diff options
author | nahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2011-06-23 13:51:55 +0000 |
---|---|---|
committer | nahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2011-06-23 13:51:55 +0000 |
commit | bf2e60cda7ad9e08f03d1eed99f77cc9c6cc1496 (patch) | |
tree | 0c9592c3e01cbe0c96d44f8a611d9a678bb0d33e | |
parent | 3e01a8d58e4095e77a7ecf6658fc7a825e8ed6c0 (diff) |
* ext/openssl/ossl_x509name.c: Add X509::Name#hash_old as a wrapper
for X509_NAME_hash_old in OpenSSL 1.0.0. See #4805
* test/openssl/test_x509name.rb (test_hash): Make test pass with
OpenSSL 1.0.0.
* NEWS: Add it.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32213 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | ChangeLog | 10 | ||||
-rw-r--r-- | NEWS | 3 | ||||
-rw-r--r-- | ext/openssl/extconf.rb | 1 | ||||
-rw-r--r-- | ext/openssl/ossl_x509name.c | 24 | ||||
-rw-r--r-- | test/openssl/test_x509name.rb | 20 |
5 files changed, 58 insertions, 0 deletions
@@ -1,3 +1,13 @@ +Thu Jun 23 22:46:57 2011 Hiroshi Nakamura <nahi@ruby-lang.org> + + * ext/openssl/ossl_x509name.c: Add X509::Name#hash_old as a wrapper + for X509_NAME_hash_old in OpenSSL 1.0.0. See #4805 + + * test/openssl/test_x509name.rb (test_hash): Make test pass with + OpenSSL 1.0.0. + + * NEWS: Add it. + Thu Jun 23 19:30:53 2011 Hiroshi Nakamura <nahi@ruby-lang.org> * ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_time): Check @@ -177,6 +177,9 @@ with all sufficient information, see the ChangeLog file. * OpenSSL::PKey.read( file | string [, pwd] ) allows to read arbitrary public/private keys in DER-/PEM-encoded form with an optional password for encrypted PEM encodings. + * Add new method OpenSSL::X509::Name#hash_old as a wrapper of + X509_NAME_hash_old() defined from OpenSSL 1.0.0. It returns OpenSSL 0.9.8 + compatible hash value. * optparse * support for bash/zsh completion. diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index 1bd5a0741c..d38af40b36 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -94,6 +94,7 @@ have_func("X509_CRL_add0_revoked") have_func("X509_CRL_set_issuer_name") have_func("X509_CRL_set_version") have_func("X509_CRL_sort") +have_func("X509_NAME_hash_old") have_func("X509_STORE_get_ex_data") have_func("X509_STORE_set_ex_data") have_func("OBJ_NAME_do_all_sorted") diff --git a/ext/openssl/ossl_x509name.c b/ext/openssl/ossl_x509name.c index b75ae398cc..13e18eecf1 100644 --- a/ext/openssl/ossl_x509name.c +++ b/ext/openssl/ossl_x509name.c @@ -317,6 +317,27 @@ ossl_x509name_hash(VALUE self) return ULONG2NUM(hash); } +#ifdef HAVE_X509_NAME_HASH_OLD +/* + * call-seq: + * name.hash_old => integer + * + * hash_old returns MD5 based hash used in OpenSSL 0.9.X. + */ +static VALUE +ossl_x509name_hash_old(VALUE self) +{ + X509_NAME *name; + unsigned long hash; + + GetX509Name(self, name); + + hash = X509_NAME_hash_old(name); + + return ULONG2NUM(hash); +} +#endif + /* * call-seq: * name.to_der => string @@ -364,6 +385,9 @@ Init_ossl_x509name() rb_define_alias(cX509Name, "<=>", "cmp"); rb_define_method(cX509Name, "eql?", ossl_x509name_eql, 1); rb_define_method(cX509Name, "hash", ossl_x509name_hash, 0); +#ifdef HAVE_X509_NAME_HASH_OLD + rb_define_method(cX509Name, "hash_old", ossl_x509name_hash_old, 0); +#endif rb_define_method(cX509Name, "to_der", ossl_x509name_to_der, 0); utf8str = INT2NUM(V_ASN1_UTF8STRING); diff --git a/test/openssl/test_x509name.rb b/test/openssl/test_x509name.rb index ef9925202a..cf5a8b0ab4 100644 --- a/test/openssl/test_x509name.rb +++ b/test/openssl/test_x509name.rb @@ -271,6 +271,26 @@ class OpenSSL::TestX509Name < Test::Unit::TestCase assert_equal -1, n1 <=> n2 end + + def name_hash(name) + # OpenSSL 1.0.0 uses SHA1 for canonical encoding (not just a der) of + # X509Name for X509_NAME_hash. + name.respond_to?(:hash_old) ? name.hash_old : name.hash + end + + def test_hash + dn = "/DC=org/DC=ruby-lang/CN=www.ruby-lang.org" + name = OpenSSL::X509::Name.parse(dn) + d = Digest::MD5.digest(name.to_der) + expected = (d[0].ord & 0xff) | (d[1].ord & 0xff) << 8 | (d[2].ord & 0xff) << 16 | (d[3].ord & 0xff) << 24 + assert_equal(expected, name_hash(name)) + # + dn = "/DC=org/DC=ruby-lang/CN=baz.ruby-lang.org" + name = OpenSSL::X509::Name.parse(dn) + d = Digest::MD5.digest(name.to_der) + expected = (d[0].ord & 0xff) | (d[1].ord & 0xff) << 8 | (d[2].ord & 0xff) << 16 | (d[3].ord & 0xff) << 24 + assert_equal(expected, name_hash(name)) + end end end |