i], cX509Ext);
}
error = 0;
@@ -491,7 +495,7 @@
sk_X509_EXTENSION_pop_free(single->singleExtensions, X509_EXTENSION_free);
single->singleExtensions = NULL;
for(i = 0; i < RARRAY_LEN(ext); i++){
- x509ext = DupX509ExtPtr(RARRAY_AT(ext, i));
+ x509ext = DupX509ExtPtr(RARRAY_PTR(ext)[i]);
if(!OCSP_SINGLERESP_add_ext(single, x509ext, -1)){
X509_EXTENSION_free(x509ext);
error = 1;
@@ -589,22 +593,22 @@
static VALUE
ossl_ocspbres_verify(int argc, VALUE *argv, VALUE self)
{
- VALUE certs, store, flags;
+ VALUE certs, store, flags, result;
OCSP_BASICRESP *bs;
STACK_OF(X509) *x509s;
X509_STORE *x509st;
- int flg, result;
+ int flg;
rb_scan_args(argc, argv, "21", &certs, &store, &flags);
x509st = GetX509StorePtr(store);
flg = NIL_P(flags) ? 0 : INT2NUM(flags);
x509s = ossl_x509_ary2sk(certs);
GetOCSPBasicRes(self, bs);
- result = OCSP_basic_verify(bs, x509s, x509st, flg);
+ result = OCSP_basic_verify(bs, x509s, x509st, flg) > 0 ? Qtrue : Qfalse;
sk_X509_pop_free(x509s, X509_free);
if(!result) rb_warn("%s", ERR_error_string(ERR_peek_error(), NULL));
- return result ? Qtrue : Qfalse;
+ return result;
}
/*
Modified: MacRuby/trunk/ext/openssl/ossl_ocsp.h
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_ocsp.h 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_ocsp.h 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_ocsp.h 11708 2007-02-12 23:01:19Z shyouhei $
+ * $Id: ossl_ocsp.h 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2003 Michal Rokos <m.rokos at sh.cvut.cz>
* Copyright (C) 2003 GOTOU Yuuzou <gotoyuzo at notwork.org>
Modified: MacRuby/trunk/ext/openssl/ossl_pkcs12.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_pkcs12.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_pkcs12.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,7 +1,7 @@
/*
* This program is licenced under the same licence as Ruby.
* (See the file 'LICENCE'.)
- * $Id: ossl_pkcs12.c 12148 2007-04-05 05:59:22Z technorama $
+ * $Id: ossl_pkcs12.c 25189 2009-10-02 12:04:37Z akr $
*/
#include "ossl.h"
@@ -137,15 +137,17 @@
X509 *x509;
STACK_OF(X509) *x509s = NULL;
int st = 0;
+ PKCS12 *pkcs = DATA_PTR(self);
if(rb_scan_args(argc, argv, "02", &arg, &pass) == 0) return self;
passphrase = NIL_P(pass) ? NULL : StringValuePtr(pass);
in = ossl_obj2bio(arg);
- d2i_PKCS12_bio(in, (PKCS12 **)&DATA_PTR(self));
+ d2i_PKCS12_bio(in, &pkcs);
+ DATA_PTR(self) = pkcs;
BIO_free(in);
pkey = cert = ca = Qnil;
- if(!PKCS12_parse((PKCS12*)DATA_PTR(self), passphrase, &key, &x509, &x509s))
+ if(!PKCS12_parse(pkcs, passphrase, &key, &x509, &x509s))
ossl_raise(ePKCS12Error, "PKCS12_parse");
pkey = rb_protect((VALUE(*)_((VALUE)))ossl_pkey_new, (VALUE)key,
&st); /* NO DUP */
@@ -181,7 +183,7 @@
if((len = i2d_PKCS12(p12, NULL)) <= 0)
ossl_raise(ePKCS12Error, NULL);
str = rb_str_new(0, len);
- p = RSTRING_PTR(str);
+ p = (unsigned char *)RSTRING_PTR(str);
if(i2d_PKCS12(p12, &p) <= 0)
ossl_raise(ePKCS12Error, NULL);
ossl_str_adjust(str, p);
Modified: MacRuby/trunk/ext/openssl/ossl_pkcs12.h
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_pkcs12.h 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_pkcs12.h 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,7 +1,7 @@
/*
* This program is licenced under the same licence as Ruby.
* (See the file 'LICENCE'.)
- * $Id: ossl_pkcs12.h 12148 2007-04-05 05:59:22Z technorama $
+ * $Id: ossl_pkcs12.h 25189 2009-10-02 12:04:37Z akr $
*/
#if !defined(_OSSL_PKCS12_H_)
#define _OSSL_PKCS12_H_
Modified: MacRuby/trunk/ext/openssl/ossl_pkcs5.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_pkcs5.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_pkcs5.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -7,6 +7,7 @@
VALUE mPKCS5;
VALUE ePKCS5;
+#ifdef HAVE_PKCS5_PBKDF2_HMAC
/*
* call-seq:
* PKCS5.pbkdf2_hmac(pass, salt, iter, keylen, digest) => string
@@ -25,7 +26,6 @@
static VALUE
ossl_pkcs5_pbkdf2_hmac(VALUE self, VALUE pass, VALUE salt, VALUE iter, VALUE keylen, VALUE digest)
{
-#ifdef HAVE_PKCS5_PBKDF2_HMAC
VALUE str;
const EVP_MD *md;
int len = NUM2INT(keylen);
@@ -40,12 +40,13 @@
ossl_raise(ePKCS5, "PKCS5_PBKDF2_HMAC");
return str;
+}
#else
- rb_notimplement();
+#define ossl_pkcs5_pbkdf2_hmac rb_f_notimplement
#endif
-}
+#ifdef HAVE_PKCS5_PBKDF2_HMAC_SHA1
/*
* call-seq:
* PKCS5.pbkdf2_hmac_sha1(pass, salt, iter, keylen) => string
@@ -63,7 +64,6 @@
static VALUE
ossl_pkcs5_pbkdf2_hmac_sha1(VALUE self, VALUE pass, VALUE salt, VALUE iter, VALUE keylen)
{
-#ifdef HAVE_PKCS5_PBKDF2_HMAC_SHA1
VALUE str;
int len = NUM2INT(keylen);
@@ -72,14 +72,16 @@
str = rb_str_new(0, len);
- if (PKCS5_PBKDF2_HMAC_SHA1(RSTRING_PTR(pass), RSTRING_LEN(pass), RSTRING_PTR(salt), RSTRING_LEN(salt), NUM2INT(iter), len, RSTRING_PTR(str)) != 1)
+ if (PKCS5_PBKDF2_HMAC_SHA1(RSTRING_PTR(pass), RSTRING_LEN(pass),
+ (const unsigned char *)RSTRING_PTR(salt), RSTRING_LEN(salt), NUM2INT(iter),
+ len, (unsigned char *)RSTRING_PTR(str)) != 1)
ossl_raise(ePKCS5, "PKCS5_PBKDF2_HMAC_SHA1");
return str;
+}
#else
- rb_notimplement();
+#define ossl_pkcs5_pbkdf2_hmac_sha1 rb_f_notimplement
#endif
-}
void
Init_ossl_pkcs5()
Modified: MacRuby/trunk/ext/openssl/ossl_pkcs7.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_pkcs7.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_pkcs7.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_pkcs7.c 12148 2007-04-05 05:59:22Z technorama $
+ * $Id: ossl_pkcs7.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -309,7 +309,7 @@
static VALUE
ossl_pkcs7_initialize(int argc, VALUE *argv, VALUE self)
{
- PKCS7 *p7;
+ PKCS7 *p7, *pkcs = DATA_PTR(self);
BIO *in;
VALUE arg;
@@ -317,10 +317,12 @@
return self;
arg = ossl_to_der_if_possible(arg);
in = ossl_obj2bio(arg);
- p7 = PEM_read_bio_PKCS7(in, (PKCS7 **)&DATA_PTR(self), NULL, NULL);
+ p7 = PEM_read_bio_PKCS7(in, &pkcs, NULL, NULL);
+ DATA_PTR(self) = pkcs;
if (!p7) {
- BIO_reset(in);
- p7 = d2i_PKCS7_bio(in, (PKCS7 **)&DATA_PTR(self));
+ (void)BIO_reset(in);
+ p7 = d2i_PKCS7_bio(in, &pkcs);
+ DATA_PTR(self) = pkcs;
}
BIO_free(in);
ossl_pkcs7_set_data(self, Qnil);
@@ -778,7 +780,7 @@
if((len = i2d_PKCS7(pkcs7, NULL)) <= 0)
ossl_raise(ePKCS7Error, NULL);
str = rb_str_new(0, len);
- p = RSTRING_PTR(str);
+ p = (unsigned char *)RSTRING_PTR(str);
if(i2d_PKCS7(pkcs7, &p) <= 0)
ossl_raise(ePKCS7Error, NULL);
ossl_str_adjust(str, p);
Modified: MacRuby/trunk/ext/openssl/ossl_pkcs7.h
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_pkcs7.h 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_pkcs7.h 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_pkcs7.h 12148 2007-04-05 05:59:22Z technorama $
+ * $Id: ossl_pkcs7.h 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
Modified: MacRuby/trunk/ext/openssl/ossl_pkey.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_pkey.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_pkey.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_pkey.c 12139 2007-04-03 07:02:44Z technorama $
+ * $Id: ossl_pkey.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -164,7 +164,7 @@
{
EVP_PKEY *pkey;
EVP_MD_CTX ctx;
- int buf_len;
+ unsigned int buf_len;
VALUE str;
if (rb_funcall(self, id_private_q, 0, NULL) != Qtrue) {
@@ -175,9 +175,9 @@
StringValue(data);
EVP_SignUpdate(&ctx, RSTRING_PTR(data), RSTRING_LEN(data));
str = rb_str_new(0, EVP_PKEY_size(pkey)+16);
- if (!EVP_SignFinal(&ctx, RSTRING_PTR(str), &buf_len, pkey))
+ if (!EVP_SignFinal(&ctx, (unsigned char *)RSTRING_PTR(str), &buf_len, pkey))
ossl_raise(ePKeyError, NULL);
- assert(buf_len <= RSTRING_LEN(str));
+ assert((long)buf_len <= RSTRING_LEN(str));
rb_str_set_len(str, buf_len);
return str;
@@ -194,7 +194,7 @@
StringValue(sig);
StringValue(data);
EVP_VerifyUpdate(&ctx, RSTRING_PTR(data), RSTRING_LEN(data));
- switch (EVP_VerifyFinal(&ctx, RSTRING_PTR(sig), RSTRING_LEN(sig), pkey)) {
+ switch (EVP_VerifyFinal(&ctx, (unsigned char *)RSTRING_PTR(sig), RSTRING_LEN(sig), pkey)) {
case 0:
return Qfalse;
case 1:
Modified: MacRuby/trunk/ext/openssl/ossl_pkey.h
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_pkey.h 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_pkey.h 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_pkey.h 12139 2007-04-03 07:02:44Z technorama $
+ * $Id: ossl_pkey.h 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
Modified: MacRuby/trunk/ext/openssl/ossl_pkey_dh.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_pkey_dh.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_pkey_dh.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_pkey_dh.c 16689 2008-05-29 17:41:56Z knu $
+ * $Id: ossl_pkey_dh.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -169,7 +169,7 @@
in = ossl_obj2bio(arg);
dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
if (!dh){
- BIO_reset(in);
+ (void)BIO_reset(in);
dh = d2i_DHparams_bio(in, NULL);
}
BIO_free(in);
@@ -254,7 +254,7 @@
if((len = i2d_DHparams(pkey->pkey.dh, NULL)) <= 0)
ossl_raise(eDHError, NULL);
str = rb_str_new(0, len);
- p = RSTRING_PTR(str);
+ p = (unsigned char *)RSTRING_PTR(str);
if(i2d_DHparams(pkey->pkey.dh, &p) < 0)
ossl_raise(eDHError, NULL);
ossl_str_adjust(str, p);
@@ -407,7 +407,7 @@
pub_key = GetBNPtr(pub);
len = DH_size(dh);
str = rb_str_new(0, len);
- if ((len = DH_compute_key(RSTRING_PTR(str), pub_key, dh)) < 0) {
+ if ((len = DH_compute_key((unsigned char *)RSTRING_PTR(str), pub_key, dh)) < 0) {
ossl_raise(eDHError, NULL);
}
rb_str_set_len(str, len);
@@ -415,10 +415,10 @@
return str;
}
-OSSL_PKEY_BN(dh, p);
-OSSL_PKEY_BN(dh, g);
-OSSL_PKEY_BN(dh, pub_key);
-OSSL_PKEY_BN(dh, priv_key);
+OSSL_PKEY_BN(dh, p)
+OSSL_PKEY_BN(dh, g)
+OSSL_PKEY_BN(dh, pub_key)
+OSSL_PKEY_BN(dh, priv_key)
/*
* -----BEGIN DH PARAMETERS-----
Modified: MacRuby/trunk/ext/openssl/ossl_pkey_dsa.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_pkey_dsa.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_pkey_dsa.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_pkey_dsa.c 16689 2008-05-29 17:41:56Z knu $
+ * $Id: ossl_pkey_dsa.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -161,19 +161,19 @@
in = ossl_obj2bio(arg);
dsa = PEM_read_bio_DSAPrivateKey(in, NULL, ossl_pem_passwd_cb, passwd);
if (!dsa) {
- BIO_reset(in);
+ (void)BIO_reset(in);
dsa = PEM_read_bio_DSAPublicKey(in, NULL, NULL, NULL);
}
if (!dsa) {
- BIO_reset(in);
+ (void)BIO_reset(in);
dsa = PEM_read_bio_DSA_PUBKEY(in, NULL, NULL, NULL);
}
if (!dsa) {
- BIO_reset(in);
+ (void)BIO_reset(in);
dsa = d2i_DSAPrivateKey_bio(in, NULL);
}
if (!dsa) {
- BIO_reset(in);
+ (void)BIO_reset(in);
dsa = d2i_DSA_PUBKEY_bio(in, NULL);
}
BIO_free(in);
@@ -289,7 +289,7 @@
if((len = i2d_func(pkey->pkey.dsa, NULL)) <= 0)
ossl_raise(eDSAError, NULL);
str = rb_str_new(0, len);
- p = RSTRING_PTR(str);
+ p = (unsigned char *)RSTRING_PTR(str);
if(i2d_func(pkey->pkey.dsa, &p) < 0)
ossl_raise(eDSAError, NULL);
ossl_str_adjust(str, p);
@@ -387,7 +387,7 @@
ossl_dsa_sign(VALUE self, VALUE data)
{
EVP_PKEY *pkey;
- int buf_len;
+ unsigned int buf_len;
VALUE str;
GetPKeyDSA(self, pkey);
@@ -396,7 +396,8 @@
ossl_raise(eDSAError, "Private DSA key needed!");
}
str = rb_str_new(0, ossl_dsa_buf_size(pkey));
- if (!DSA_sign(0, RSTRING_PTR(data), RSTRING_LEN(data), RSTRING_PTR(str),
+ if (!DSA_sign(0, (unsigned char *)RSTRING_PTR(data), RSTRING_LEN(data),
+ (unsigned char *)RSTRING_PTR(str),
&buf_len, pkey->pkey.dsa)) { /* type is ignored (0) */
ossl_raise(eDSAError, NULL);
}
@@ -420,8 +421,8 @@
StringValue(digest);
StringValue(sig);
/* type is ignored (0) */
- ret = DSA_verify(0, RSTRING_PTR(digest), RSTRING_LEN(digest),
- RSTRING_PTR(sig), RSTRING_LEN(sig), pkey->pkey.dsa);
+ ret = DSA_verify(0, (unsigned char *)RSTRING_PTR(digest), RSTRING_LEN(digest),
+ (unsigned char *)RSTRING_PTR(sig), RSTRING_LEN(sig), pkey->pkey.dsa);
if (ret < 0) {
ossl_raise(eDSAError, NULL);
}
@@ -432,11 +433,11 @@
return Qfalse;
}
-OSSL_PKEY_BN(dsa, p);
-OSSL_PKEY_BN(dsa, q);
-OSSL_PKEY_BN(dsa, g);
-OSSL_PKEY_BN(dsa, pub_key);
-OSSL_PKEY_BN(dsa, priv_key);
+OSSL_PKEY_BN(dsa, p)
+OSSL_PKEY_BN(dsa, q)
+OSSL_PKEY_BN(dsa, g)
+OSSL_PKEY_BN(dsa, pub_key)
+OSSL_PKEY_BN(dsa, priv_key)
/*
* INIT
Modified: MacRuby/trunk/ext/openssl/ossl_pkey_ec.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_pkey_ec.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_pkey_ec.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -186,22 +186,22 @@
ec = PEM_read_bio_ECPrivateKey(in, NULL, NULL, NULL);
if (!ec) {
- BIO_reset(in);
+ (void)BIO_reset(in);
ec = PEM_read_bio_EC_PUBKEY(in, NULL, NULL, NULL);
}
if (!ec) {
- BIO_reset(in);
+ (void)BIO_reset(in);
ec = d2i_ECPrivateKey_bio(in, NULL);
}
if (!ec) {
- BIO_reset(in);
+ (void)BIO_reset(in);
ec = d2i_EC_PUBKEY_bio(in, NULL);
}
BIO_free(in);
if (ec == NULL) {
- const char *name = STR2CSTR(arg);
+ const char *name = StringValueCStr(arg);
int nid = OBJ_sn2nid(name);
if (nid == NID_undef)
@@ -463,8 +463,10 @@
BIO *out;
int i = -1;
int private = 0;
+#if 0 /* unused now */
EVP_CIPHER *cipher = NULL;
char *password = NULL;
+#endif
VALUE str;
Require_EC_KEY(self, ec);
@@ -484,13 +486,18 @@
switch(format) {
case EXPORT_PEM:
if (private) {
+#if 0 /* unused now */
if (cipher || password)
/* BUG: finish cipher/password key export */
rb_notimplement();
i = PEM_write_bio_ECPrivateKey(out, ec, cipher, NULL, 0, NULL, password);
+#endif
+ i = PEM_write_bio_ECPrivateKey(out, ec, NULL, NULL, 0, NULL, NULL);
} else {
+#if 0 /* unused now */
if (cipher || password)
rb_raise(rb_eArgError, "encryption is not supported when exporting this key type");
+#endif
i = PEM_write_bio_EC_PUBKEY(out, ec);
}
@@ -498,13 +505,17 @@
break;
case EXPORT_DER:
if (private) {
+#if 0 /* unused now */
if (cipher || password)
rb_raise(rb_eArgError, "encryption is not supported when exporting this key type");
+#endif
i = i2d_ECPrivateKey_bio(out, ec);
} else {
+#if 0 /* unused now */
if (cipher || password)
rb_raise(rb_eArgError, "encryption is not supported when exporting this key type");
+#endif
i = i2d_EC_PUBKEY_bio(out, ec);
}
@@ -695,7 +706,7 @@
{
if (!ec_group->dont_free && ec_group->group)
EC_GROUP_clear_free(ec_group->group);
- free(ec_group);
+ ruby_xfree(ec_group);
}
static VALUE ossl_ec_group_alloc(VALUE klass)
@@ -767,14 +778,14 @@
group = PEM_read_bio_ECPKParameters(in, NULL, NULL, NULL);
if (!group) {
- BIO_reset(in);
+ (void)BIO_reset(in);
group = d2i_ECPKParameters_bio(in, NULL);
}
BIO_free(in);
if (!group) {
- const char *name = STR2CSTR(arg1);
+ const char *name = StringValueCStr(arg1);
int nid = OBJ_sn2nid(name);
if (nid == NID_undef)
@@ -1081,7 +1092,7 @@
if (seed_len == 0)
return Qnil;
- return rb_str_new(EC_GROUP_get0_seed(group), seed_len);
+ return rb_str_new((const char *)EC_GROUP_get0_seed(group), seed_len);
}
/* call-seq:
@@ -1096,7 +1107,7 @@
Require_EC_GROUP(self, group);
StringValue(seed);
- if (EC_GROUP_set_seed(group, RSTRING_PTR(seed), RSTRING_LEN(seed)) != RSTRING_LEN(seed))
+ if (EC_GROUP_set_seed(group, (unsigned char *)RSTRING_PTR(seed), RSTRING_LEN(seed)) != RSTRING_LEN(seed))
ossl_raise(eEC_GROUP, "EC_GROUP_set_seed");
return seed;
@@ -1201,7 +1212,7 @@
{
if (!ec_point->dont_free && ec_point->point)
EC_POINT_clear_free(ec_point->point);
- free(ec_point);
+ ruby_xfree(ec_point);
}
static VALUE ossl_ec_point_alloc(VALUE klass)
Modified: MacRuby/trunk/ext/openssl/ossl_pkey_rsa.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_pkey_rsa.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_pkey_rsa.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_pkey_rsa.c 15610 2008-02-26 07:07:26Z technorama $
+ * $Id: ossl_pkey_rsa.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -151,23 +151,23 @@
in = ossl_obj2bio(arg);
rsa = PEM_read_bio_RSAPrivateKey(in, NULL, ossl_pem_passwd_cb, passwd);
if (!rsa) {
- BIO_reset(in);
+ (void)BIO_reset(in);
rsa = PEM_read_bio_RSAPublicKey(in, NULL, NULL, NULL);
}
if (!rsa) {
- BIO_reset(in);
+ (void)BIO_reset(in);
rsa = PEM_read_bio_RSA_PUBKEY(in, NULL, NULL, NULL);
}
if (!rsa) {
- BIO_reset(in);
+ (void)BIO_reset(in);
rsa = d2i_RSAPrivateKey_bio(in, NULL);
}
if (!rsa) {
- BIO_reset(in);
+ (void)BIO_reset(in);
rsa = d2i_RSAPublicKey_bio(in, NULL);
}
if (!rsa) {
- BIO_reset(in);
+ (void)BIO_reset(in);
rsa = d2i_RSA_PUBKEY_bio(in, NULL);
}
BIO_free(in);
@@ -288,7 +288,7 @@
if((len = i2d_func(pkey->pkey.rsa, NULL)) <= 0)
ossl_raise(eRSAError, NULL);
str = rb_str_new(0, len);
- p = RSTRING_PTR(str);
+ p = (unsigned char *)RSTRING_PTR(str);
if(i2d_func(pkey->pkey.rsa, &p) < 0)
ossl_raise(eRSAError, NULL);
ossl_str_adjust(str, p);
@@ -315,8 +315,8 @@
pad = (argc == 1) ? RSA_PKCS1_PADDING : NUM2INT(padding);
StringValue(buffer);
str = rb_str_new(0, ossl_rsa_buf_size(pkey));
- buf_len = RSA_public_encrypt(RSTRING_LEN(buffer), RSTRING_PTR(buffer),
- RSTRING_PTR(str), pkey->pkey.rsa,
+ buf_len = RSA_public_encrypt(RSTRING_LEN(buffer), (unsigned char *)RSTRING_PTR(buffer),
+ (unsigned char *)RSTRING_PTR(str), pkey->pkey.rsa,
pad);
if (buf_len < 0) ossl_raise(eRSAError, NULL);
rb_str_set_len(str, buf_len);
@@ -341,8 +341,8 @@
pad = (argc == 1) ? RSA_PKCS1_PADDING : NUM2INT(padding);
StringValue(buffer);
str = rb_str_new(0, ossl_rsa_buf_size(pkey));
- buf_len = RSA_public_decrypt(RSTRING_LEN(buffer), RSTRING_PTR(buffer),
- RSTRING_PTR(str), pkey->pkey.rsa,
+ buf_len = RSA_public_decrypt(RSTRING_LEN(buffer), (unsigned char *)RSTRING_PTR(buffer),
+ (unsigned char *)RSTRING_PTR(str), pkey->pkey.rsa,
pad);
if (buf_len < 0) ossl_raise(eRSAError, NULL);
rb_str_set_len(str, buf_len);
@@ -370,8 +370,8 @@
pad = (argc == 1) ? RSA_PKCS1_PADDING : NUM2INT(padding);
StringValue(buffer);
str = rb_str_new(0, ossl_rsa_buf_size(pkey));
- buf_len = RSA_private_encrypt(RSTRING_LEN(buffer), RSTRING_PTR(buffer),
- RSTRING_PTR(str), pkey->pkey.rsa,
+ buf_len = RSA_private_encrypt(RSTRING_LEN(buffer), (unsigned char *)RSTRING_PTR(buffer),
+ (unsigned char *)RSTRING_PTR(str), pkey->pkey.rsa,
pad);
if (buf_len < 0) ossl_raise(eRSAError, NULL);
rb_str_set_len(str, buf_len);
@@ -400,8 +400,8 @@
pad = (argc == 1) ? RSA_PKCS1_PADDING : NUM2INT(padding);
StringValue(buffer);
str = rb_str_new(0, ossl_rsa_buf_size(pkey));
- buf_len = RSA_private_decrypt(RSTRING_LEN(buffer), RSTRING_PTR(buffer),
- RSTRING_PTR(str), pkey->pkey.rsa,
+ buf_len = RSA_private_decrypt(RSTRING_LEN(buffer), (unsigned char *)RSTRING_PTR(buffer),
+ (unsigned char *)RSTRING_PTR(str), pkey->pkey.rsa,
pad);
if (buf_len < 0) ossl_raise(eRSAError, NULL);
rb_str_set_len(str, buf_len);
@@ -519,14 +519,14 @@
}
*/
-OSSL_PKEY_BN(rsa, n);
-OSSL_PKEY_BN(rsa, e);
-OSSL_PKEY_BN(rsa, d);
-OSSL_PKEY_BN(rsa, p);
-OSSL_PKEY_BN(rsa, q);
-OSSL_PKEY_BN(rsa, dmp1);
-OSSL_PKEY_BN(rsa, dmq1);
-OSSL_PKEY_BN(rsa, iqmp);
+OSSL_PKEY_BN(rsa, n)
+OSSL_PKEY_BN(rsa, e)
+OSSL_PKEY_BN(rsa, d)
+OSSL_PKEY_BN(rsa, p)
+OSSL_PKEY_BN(rsa, q)
+OSSL_PKEY_BN(rsa, dmp1)
+OSSL_PKEY_BN(rsa, dmq1)
+OSSL_PKEY_BN(rsa, iqmp)
/*
* INIT
Modified: MacRuby/trunk/ext/openssl/ossl_rand.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_rand.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_rand.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_rand.c 16692 2008-05-29 18:15:50Z knu $
+ * $Id: ossl_rand.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -97,9 +97,9 @@
{
VALUE str;
int n = NUM2INT(len);
-
+
str = rb_str_new(0, n);
- if (!RAND_bytes(RSTRING_PTR(str), n)) {
+ if (!RAND_bytes((unsigned char *)RSTRING_PTR(str), n)) {
ossl_raise(eRandomError, NULL);
}
@@ -118,7 +118,7 @@
int n = NUM2INT(len);
str = rb_str_new(0, n);
- if (!RAND_pseudo_bytes(RSTRING_PTR(str), n)) {
+ if (!RAND_pseudo_bytes((unsigned char *)RSTRING_PTR(str), n)) {
ossl_raise(eRandomError, NULL);
}
Modified: MacRuby/trunk/ext/openssl/ossl_rand.h
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_rand.h 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_rand.h 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_rand.h 11708 2007-02-12 23:01:19Z shyouhei $
+ * $Id: ossl_rand.h 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
Modified: MacRuby/trunk/ext/openssl/ossl_ssl.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_ssl.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_ssl.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_ssl.c 16111 2008-04-20 22:32:06Z technorama $
+ * $Id: ossl_ssl.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2000-2002 GOTOU Yuuzou <gotoyuzo at notwork.org>
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
@@ -11,8 +11,6 @@
* (See the file 'LICENCE'.)
*/
#include "ossl.h"
-#include <rubysig.h>
-#include <rubyio.h>
#if defined(HAVE_UNISTD_H)
# include <unistd.h> /* for read(), and write() */
@@ -69,6 +67,9 @@
"verify_callback", "options", "cert_store", "extra_chain_cert",
"client_cert_cb", "tmp_dh_callback", "session_id_context",
"session_get_cb", "session_new_cb", "session_remove_cb",
+#ifdef HAVE_SSL_SET_TLSEXT_HOST_NAME
+ "servername_cb",
+#endif
};
#define ossl_ssl_get_io(o) rb_iv_get((o),"@io")
@@ -86,7 +87,12 @@
#define ossl_ssl_set_tmp_dh(o,v) rb_iv_set((o),"@tmp_dh",(v))
static const char *ossl_ssl_attr_readers[] = { "io", "context", };
-static const char *ossl_ssl_attrs[] = { "sync_close", };
+static const char *ossl_ssl_attrs[] = {
+#ifdef HAVE_SSL_SET_TLSEXT_HOST_NAME
+ "hostname",
+#endif
+ "sync_close",
+};
ID ID_callback_state;
@@ -297,7 +303,7 @@
static VALUE
ossl_call_session_get_cb(VALUE ary)
{
- VALUE ssl_obj, sslctx_obj, cb, ret;
+ VALUE ssl_obj, sslctx_obj, cb;
Check_Type(ary, T_ARRAY);
ssl_obj = rb_ary_entry(ary, 0);
@@ -325,7 +331,7 @@
ssl_obj = (VALUE)ptr;
ary = rb_ary_new2(2);
rb_ary_push(ary, ssl_obj);
- rb_ary_push(ary, rb_str_new(buf, len));
+ rb_ary_push(ary, rb_str_new((const char *)buf, len));
ret_obj = rb_protect((VALUE(*)_((VALUE)))ossl_call_session_get_cb, ary, &state);
if (state) {
@@ -344,7 +350,7 @@
static VALUE
ossl_call_session_new_cb(VALUE ary)
{
- VALUE ssl_obj, sslctx_obj, cb, ret;
+ VALUE ssl_obj, sslctx_obj, cb;
Check_Type(ary, T_ARRAY);
ssl_obj = rb_ary_entry(ary, 0);
@@ -387,10 +393,11 @@
return RTEST(ret_obj) ? 1 : 0;
}
+#if 0 /* unused */
static VALUE
ossl_call_session_remove_cb(VALUE ary)
{
- VALUE sslctx_obj, cb, ret;
+ VALUE sslctx_obj, cb;
Check_Type(ary, T_ARRAY);
sslctx_obj = rb_ary_entry(ary, 0);
@@ -400,6 +407,7 @@
return rb_funcall(cb, rb_intern("call"), 1, ary);
}
+#endif
static void
ossl_sslctx_session_remove_cb(SSL_CTX *ctx, SSL_SESSION *sess)
@@ -446,6 +454,66 @@
return i;
}
+static VALUE ossl_sslctx_setup(VALUE self);
+
+#ifdef HAVE_SSL_SET_TLSEXT_HOST_NAME
+static VALUE
+ossl_call_servername_cb(VALUE ary)
+{
+ VALUE ssl_obj, sslctx_obj, cb, ret_obj;
+
+ Check_Type(ary, T_ARRAY);
+ ssl_obj = rb_ary_entry(ary, 0);
+
+ sslctx_obj = rb_iv_get(ssl_obj, "@context");
+ if (NIL_P(sslctx_obj)) return Qnil;
+ cb = rb_iv_get(sslctx_obj, "@servername_cb");
+ if (NIL_P(cb)) return Qnil;
+
+ ret_obj = rb_funcall(cb, rb_intern("call"), 1, ary);
+ if (rb_obj_is_kind_of(ret_obj, cSSLContext)) {
+ SSL *ssl;
+ SSL_CTX *ctx2;
+
+ ossl_sslctx_setup(ret_obj);
+ Data_Get_Struct(ssl_obj, SSL, ssl);
+ Data_Get_Struct(ret_obj, SSL_CTX, ctx2);
+ SSL_set_SSL_CTX(ssl, ctx2);
+ } else if (!NIL_P(ret_obj)) {
+ rb_raise(rb_eArgError, "servername_cb must return an OpenSSL::SSL::SSLContext object or nil");
+ }
+
+ return ret_obj;
+}
+
+static int
+ssl_servername_cb(SSL *ssl, int *ad, void *arg)
+{
+ VALUE ary, ssl_obj, ret_obj;
+ void *ptr;
+ int state = 0;
+ const char *servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
+
+ if (!servername)
+ return SSL_TLSEXT_ERR_OK;
+
+ if ((ptr = SSL_get_ex_data(ssl, ossl_ssl_ex_ptr_idx)) == NULL)
+ return SSL_TLSEXT_ERR_ALERT_FATAL;
+ ssl_obj = (VALUE)ptr;
+ ary = rb_ary_new2(2);
+ rb_ary_push(ary, ssl_obj);
+ rb_ary_push(ary, rb_str_new2(servername));
+
+ ret_obj = rb_protect((VALUE(*)_((VALUE)))ossl_call_servername_cb, ary, &state);
+ if (state) {
+ rb_ivar_set(ssl_obj, ID_callback_state, INT2NUM(state));
+ return SSL_TLSEXT_ERR_ALERT_FATAL;
+ }
+
+ return SSL_TLSEXT_ERR_OK;
+}
+#endif
+
/*
* call-seq:
* ctx.setup => Qtrue # first time
@@ -519,7 +587,7 @@
if(!NIL_P(val)){
if(TYPE(val) == T_ARRAY){
for(i = 0; i < RARRAY_LEN(val); i++){
- client_ca = GetX509CertPtr(RARRAY_AT(val, i));
+ client_ca = GetX509CertPtr(RARRAY_PTR(val)[i]);
if (!SSL_CTX_add_client_CA(ctx, client_ca)){
/* Copies X509_NAME => FREE it. */
ossl_raise(eSSLError, "SSL_CTX_add_client_CA");
@@ -563,7 +631,7 @@
val = ossl_sslctx_get_sess_id_ctx(self);
if (!NIL_P(val)){
StringValue(val);
- if (!SSL_CTX_set_session_id_context(ctx, RSTRING_PTR(val),
+ if (!SSL_CTX_set_session_id_context(ctx, (unsigned char *)RSTRING_PTR(val),
RSTRING_LEN(val))){
ossl_raise(eSSLError, "SSL_CTX_set_session_id_context:");
}
@@ -581,6 +649,15 @@
SSL_CTX_sess_set_remove_cb(ctx, ossl_sslctx_session_remove_cb);
OSSL_Debug("SSL SESSION remove callback added");
}
+
+#ifdef HAVE_SSL_SET_TLSEXT_HOST_NAME
+ val = rb_iv_get(self, "@servername_cb");
+ if (!NIL_P(val)) {
+ SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
+ OSSL_Debug("SSL TLSEXT servername callback added");
+ }
+#endif
+
return Qtrue;
}
@@ -815,7 +892,6 @@
VALUE arg1;
SSL_CTX *ctx;
time_t tm = 0;
- int cb_state;
rb_scan_args(argc, argv, "01", &arg1);
@@ -829,7 +905,7 @@
rb_raise(rb_eArgError, "arg must be Time or nil");
}
- SSL_CTX_flush_sessions(ctx, tm);
+ SSL_CTX_flush_sessions(ctx, (long)tm);
return self;
}
@@ -902,6 +978,10 @@
Data_Get_Struct(self, SSL, ssl);
if(!ssl){
+#ifdef HAVE_SSL_SET_TLSEXT_HOST_NAME
+ VALUE hostname = rb_iv_get(self, "@hostname");
+#endif
+
v_ctx = ossl_ssl_get_ctx(self);
Data_Get_Struct(v_ctx, SSL_CTX, ctx);
@@ -911,6 +991,12 @@
}
DATA_PTR(self) = ssl;
+#ifdef HAVE_SSL_SET_TLSEXT_HOST_NAME
+ if (!NIL_P(hostname)) {
+ if (SSL_set_tlsext_host_name(ssl, StringValuePtr(hostname)) != 1)
+ ossl_raise(eSSLError, "SSL_set_tlsext_host_name:");
+ }
+#endif
io = ossl_ssl_get_io(self);
GetOpenFile(io, fptr);
rb_io_check_readable(fptr);
@@ -934,8 +1020,28 @@
#define ssl_get_error(ssl, ret) SSL_get_error(ssl, ret)
#endif
+static void
+write_would_block(int nonblock)
+{
+ if (nonblock) {
+ VALUE exc = ossl_exc_new(eSSLError, "write would block");
+ rb_extend_object(exc, rb_mWaitWritable);
+ rb_exc_raise(exc);
+ }
+}
+
+static void
+read_would_block(int nonblock)
+{
+ if (nonblock) {
+ VALUE exc = ossl_exc_new(eSSLError, "read would block");
+ rb_extend_object(exc, rb_mWaitReadable);
+ rb_exc_raise(exc);
+ }
+}
+
static VALUE
-ossl_start_ssl(VALUE self, int (*func)(), const char *funcname)
+ossl_start_ssl(VALUE self, int (*func)(), const char *funcname, int nonblock)
{
SSL *ssl;
rb_io_t *fptr;
@@ -947,12 +1053,22 @@
Data_Get_Struct(self, SSL, ssl);
GetOpenFile(ossl_ssl_get_io(self), fptr);
for(;;){
- if((ret = func(ssl)) > 0) break;
+ ret = func(ssl);
+
+ cb_state = rb_ivar_get(self, ID_callback_state);
+ if (!NIL_P(cb_state))
+ rb_jump_tag(NUM2INT(cb_state));
+
+ if (ret > 0)
+ break;
+
switch((ret2 = ssl_get_error(ssl, ret))){
case SSL_ERROR_WANT_WRITE:
+ write_would_block(nonblock);
rb_io_wait_writable(FPTR_TO_FD(fptr));
continue;
case SSL_ERROR_WANT_READ:
+ read_would_block(nonblock);
rb_io_wait_readable(FPTR_TO_FD(fptr));
continue;
case SSL_ERROR_SYSCALL:
@@ -963,10 +1079,6 @@
}
}
- cb_state = rb_ivar_get(self, ID_callback_state);
- if (!NIL_P(cb_state))
- rb_jump_tag(NUM2INT(cb_state));
-
return self;
}
@@ -978,32 +1090,73 @@
ossl_ssl_connect(VALUE self)
{
ossl_ssl_setup(self);
- return ossl_start_ssl(self, SSL_connect, "SSL_connect");
+ return ossl_start_ssl(self, SSL_connect, "SSL_connect", 0);
}
/*
* call-seq:
+ * ssl.connect_nonblock => self
+ *
+ * initiate the TLS/SSL handshake as a client in non-blocking manner.
+ *
+ * # emulates blocking connect
+ * begin
+ * ssl.connect_nonblock
+ * rescue IO::WaitReadable
+ * IO.select([s2])
+ * retry
+ * rescue IO::WaitWritable
+ * IO.select(nil, [s2])
+ * retry
+ * end
+ *
+ */
+static VALUE
+ossl_ssl_connect_nonblock(VALUE self)
+{
+ ossl_ssl_setup(self);
+ return ossl_start_ssl(self, SSL_connect, "SSL_connect", 1);
+}
+
+/*
+ * call-seq:
* ssl.accept => self
*/
static VALUE
ossl_ssl_accept(VALUE self)
{
ossl_ssl_setup(self);
- return ossl_start_ssl(self, SSL_accept, "SSL_accept");
+ return ossl_start_ssl(self, SSL_accept, "SSL_accept", 0);
}
/*
* call-seq:
- * ssl.sysread(length) => string
- * ssl.sysread(length, buffer) => buffer
+ * ssl.accept_nonblock => self
*
- * === Parameters
- * * +length+ is a positive integer.
- * * +buffer+ is a string used to store the result.
+ * initiate the TLS/SSL handshake as a server in non-blocking manner.
+ *
+ * # emulates blocking accept
+ * begin
+ * ssl.accept_nonblock
+ * rescue IO::WaitReadable
+ * IO.select([s2])
+ * retry
+ * rescue IO::WaitWritable
+ * IO.select(nil, [s2])
+ * retry
+ * end
+ *
*/
static VALUE
-ossl_ssl_read(int argc, VALUE *argv, VALUE self)
+ossl_ssl_accept_nonblock(VALUE self)
{
+ ossl_ssl_setup(self);
+ return ossl_start_ssl(self, SSL_accept, "SSL_accept", 1);
+}
+
+static VALUE
+ossl_ssl_read_internal(int argc, VALUE *argv, VALUE self, int nonblock)
+{
SSL *ssl;
int ilen, nread = 0;
VALUE len, str;
@@ -1022,7 +1175,7 @@
Data_Get_Struct(self, SSL, ssl);
GetOpenFile(ossl_ssl_get_io(self), fptr);
if (ssl) {
- if(SSL_pending(ssl) <= 0)
+ if(!nonblock && SSL_pending(ssl) <= 0)
rb_thread_wait_fd(FPTR_TO_FD(fptr));
for (;;){
nread = SSL_read(ssl, RSTRING_PTR(str), RSTRING_LEN(str));
@@ -1032,9 +1185,11 @@
case SSL_ERROR_ZERO_RETURN:
rb_eof_error();
case SSL_ERROR_WANT_WRITE:
+ write_would_block(nonblock);
rb_io_wait_writable(FPTR_TO_FD(fptr));
continue;
case SSL_ERROR_WANT_READ:
+ read_would_block(nonblock);
rb_io_wait_readable(FPTR_TO_FD(fptr));
continue;
case SSL_ERROR_SYSCALL:
@@ -1046,9 +1201,9 @@
}
}
else {
- ID id_sysread = rb_intern("sysread");
+ ID meth = nonblock ? rb_intern("read_nonblock") : rb_intern("sysread");
rb_warning("SSL session is not started yet.");
- return rb_funcall(ossl_ssl_get_io(self), id_sysread, 2, len, str);
+ return rb_funcall(ossl_ssl_get_io(self), meth, 2, len, str);
}
end:
@@ -1058,13 +1213,40 @@
return str;
}
+
/*
* call-seq:
- * ssl.syswrite(string) => integer
+ * ssl.sysread(length) => string
+ * ssl.sysread(length, buffer) => buffer
+ *
+ * === Parameters
+ * * +length+ is a positive integer.
+ * * +buffer+ is a string used to store the result.
*/
static VALUE
-ossl_ssl_write(VALUE self, VALUE str)
+ossl_ssl_read(int argc, VALUE *argv, VALUE self)
{
+ return ossl_ssl_read_internal(argc, argv, self, 0);
+}
+
+/*
+ * call-seq:
+ * ssl.sysread_nonblock(length) => string
+ * ssl.sysread_nonblock(length, buffer) => buffer
+ *
+ * === Parameters
+ * * +length+ is a positive integer.
+ * * +buffer+ is a string used to store the result.
+ */
+static VALUE
+ossl_ssl_read_nonblock(int argc, VALUE *argv, VALUE self)
+{
+ return ossl_ssl_read_internal(argc, argv, self, 1);
+}
+
+static VALUE
+ossl_ssl_write_internal(VALUE self, VALUE str, int nonblock)
+{
SSL *ssl;
int nwrite = 0;
rb_io_t *fptr;
@@ -1080,9 +1262,11 @@
case SSL_ERROR_NONE:
goto end;
case SSL_ERROR_WANT_WRITE:
+ write_would_block(nonblock);
rb_io_wait_writable(FPTR_TO_FD(fptr));
continue;
case SSL_ERROR_WANT_READ:
+ read_would_block(nonblock);
rb_io_wait_readable(FPTR_TO_FD(fptr));
continue;
case SSL_ERROR_SYSCALL:
@@ -1104,6 +1288,26 @@
/*
* call-seq:
+ * ssl.syswrite(string) => integer
+ */
+static VALUE
+ossl_ssl_write(VALUE self, VALUE str)
+{
+ return ossl_ssl_write_internal(self, str, 0);
+}
+
+/*
+ * call-seq:
+ * ssl.syswrite_nonblock(string) => integer
+ */
+static VALUE
+ossl_ssl_write_nonblock(VALUE self, VALUE str)
+{
+ return ossl_ssl_write_internal(self, str, 1);
+}
+
+/*
+ * call-seq:
* ssl.sysclose => nil
*/
static VALUE
@@ -1344,13 +1548,13 @@
ID_callback_state = rb_intern("@callback_state");
- ossl_ssl_ex_vcb_idx = SSL_get_ex_new_index(0,"ossl_ssl_ex_vcb_idx",0,0,0);
- ossl_ssl_ex_store_p = SSL_get_ex_new_index(0,"ossl_ssl_ex_store_p",0,0,0);
- ossl_ssl_ex_ptr_idx = SSL_get_ex_new_index(0,"ossl_ssl_ex_ptr_idx",0,0,0);
+ ossl_ssl_ex_vcb_idx = SSL_get_ex_new_index(0,(void *)"ossl_ssl_ex_vcb_idx",0,0,0);
+ ossl_ssl_ex_store_p = SSL_get_ex_new_index(0,(void *)"ossl_ssl_ex_store_p",0,0,0);
+ ossl_ssl_ex_ptr_idx = SSL_get_ex_new_index(0,(void *)"ossl_ssl_ex_ptr_idx",0,0,0);
ossl_ssl_ex_client_cert_cb_idx =
- SSL_get_ex_new_index(0,"ossl_ssl_ex_client_cert_cb_idx",0,0,0);
+ SSL_get_ex_new_index(0,(void *)"ossl_ssl_ex_client_cert_cb_idx",0,0,0);
ossl_ssl_ex_tmp_dh_callback_idx =
- SSL_get_ex_new_index(0,"ossl_ssl_ex_tmp_dh_callback_idx",0,0,0);
+ SSL_get_ex_new_index(0,(void *)"ossl_ssl_ex_tmp_dh_callback_idx",0,0,0);
mSSL = rb_define_module_under(mOSSL, "SSL");
eSSLError = rb_define_class_under(mSSL, "SSLError", eOSSLError);
@@ -1418,9 +1622,13 @@
rb_define_alias(cSSLSocket, "to_io", "io");
rb_define_method(cSSLSocket, "initialize", ossl_ssl_initialize, -1);
rb_define_method(cSSLSocket, "connect", ossl_ssl_connect, 0);
+ rb_define_method(cSSLSocket, "connect_nonblock", ossl_ssl_connect_nonblock, 0);
rb_define_method(cSSLSocket, "accept", ossl_ssl_accept, 0);
+ rb_define_method(cSSLSocket, "accept_nonblock", ossl_ssl_accept_nonblock, 0);
rb_define_method(cSSLSocket, "sysread", ossl_ssl_read, -1);
+ rb_define_private_method(cSSLSocket, "sysread_nonblock", ossl_ssl_read_nonblock, -1);
rb_define_method(cSSLSocket, "syswrite", ossl_ssl_write, 1);
+ rb_define_private_method(cSSLSocket, "syswrite_nonblock", ossl_ssl_write_nonblock, 1);
rb_define_method(cSSLSocket, "sysclose", ossl_ssl_close, 0);
rb_define_method(cSSLSocket, "cert", ossl_ssl_get_cert, 0);
rb_define_method(cSSLSocket, "peer_cert", ossl_ssl_get_peer_cert, 0);
@@ -1432,7 +1640,7 @@
rb_define_method(cSSLSocket, "session=", ossl_ssl_set_session, 1);
rb_define_method(cSSLSocket, "verify_result", ossl_ssl_get_verify_result, 0);
-#define ossl_ssl_def_const(x) rb_define_const(mSSL, #x, INT2FIX(SSL_##x))
+#define ossl_ssl_def_const(x) rb_define_const(mSSL, #x, INT2NUM(SSL_##x))
ossl_ssl_def_const(VERIFY_NONE);
ossl_ssl_def_const(VERIFY_PEER);
@@ -1466,6 +1674,9 @@
ossl_ssl_def_const(OP_NO_SSLv2);
ossl_ssl_def_const(OP_NO_SSLv3);
ossl_ssl_def_const(OP_NO_TLSv1);
+#if defined(SSL_OP_NO_TICKET)
+ ossl_ssl_def_const(OP_NO_TICKET);
+#endif
ossl_ssl_def_const(OP_PKCS1_CHECK_1);
ossl_ssl_def_const(OP_PKCS1_CHECK_2);
ossl_ssl_def_const(OP_NETSCAPE_CA_DN_BUG);
Modified: MacRuby/trunk/ext/openssl/ossl_ssl.h
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_ssl.h 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_ssl.h 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_ssl.h 12134 2007-04-02 22:10:12Z technorama $
+ * $Id: ossl_ssl.h 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
Modified: MacRuby/trunk/ext/openssl/ossl_ssl_session.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_ssl_session.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_ssl_session.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -36,8 +36,6 @@
static VALUE ossl_ssl_session_initialize(VALUE self, VALUE arg1)
{
SSL_SESSION *ctx = NULL;
- VALUE obj;
- unsigned char *p;
if (RDATA(self)->data)
ossl_raise(eSSLSession, "SSL Session already initialized");
@@ -47,7 +45,7 @@
Data_Get_Struct(arg1, SSL, ssl);
- if ((ctx = SSL_get1_session(ssl)) == NULL)
+ if (!ssl || (ctx = SSL_get1_session(ssl)) == NULL)
ossl_raise(eSSLSession, "no session available");
} else {
BIO *in = ossl_obj2bio(arg1);
@@ -55,7 +53,7 @@
ctx = PEM_read_bio_SSL_SESSION(in, NULL, NULL, NULL);
if (!ctx) {
- BIO_reset(in);
+ (void)BIO_reset(in);
ctx = d2i_SSL_SESSION_bio(in, NULL);
}
@@ -109,7 +107,7 @@
if (t == 0)
return Qnil;
- return rb_funcall(rb_cTime, rb_intern("at"), 1, LONG2NUM(t));
+ return rb_funcall(rb_cTime, rb_intern("at"), 1, TIMET2NUM(t));
}
/*
@@ -128,14 +126,14 @@
t = SSL_SESSION_get_timeout(ctx);
- return ULONG2NUM(t);
+ return TIMET2NUM(t);
}
#define SSLSESSION_SET_TIME(func) \
static VALUE ossl_ssl_session_set_##func(VALUE self, VALUE time_v) \
{ \
SSL_SESSION *ctx; \
- time_t t; \
+ unsigned long t; \
\
GetSSLSession(self, ctx); \
\
Modified: MacRuby/trunk/ext/openssl/ossl_version.h
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_version.h 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_version.h 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_version.h 16111 2008-04-20 22:32:06Z technorama $
+ * $Id: ossl_version.h 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
Modified: MacRuby/trunk/ext/openssl/ossl_x509.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_x509.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_x509.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_x509.c 11708 2007-02-12 23:01:19Z shyouhei $
+ * $Id: ossl_x509.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
Modified: MacRuby/trunk/ext/openssl/ossl_x509.h
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_x509.h 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_x509.h 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_x509.h 11708 2007-02-12 23:01:19Z shyouhei $
+ * $Id: ossl_x509.h 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
Modified: MacRuby/trunk/ext/openssl/ossl_x509attr.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_x509attr.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_x509attr.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_x509attr.c 12153 2007-04-05 19:03:28Z technorama $
+ * $Id: ossl_x509attr.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -92,16 +92,17 @@
ossl_x509attr_initialize(int argc, VALUE *argv, VALUE self)
{
VALUE oid, value;
- X509_ATTRIBUTE *attr;
- unsigned char *p;
+ X509_ATTRIBUTE *attr, *x;
+ const unsigned char *p;
GetX509Attr(self, attr);
if(rb_scan_args(argc, argv, "11", &oid, &value) == 1){
oid = ossl_to_der_if_possible(oid);
StringValue(oid);
- p = RSTRING_PTR(oid);
- if(!d2i_X509_ATTRIBUTE((X509_ATTRIBUTE**)&DATA_PTR(self),
- &p, RSTRING_LEN(oid))){
+ p = (unsigned char *)RSTRING_PTR(oid);
+ x = d2i_X509_ATTRIBUTE(&attr, &p, RSTRING_LEN(oid));
+ DATA_PTR(self) = attr;
+ if(!x){
ossl_raise(eX509AttrError, NULL);
}
return self;
@@ -212,7 +213,7 @@
if(OSSL_X509ATTR_IS_SINGLE(attr)){
length = i2d_ASN1_TYPE(attr->value.single, NULL);
str = rb_str_new(0, length);
- p = RSTRING_PTR(str);
+ p = (unsigned char *)RSTRING_PTR(str);
i2d_ASN1_TYPE(attr->value.single, &p);
ossl_str_adjust(str, p);
}
@@ -220,7 +221,7 @@
length = i2d_ASN1_SET_OF_ASN1_TYPE(attr->value.set, NULL,
i2d_ASN1_TYPE, V_ASN1_SET, V_ASN1_UNIVERSAL, 0);
str = rb_str_new(0, length);
- p = RSTRING_PTR(str);
+ p = (unsigned char *)RSTRING_PTR(str);
i2d_ASN1_SET_OF_ASN1_TYPE(attr->value.set, &p,
i2d_ASN1_TYPE, V_ASN1_SET, V_ASN1_UNIVERSAL, 0);
ossl_str_adjust(str, p);
@@ -246,7 +247,7 @@
if((len = i2d_X509_ATTRIBUTE(attr, NULL)) <= 0)
ossl_raise(eX509AttrError, NULL);
str = rb_str_new(0, len);
- p = RSTRING_PTR(str);
+ p = (unsigned char *)RSTRING_PTR(str);
if(i2d_X509_ATTRIBUTE(attr, &p) <= 0)
ossl_raise(eX509AttrError, NULL);
rb_str_set_len(str, p - (unsigned char*)RSTRING_PTR(str));
Modified: MacRuby/trunk/ext/openssl/ossl_x509cert.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_x509cert.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_x509cert.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_x509cert.c 12153 2007-04-05 19:03:28Z technorama $
+ * $Id: ossl_x509cert.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -134,7 +134,7 @@
ossl_x509_initialize(int argc, VALUE *argv, VALUE self)
{
BIO *in;
- X509 *x509;
+ X509 *x509, *x = DATA_PTR(self);
VALUE arg;
if (rb_scan_args(argc, argv, "01", &arg) == 0) {
@@ -143,10 +143,12 @@
}
arg = ossl_to_der_if_possible(arg);
in = ossl_obj2bio(arg);
- x509 = PEM_read_bio_X509(in, (X509 **)&DATA_PTR(self), NULL, NULL);
+ x509 = PEM_read_bio_X509(in, &x, NULL, NULL);
+ DATA_PTR(self) = x;
if (!x509) {
- BIO_reset(in);
- x509 = d2i_X509_bio(in, (X509 **)&DATA_PTR(self));
+ (void)BIO_reset(in);
+ x509 = d2i_X509_bio(in, &x);
+ DATA_PTR(self) = x;
}
BIO_free(in);
if (!x509) ossl_raise(eX509CertError, NULL);
@@ -190,7 +192,7 @@
if ((len = i2d_X509(x509, NULL)) <= 0)
ossl_raise(eX509CertError, NULL);
str = rb_str_new(0, len);
- p = RSTRING_PTR(str);
+ p = (unsigned char *)RSTRING_PTR(str);
if (i2d_X509(x509, &p) <= 0)
ossl_raise(eX509CertError, NULL);
ossl_str_adjust(str, p);
@@ -647,13 +649,13 @@
Check_Type(ary, T_ARRAY);
/* All ary's members should be X509Extension */
for (i=0; i<RARRAY_LEN(ary); i++) {
- OSSL_Check_Kind(RARRAY_AT(ary, i), cX509Ext);
+ OSSL_Check_Kind(RARRAY_PTR(ary)[i], cX509Ext);
}
GetX509(self, x509);
sk_X509_EXTENSION_pop_free(x509->cert_info->extensions, X509_EXTENSION_free);
x509->cert_info->extensions = NULL;
for (i=0; i<RARRAY_LEN(ary); i++) {
- ext = DupX509ExtPtr(RARRAY_AT(ary, i));
+ ext = DupX509ExtPtr(RARRAY_PTR(ary)[i]);
if (!X509_add_ext(x509, ext, -1)) { /* DUPs ext - FREE it */
X509_EXTENSION_free(ext);
@@ -690,7 +692,7 @@
ossl_x509_inspect(VALUE self)
{
VALUE str;
- char *cname = rb_class2name(rb_obj_class(self));
+ const char *cname = rb_class2name(rb_obj_class(self));
str = rb_str_new2("#<");
rb_str_cat2(str, cname);
Modified: MacRuby/trunk/ext/openssl/ossl_x509crl.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_x509crl.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_x509crl.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_x509crl.c 11708 2007-02-12 23:01:19Z shyouhei $
+ * $Id: ossl_x509crl.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -91,7 +91,7 @@
ossl_x509crl_initialize(int argc, VALUE *argv, VALUE self)
{
BIO *in;
- X509_CRL *crl;
+ X509_CRL *crl, *x = DATA_PTR(self);
VALUE arg;
if (rb_scan_args(argc, argv, "01", &arg) == 0) {
@@ -99,10 +99,12 @@
}
arg = ossl_to_der_if_possible(arg);
in = ossl_obj2bio(arg);
- crl = PEM_read_bio_X509_CRL(in, (X509_CRL **)&DATA_PTR(self), NULL, NULL);
+ crl = PEM_read_bio_X509_CRL(in, &x, NULL, NULL);
+ DATA_PTR(self) = x;
if (!crl) {
- BIO_reset(in);
- crl = d2i_X509_CRL_bio(in, (X509_CRL **)&DATA_PTR(self));
+ (void)BIO_reset(in);
+ crl = d2i_X509_CRL_bio(in, &x);
+ DATA_PTR(self) = x;
}
BIO_free(in);
if (!crl) ossl_raise(eX509CRLError, NULL);
@@ -288,13 +290,13 @@
Check_Type(ary, T_ARRAY);
/* All ary members should be X509 Revoked */
for (i=0; i<RARRAY_LEN(ary); i++) {
- OSSL_Check_Kind(RARRAY_AT(ary, i), cX509Rev);
+ OSSL_Check_Kind(RARRAY_PTR(ary)[i], cX509Rev);
}
GetX509CRL(self, crl);
sk_X509_REVOKED_pop_free(crl->crl->revoked, X509_REVOKED_free);
crl->crl->revoked = NULL;
for (i=0; i<RARRAY_LEN(ary); i++) {
- rev = DupX509RevokedPtr(RARRAY_AT(ary, i));
+ rev = DupX509RevokedPtr(RARRAY_PTR(ary)[i]);
if (!X509_CRL_add0_revoked(crl, rev)) { /* NO DUP - don't free! */
ossl_raise(eX509CRLError, NULL);
}
@@ -462,13 +464,13 @@
Check_Type(ary, T_ARRAY);
/* All ary members should be X509 Extensions */
for (i=0; i<RARRAY_LEN(ary); i++) {
- OSSL_Check_Kind(RARRAY_AT(ary, i), cX509Ext);
+ OSSL_Check_Kind(RARRAY_PTR(ary)[i], cX509Ext);
}
GetX509CRL(self, crl);
sk_X509_EXTENSION_pop_free(crl->crl->extensions, X509_EXTENSION_free);
crl->crl->extensions = NULL;
for (i=0; i<RARRAY_LEN(ary); i++) {
- ext = DupX509ExtPtr(RARRAY_AT(ary, i));
+ ext = DupX509ExtPtr(RARRAY_PTR(ary)[i]);
if(!X509_CRL_add_ext(crl, ext, -1)) { /* DUPs ext - FREE it */
X509_EXTENSION_free(ext);
ossl_raise(eX509CRLError, NULL);
Modified: MacRuby/trunk/ext/openssl/ossl_x509ext.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_x509ext.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_x509ext.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_x509ext.c 16111 2008-04-20 22:32:06Z technorama $
+ * $Id: ossl_x509ext.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -163,10 +163,10 @@
return crl;
}
+#ifdef HAVE_X509V3_SET_NCONF
static VALUE
ossl_x509extfactory_set_config(VALUE self, VALUE config)
{
-#ifdef HAVE_X509V3_SET_NCONF
X509V3_CTX *ctx;
CONF *conf;
@@ -176,10 +176,10 @@
X509V3_set_nconf(ctx, conf);
return config;
+}
#else
- rb_notimplement();
+#define rb_f_fork rb_f_notimplement
#endif
-}
static VALUE
ossl_x509extfactory_initialize(int argc, VALUE *argv, VALUE self)
@@ -274,16 +274,17 @@
ossl_x509ext_initialize(int argc, VALUE *argv, VALUE self)
{
VALUE oid, value, critical;
- unsigned char *p;
- X509_EXTENSION *ext;
+ const unsigned char *p;
+ X509_EXTENSION *ext, *x;
GetX509Ext(self, ext);
if(rb_scan_args(argc, argv, "12", &oid, &value, &critical) == 1){
oid = ossl_to_der_if_possible(oid);
StringValue(oid);
- p = RSTRING_PTR(oid);
- if(!d2i_X509_EXTENSION((X509_EXTENSION**)&DATA_PTR(self),
- &p, RSTRING_LEN(oid)))
+ p = (unsigned char *)RSTRING_PTR(oid);
+ x = d2i_X509_EXTENSION(&ext, &p, RSTRING_LEN(oid));
+ DATA_PTR(self) = ext;
+ if(!x)
ossl_raise(eX509ExtError, NULL);
return self;
}
@@ -324,14 +325,15 @@
ossl_raise(eX509ExtError, "malloc error");
memcpy(s, RSTRING_PTR(data), RSTRING_LEN(data));
if(!(asn1s = ASN1_OCTET_STRING_new())){
- free(s);
+ OPENSSL_free(s);
ossl_raise(eX509ExtError, NULL);
}
if(!M_ASN1_OCTET_STRING_set(asn1s, s, RSTRING_LEN(data))){
- free(s);
+ OPENSSL_free(s);
ASN1_OCTET_STRING_free(asn1s);
ossl_raise(eX509ExtError, NULL);
}
+ OPENSSL_free(s);
GetX509Ext(self, ext);
X509_EXTENSION_set_data(ext, asn1s);
@@ -410,7 +412,7 @@
if((len = i2d_X509_EXTENSION(ext, NULL)) <= 0)
ossl_raise(eX509ExtError, NULL);
str = rb_str_new(0, len);
- p = RSTRING_PTR(str);
+ p = (unsigned char *)RSTRING_PTR(str);
if(i2d_X509_EXTENSION(ext, &p) < 0)
ossl_raise(eX509ExtError, NULL);
ossl_str_adjust(str, p);
Modified: MacRuby/trunk/ext/openssl/ossl_x509name.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_x509name.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_x509name.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_x509name.c 12799 2007-07-15 13:24:39Z nobu $
+ * $Id: ossl_x509name.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -135,11 +135,14 @@
rb_block_call(tmp, rb_intern("each"), 0, 0, ossl_x509name_init_i, args);
}
else{
- unsigned char *p;
+ const unsigned char *p;
VALUE str = ossl_to_der_if_possible(arg);
+ X509_NAME *x;
StringValue(str);
- p = RSTRING_PTR(str);
- if(!d2i_X509_NAME((X509_NAME**)&DATA_PTR(self), &p, RSTRING_LEN(str))){
+ p = (unsigned char *)RSTRING_PTR(str);
+ x = d2i_X509_NAME(&name, &p, RSTRING_LEN(str));
+ DATA_PTR(self) = name;
+ if(!x){
ossl_raise(eX509NameError, NULL);
}
}
@@ -164,7 +167,7 @@
if(NIL_P(type)) type = rb_aref(OBJECT_TYPE_TEMPLATE, oid);
GetX509Name(self, name);
if (!X509_NAME_add_entry_by_txt(name, RSTRING_PTR(oid), NUM2INT(type),
- RSTRING_PTR(value), RSTRING_LEN(value), -1, 0)) {
+ (const unsigned char *)RSTRING_PTR(value), RSTRING_LEN(value), -1, 0)) {
ossl_raise(eX509NameError, NULL);
}
@@ -245,7 +248,7 @@
}
short_name = OBJ_nid2sn(OBJ_ln2nid(long_name));
ary = rb_ary_new3(3, rb_str_new2(short_name),
- rb_str_new(entry->value->data, entry->value->length),
+ rb_str_new((const char *)entry->value->data, entry->value->length),
INT2FIX(entry->value->type));
rb_ary_push(ret, ary);
}
@@ -319,7 +322,7 @@
if((len = i2d_X509_NAME(name, NULL)) <= 0)
ossl_raise(eX509NameError, NULL);
str = rb_str_new(0, len);
- p = RSTRING_PTR(str);
+ p = (unsigned char *)RSTRING_PTR(str);
if(i2d_X509_NAME(name, &p) <= 0)
ossl_raise(eX509NameError, NULL);
ossl_str_adjust(str, p);
@@ -355,11 +358,7 @@
ia5str = INT2NUM(V_ASN1_IA5STRING);
rb_define_const(cX509Name, "DEFAULT_OBJECT_TYPE", utf8str);
hash = rb_hash_new();
-#if WITH_OBJC
- rb_funcall(hash, rb_intern("default="), 1, utf8str);
-#else
RHASH(hash)->ifnone = utf8str;
-#endif
rb_hash_aset(hash, rb_str_new2("C"), ptrstr);
rb_hash_aset(hash, rb_str_new2("countryName"), ptrstr);
rb_hash_aset(hash, rb_str_new2("serialNumber"), ptrstr);
Modified: MacRuby/trunk/ext/openssl/ossl_x509req.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_x509req.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_x509req.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_x509req.c 11708 2007-02-12 23:01:19Z shyouhei $
+ * $Id: ossl_x509req.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -99,7 +99,7 @@
ossl_x509req_initialize(int argc, VALUE *argv, VALUE self)
{
BIO *in;
- X509_REQ *req;
+ X509_REQ *req, *x = DATA_PTR(self);
VALUE arg;
if (rb_scan_args(argc, argv, "01", &arg) == 0) {
@@ -107,10 +107,12 @@
}
arg = ossl_to_der_if_possible(arg);
in = ossl_obj2bio(arg);
- req = PEM_read_bio_X509_REQ(in, (X509_REQ **)&DATA_PTR(self), NULL, NULL);
+ req = PEM_read_bio_X509_REQ(in, &x, NULL, NULL);
+ DATA_PTR(self) = x;
if (!req) {
- BIO_reset(in);
- req = d2i_X509_REQ_bio(in, (X509_REQ **)&DATA_PTR(self));
+ (void)BIO_reset(in);
+ req = d2i_X509_REQ_bio(in, &x);
+ DATA_PTR(self) = x;
}
BIO_free(in);
if (!req) ossl_raise(eX509ReqError, NULL);
@@ -171,7 +173,7 @@
if ((len = i2d_X509_REQ(req, NULL)) <= 0)
ossl_raise(eX509CertError, NULL);
str = rb_str_new(0, len);
- p = RSTRING_PTR(str);
+ p = (unsigned char *)RSTRING_PTR(str);
if (i2d_X509_REQ(req, &p) <= 0)
ossl_raise(eX509ReqError, NULL);
ossl_str_adjust(str, p);
@@ -404,13 +406,13 @@
Check_Type(ary, T_ARRAY);
for (i=0;i<RARRAY_LEN(ary); i++) {
- OSSL_Check_Kind(RARRAY_AT(ary, i), cX509Attr);
+ OSSL_Check_Kind(RARRAY_PTR(ary)[i], cX509Attr);
}
GetX509Req(self, req);
sk_X509_ATTRIBUTE_pop_free(req->req_info->attributes, X509_ATTRIBUTE_free);
req->req_info->attributes = NULL;
for (i=0;i<RARRAY_LEN(ary); i++) {
- item = RARRAY_AT(ary, i);
+ item = RARRAY_PTR(ary)[i];
attr = DupX509AttrPtr(item);
if (!X509_REQ_add1_attr(req, attr)) {
ossl_raise(eX509ReqError, NULL);
Modified: MacRuby/trunk/ext/openssl/ossl_x509revoked.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_x509revoked.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_x509revoked.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_x509revoked.c 11708 2007-02-12 23:01:19Z shyouhei $
+ * $Id: ossl_x509revoked.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -176,13 +176,13 @@
Check_Type(ary, T_ARRAY);
for (i=0; i<RARRAY_LEN(ary); i++) {
- OSSL_Check_Kind(RARRAY_AT(ary, i), cX509Ext);
+ OSSL_Check_Kind(RARRAY_PTR(ary)[i], cX509Ext);
}
GetX509Rev(self, rev);
sk_X509_EXTENSION_pop_free(rev->extensions, X509_EXTENSION_free);
rev->extensions = NULL;
for (i=0; i<RARRAY_LEN(ary); i++) {
- item = RARRAY_AT(ary, i);
+ item = RARRAY_PTR(ary)[i];
ext = DupX509ExtPtr(item);
if(!X509_REVOKED_add_ext(rev, ext, -1)) {
ossl_raise(eX509RevError, NULL);
Modified: MacRuby/trunk/ext/openssl/ossl_x509store.c
===================================================================
--- MacRuby/trunk/ext/openssl/ossl_x509store.c 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ossl_x509store.c 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ossl_x509store.c 16689 2008-05-29 17:41:56Z knu $
+ * $Id: ossl_x509store.c 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2002 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
@@ -9,7 +9,6 @@
* (See the file 'LICENCE'.)
*/
#include "ossl.h"
-#include <rubysig.h>
#define WrapX509Store(klass, obj, st) do { \
if (!st) { \
@@ -212,7 +211,7 @@
char *path = NULL;
if(file != Qnil){
- Check_SafeStr(file);
+ SafeStringValue(file);
path = RSTRING_PTR(file);
}
GetX509Store(self, store);
@@ -233,7 +232,7 @@
char *path = NULL;
if(dir != Qnil){
- Check_SafeStr(dir);
+ SafeStringValue(dir);
path = RSTRING_PTR(dir);
}
GetX509Store(self, store);
Modified: MacRuby/trunk/ext/openssl/ruby_missing.h
===================================================================
--- MacRuby/trunk/ext/openssl/ruby_missing.h 2009-10-27 23:24:00 UTC (rev 2906)
+++ MacRuby/trunk/ext/openssl/ruby_missing.h 2009-10-28 01:11:13 UTC (rev 2907)
@@ -1,5 +1,5 @@
/*
- * $Id: ruby_missing.h 12140 2007-04-03 07:21:53Z nobu $
+ * $Id: ruby_missing.h 25189 2009-10-02 12:04:37Z akr $
* 'OpenSSL for Ruby' project
* Copyright (C) 2001-2003 Michal Rokos <m.rokos at sh.cvut.cz>
* All rights reserved.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macruby-changes/attachments/20091027/d66d6ecb/attachment-0001.html>
More information about the macruby-changes
mailing list