summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoremboss <emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2011-06-22 08:41:08 +0000
committeremboss <emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2011-06-22 08:41:08 +0000
commit26cb830df918614b4d734d187b7b65aba39f4d8e (patch)
treeb3a8f857d6b6b7d0f00773c1520bbd615f056655
parent41c517d13230dd3edd302a87231ac467babf2f3c (diff)
* ext/openssl/ossl.h: Introduced OSSL_BIO_reset macro for PEM/DER
fallback scenarios. * ext/openssl/ossl_pkey_dsa.c * ext/openssl/ossl_x509req.c * ext/openssl/ossl_pkey_rsa.c * ext/openssl/ossl_pkey_ec.c * ext/openssl/ossl_ssl_session.c * ext/openssl/ossl_x509crl.c * ext/openssl/ossl_pkey.c * ext/openssl/ossl_pkey_dh.c * ext/openssl/ossl_x509cert.c * ext/openssl/ossl_pkcs7.c: Use OSSL_BIO_reset. * ext/openssl/ossl_ssl.c * ext/openssl/ossl_cipher.c * ext/openssl/ossl_pkey_ec.c * ext/openssl/ossl_pkcs12.c * ext/openssl/ossl_ssl_session.c: Replace rb_raise occurences by ossl_raise. This automatically flushes OpenSSL's error queue. * ext/openssl/ossl_pkcs7.c: Raise error if DER fallback for parsing fails. * test/openssl/test_pkey_ec.rb * test/openssl/test_pkey_dsa.rb * test/openssl/test_pkey_rsa.rb: Add assertions that OpenSSL.errors is empty. * test/openssl/test_pkey_rsa.rb: Remove initial OpenSSL.errors call in test_new. [ Ruby 1.9 - Bug #4885 ] [ruby-core:37134] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32199 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r--ChangeLog35
-rw-r--r--ext/openssl/ossl.h7
-rw-r--r--ext/openssl/ossl_cipher.c4
-rw-r--r--ext/openssl/ossl_pkcs12.c4
-rw-r--r--ext/openssl/ossl_pkcs7.c4
-rw-r--r--ext/openssl/ossl_pkey.c9
-rw-r--r--ext/openssl/ossl_pkey_dh.c4
-rw-r--r--ext/openssl/ossl_pkey_dsa.c14
-rw-r--r--ext/openssl/ossl_pkey_ec.c54
-rw-r--r--ext/openssl/ossl_pkey_rsa.c16
-rw-r--r--ext/openssl/ossl_ssl.c4
-rw-r--r--ext/openssl/ossl_ssl_session.c4
-rw-r--r--ext/openssl/ossl_x509cert.c3
-rw-r--r--ext/openssl/ossl_x509crl.c2
-rw-r--r--ext/openssl/ossl_x509req.c2
-rw-r--r--test/openssl/test_pkey_dsa.rb9
-rw-r--r--test/openssl/test_pkey_ec.rb5
-rw-r--r--test/openssl/test_pkey_rsa.rb11
18 files changed, 121 insertions, 70 deletions
diff --git a/ChangeLog b/ChangeLog
index 614c8cb..e7282d1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,38 @@
+Wed Jun 22 17:37:49 2011 Martin Bosslet <Martin.Bosslet@googlemail.com>
+
+ * ext/openssl/ossl.h: Introduced OSSL_BIO_reset macro for PEM/DER
+ fallback scenarios.
+
+ * ext/openssl/ossl_pkey_dsa.c
+ * ext/openssl/ossl_x509req.c
+ * ext/openssl/ossl_pkey_rsa.c
+ * ext/openssl/ossl_pkey_ec.c
+ * ext/openssl/ossl_ssl_session.c
+ * ext/openssl/ossl_x509crl.c
+ * ext/openssl/ossl_pkey.c
+ * ext/openssl/ossl_pkey_dh.c
+ * ext/openssl/ossl_x509cert.c
+ * ext/openssl/ossl_pkcs7.c: Use OSSL_BIO_reset.
+
+ * ext/openssl/ossl_ssl.c
+ * ext/openssl/ossl_cipher.c
+ * ext/openssl/ossl_pkey_ec.c
+ * ext/openssl/ossl_pkcs12.c
+ * ext/openssl/ossl_ssl_session.c: Replace rb_raise occurences by
+ ossl_raise. This automatically flushes OpenSSL's error queue.
+
+ * ext/openssl/ossl_pkcs7.c: Raise error if DER fallback for parsing
+ fails.
+
+ * test/openssl/test_pkey_ec.rb
+ * test/openssl/test_pkey_dsa.rb
+ * test/openssl/test_pkey_rsa.rb: Add assertions that OpenSSL.errors is
+ empty.
+
+ * test/openssl/test_pkey_rsa.rb: Remove initial OpenSSL.errors call in
+ test_new.
+ [ Ruby 1.9 - Bug #4885 ] [ruby-core:37134]
+
Wed Jun 22 15:01:24 2011 Martin Bosslet <Martin.Bosslet@googlemail.com>
* ext/openssl/ossl_ssl.c: Use SSL_MODE_RELEASE_BUFFERS if available.
diff --git a/ext/openssl/ossl.h b/ext/openssl/ossl.h
index 1db7c08..f311791 100644
--- a/ext/openssl/ossl.h
+++ b/ext/openssl/ossl.h
@@ -138,6 +138,13 @@ do{\
int ossl_pem_passwd_cb(char *, int, int, void *);
/*
+ * Clear BIO* with this in PEM/DER fallback scenarios to avoid decoding
+ * errors piling up in OpenSSL::Errors
+ */
+#define OSSL_BIO_reset(bio) (void)BIO_reset((bio)); \
+ ERR_clear_error();
+
+/*
* ERRor messages
*/
#define OSSL_ErrMsg() ERR_reason_error_string(ERR_get_error())
diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c
index c95b2d3..ad6eab1 100644
--- a/ext/openssl/ossl_cipher.c
+++ b/ext/openssl/ossl_cipher.c
@@ -293,7 +293,7 @@ ossl_cipher_pkcs5_keyivgen(int argc, VALUE *argv, VALUE self)
if(!NIL_P(vsalt)){
StringValue(vsalt);
if(RSTRING_LEN(vsalt) != PKCS5_SALT_LEN)
- rb_raise(eCipherError, "salt must be an 8-octet string");
+ ossl_raise(eCipherError, "salt must be an 8-octet string");
salt = (unsigned char *)RSTRING_PTR(vsalt);
}
iter = NIL_P(viter) ? 2048 : NUM2INT(viter);
@@ -331,7 +331,7 @@ ossl_cipher_update(int argc, VALUE *argv, VALUE self)
StringValue(data);
in = (unsigned char *)RSTRING_PTR(data);
if ((in_len = RSTRING_LENINT(data)) == 0)
- rb_raise(rb_eArgError, "data must not be empty");
+ ossl_raise(rb_eArgError, "data must not be empty");
GetCipher(self, ctx);
out_len = in_len+EVP_CIPHER_CTX_block_size(ctx);
diff --git a/ext/openssl/ossl_pkcs12.c b/ext/openssl/ossl_pkcs12.c
index 3628374..8a5f816 100644
--- a/ext/openssl/ossl_pkcs12.c
+++ b/ext/openssl/ossl_pkcs12.c
@@ -91,11 +91,11 @@ ossl_pkcs12_s_create(int argc, VALUE *argv, VALUE self)
/* TODO: make a VALUE to nid function */
if (!NIL_P(key_nid)) {
if ((nkey = OBJ_txt2nid(StringValuePtr(key_nid))) == NID_undef)
- rb_raise(rb_eArgError, "Unknown PBE algorithm %s", StringValuePtr(key_nid));
+ ossl_raise(rb_eArgError, "Unknown PBE algorithm %s", StringValuePtr(key_nid));
}
if (!NIL_P(cert_nid)) {
if ((ncert = OBJ_txt2nid(StringValuePtr(cert_nid))) == NID_undef)
- rb_raise(rb_eArgError, "Unknown PBE algorithm %s", StringValuePtr(cert_nid));
+ ossl_raise(rb_eArgError, "Unknown PBE algorithm %s", StringValuePtr(cert_nid));
}
if (!NIL_P(key_iter))
kiter = NUM2INT(key_iter);
diff --git a/ext/openssl/ossl_pkcs7.c b/ext/openssl/ossl_pkcs7.c
index e25c8bc..889071c 100644
--- a/ext/openssl/ossl_pkcs7.c
+++ b/ext/openssl/ossl_pkcs7.c
@@ -320,8 +320,10 @@ ossl_pkcs7_initialize(int argc, VALUE *argv, VALUE self)
p7 = PEM_read_bio_PKCS7(in, &pkcs, NULL, NULL);
DATA_PTR(self) = pkcs;
if (!p7) {
- (void)BIO_reset(in);
+ OSSL_BIO_reset(in);
p7 = d2i_PKCS7_bio(in, &pkcs);
+ if (!p7)
+ ossl_raise(rb_eArgError, "Could not parse the PKCS7");
DATA_PTR(self) = pkcs;
}
BIO_free(in);
diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c
index 0bd9dda..c237a1e 100644
--- a/ext/openssl/ossl_pkey.c
+++ b/ext/openssl/ossl_pkey.c
@@ -18,9 +18,6 @@ VALUE cPKey;
VALUE ePKeyError;
ID id_private_q;
-#define reset_bio(b) (void)BIO_reset((b)); \
- (void)ERR_get_error();
-
/*
* callback for generating keys
*/
@@ -114,14 +111,14 @@ ossl_pkey_new_from_data(int argc, VALUE *argv, VALUE self)
bio = ossl_obj2bio(data);
if (!(pkey = d2i_PrivateKey_bio(bio, NULL))) {
- reset_bio(bio);
+ OSSL_BIO_reset(bio);
if (!NIL_P(pass)) {
passwd = StringValuePtr(pass);
}
if (!(pkey = PEM_read_bio_PrivateKey(bio, NULL, ossl_pem_passwd_cb, passwd))) {
- reset_bio(bio);
+ OSSL_BIO_reset(bio);
if (!(pkey = d2i_PUBKEY_bio(bio, NULL))) {
- reset_bio(bio);
+ OSSL_BIO_reset(bio);
if (!NIL_P(pass)) {
passwd = StringValuePtr(pass);
}
diff --git a/ext/openssl/ossl_pkey_dh.c b/ext/openssl/ossl_pkey_dh.c
index d0faef5..dd56458 100644
--- a/ext/openssl/ossl_pkey_dh.c
+++ b/ext/openssl/ossl_pkey_dh.c
@@ -180,13 +180,11 @@ ossl_dh_initialize(int argc, VALUE *argv, VALUE self)
in = ossl_obj2bio(arg);
dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
if (!dh){
- (void)BIO_reset(in);
- (void)ERR_get_error();
+ OSSL_BIO_reset(in);
dh = d2i_DHparams_bio(in, NULL);
}
BIO_free(in);
if (!dh) {
- (void)ERR_get_error();
ossl_raise(eDHError, NULL);
}
}
diff --git a/ext/openssl/ossl_pkey_dsa.c b/ext/openssl/ossl_pkey_dsa.c
index 2a6fcfa..79adeee 100644
--- a/ext/openssl/ossl_pkey_dsa.c
+++ b/ext/openssl/ossl_pkey_dsa.c
@@ -166,28 +166,24 @@ ossl_dsa_initialize(int argc, VALUE *argv, VALUE self)
in = ossl_obj2bio(arg);
dsa = PEM_read_bio_DSAPrivateKey(in, NULL, ossl_pem_passwd_cb, passwd);
if (!dsa) {
- (void)BIO_reset(in);
- (void)ERR_get_error();
+ OSSL_BIO_reset(in);
dsa = PEM_read_bio_DSA_PUBKEY(in, NULL, NULL, NULL);
}
if (!dsa) {
- (void)BIO_reset(in);
- (void)ERR_get_error();
+ OSSL_BIO_reset(in);
dsa = d2i_DSAPrivateKey_bio(in, NULL);
}
if (!dsa) {
- (void)BIO_reset(in);
- (void)ERR_get_error();
+ OSSL_BIO_reset(in);
dsa = d2i_DSA_PUBKEY_bio(in, NULL);
}
if (!dsa) {
- (void)BIO_reset(in);
- (void)ERR_get_error();
+ OSSL_BIO_reset(in);
dsa = PEM_read_bio_DSAPublicKey(in, NULL, NULL, NULL);
}
BIO_free(in);
if (!dsa) {
- (void)ERR_get_error();
+ ERR_clear_error();
ossl_raise(eDSAError, "Neither PUB key nor PRIV key:");
}
}
diff --git a/ext/openssl/ossl_pkey_ec.c b/ext/openssl/ossl_pkey_ec.c
index 51864c8..9f1050f 100644
--- a/ext/openssl/ossl_pkey_ec.c
+++ b/ext/openssl/ossl_pkey_ec.c
@@ -42,7 +42,7 @@ typedef struct {
#define Require_EC_KEY(obj, key) do { \
Get_EC_KEY((obj), (key)); \
if ((key) == NULL) \
- rb_raise(eECError, "EC_KEY is not initialized"); \
+ ossl_raise(eECError, "EC_KEY is not initialized"); \
} while(0)
#define SafeRequire_EC_KEY(obj, key) do { \
@@ -54,14 +54,14 @@ typedef struct {
ossl_ec_group *ec_group; \
Data_Get_Struct((obj), ossl_ec_group, ec_group); \
if (ec_group == NULL) \
- rb_raise(eEC_GROUP, "missing ossl_ec_group structure"); \
+ ossl_raise(eEC_GROUP, "missing ossl_ec_group structure"); \
(g) = ec_group->group; \
} while(0)
#define Require_EC_GROUP(obj, group) do { \
Get_EC_GROUP((obj), (group)); \
if ((group) == NULL) \
- rb_raise(eEC_GROUP, "EC_GROUP is not initialized"); \
+ ossl_raise(eEC_GROUP, "EC_GROUP is not initialized"); \
} while(0)
#define SafeRequire_EC_GROUP(obj, group) do { \
@@ -73,14 +73,14 @@ typedef struct {
ossl_ec_point *ec_point; \
Data_Get_Struct((obj), ossl_ec_point, ec_point); \
if (ec_point == NULL) \
- rb_raise(eEC_POINT, "missing ossl_ec_point structure"); \
+ ossl_raise(eEC_POINT, "missing ossl_ec_point structure"); \
(p) = ec_point->point; \
} while(0)
#define Require_EC_POINT(obj, point) do { \
Get_EC_POINT((obj), (point)); \
if ((point) == NULL) \
- rb_raise(eEC_POINT, "EC_POINT is not initialized"); \
+ ossl_raise(eEC_POINT, "EC_POINT is not initialized"); \
} while(0)
#define SafeRequire_EC_POINT(obj, point) do { \
@@ -168,7 +168,7 @@ static VALUE ossl_ec_key_initialize(int argc, VALUE *argv, VALUE self)
GetPKey(self, pkey);
if (pkey->pkey.ec)
- rb_raise(eECError, "EC_KEY already initialized");
+ ossl_raise(eECError, "EC_KEY already initialized");
rb_scan_args(argc, argv, "02", &arg, &pass);
@@ -191,18 +191,15 @@ static VALUE ossl_ec_key_initialize(int argc, VALUE *argv, VALUE self)
}
ec = PEM_read_bio_ECPrivateKey(in, NULL, ossl_pem_passwd_cb, passwd);
if (!ec) {
- (void)BIO_reset(in);
- (void)ERR_get_error();
+ OSSL_BIO_reset(in);
ec = PEM_read_bio_EC_PUBKEY(in, NULL, ossl_pem_passwd_cb, passwd);
}
if (!ec) {
- (void)BIO_reset(in);
- (void)ERR_get_error();
+ OSSL_BIO_reset(in);
ec = d2i_ECPrivateKey_bio(in, NULL);
}
if (!ec) {
- (void)BIO_reset(in);
- (void)ERR_get_error();
+ OSSL_BIO_reset(in);
ec = d2i_EC_PUBKEY_bio(in, NULL);
}
@@ -478,7 +475,7 @@ static VALUE ossl_ec_key_to_string(VALUE self, VALUE ciph, VALUE pass, int forma
Require_EC_KEY(self, ec);
if (EC_KEY_get0_public_key(ec) == NULL)
- rb_raise(eECError, "can't export - no public key set");
+ ossl_raise(eECError, "can't export - no public key set");
if (EC_KEY_check_key(ec) != 1)
ossl_raise(eECError, "can't export - EC_KEY_check_key failed");
@@ -518,7 +515,7 @@ static VALUE ossl_ec_key_to_string(VALUE self, VALUE ciph, VALUE pass, int forma
break;
default:
BIO_free(out);
- rb_raise(rb_eRuntimeError, "unknown format (internal error)");
+ ossl_raise(rb_eRuntimeError, "unknown format (internal error)");
}
if (i != 1) {
@@ -746,7 +743,7 @@ static VALUE ossl_ec_group_initialize(int argc, VALUE *argv, VALUE self)
Data_Get_Struct(self, ossl_ec_group, ec_group);
if (ec_group->group != NULL)
- rb_raise(rb_eRuntimeError, "EC_GROUP is already initialized");
+ ossl_raise(rb_eRuntimeError, "EC_GROUP is already initialized");
switch (rb_scan_args(argc, argv, "13", &arg1, &arg2, &arg3, &arg4)) {
case 1:
@@ -768,7 +765,7 @@ static VALUE ossl_ec_group_initialize(int argc, VALUE *argv, VALUE self)
if ((group = EC_GROUP_new(method)) == NULL)
ossl_raise(eEC_GROUP, "EC_GROUP_new");
} else {
- rb_raise(rb_eArgError, "unknown symbol, must be :GFp_simple, :GFp_mont, :GFp_nist or :GF2m_simple");
+ ossl_raise(rb_eArgError, "unknown symbol, must be :GFp_simple, :GFp_mont, :GFp_nist or :GF2m_simple");
}
} else if (rb_obj_is_kind_of(arg1, cEC_GROUP)) {
const EC_GROUP *arg1_group;
@@ -781,7 +778,7 @@ static VALUE ossl_ec_group_initialize(int argc, VALUE *argv, VALUE self)
group = PEM_read_bio_ECPKParameters(in, NULL, NULL, NULL);
if (!group) {
- (void)BIO_reset(in);
+ OSSL_BIO_reset(in);
group = d2i_ECPKParameters_bio(in, NULL);
}
@@ -791,6 +788,7 @@ static VALUE ossl_ec_group_initialize(int argc, VALUE *argv, VALUE self)
const char *name = StringValueCStr(arg1);
int nid = OBJ_sn2nid(name);
+ (void)ERR_get_error();
if (nid == NID_undef)
ossl_raise(eEC_GROUP, "unknown curve name (%s)", name);
@@ -817,18 +815,18 @@ static VALUE ossl_ec_group_initialize(int argc, VALUE *argv, VALUE self)
} else if (id == s_GF2m) {
new_curve = EC_GROUP_new_curve_GF2m;
} else {
- rb_raise(rb_eArgError, "unknown symbol, must be :GFp or :GF2m");
+ ossl_raise(rb_eArgError, "unknown symbol, must be :GFp or :GF2m");
}
if ((group = new_curve(p, a, b, ossl_bn_ctx)) == NULL)
ossl_raise(eEC_GROUP, "EC_GROUP_new_by_GF*");
} else {
- rb_raise(rb_eArgError, "unknown argument, must be :GFp or :GF2m");
+ ossl_raise(rb_eArgError, "unknown argument, must be :GFp or :GF2m");
}
break;
default:
- rb_raise(rb_eArgError, "wrong number of arguments");
+ ossl_raise(rb_eArgError, "wrong number of arguments");
}
if (group == NULL)
@@ -1044,7 +1042,7 @@ static VALUE ossl_ec_group_get_point_conversion_form(VALUE self)
case POINT_CONVERSION_UNCOMPRESSED: ret = ID_uncompressed; break;
case POINT_CONVERSION_COMPRESSED: ret = ID_compressed; break;
case POINT_CONVERSION_HYBRID: ret = ID_hybrid; break;
- default: rb_raise(eEC_GROUP, "unsupported point conversion form: %d, this module should be updated", form);
+ default: ossl_raise(eEC_GROUP, "unsupported point conversion form: %d, this module should be updated", form);
}
return ID2SYM(ret);
@@ -1070,7 +1068,7 @@ static VALUE ossl_ec_group_set_point_conversion_form(VALUE self, VALUE form_v)
} else if (form_id == ID_hybrid) {
form = POINT_CONVERSION_HYBRID;
} else {
- rb_raise(rb_eArgError, "form must be :compressed, :uncompressed, or :hybrid");
+ ossl_raise(rb_eArgError, "form must be :compressed, :uncompressed, or :hybrid");
}
EC_GROUP_set_point_conversion_form(group, form);
@@ -1153,7 +1151,7 @@ static VALUE ossl_ec_group_to_string(VALUE self, int format)
break;
default:
BIO_free(out);
- rb_raise(rb_eRuntimeError, "unknown format (internal error)");
+ ossl_raise(rb_eRuntimeError, "unknown format (internal error)");
}
if (i != 1) {
@@ -1246,7 +1244,7 @@ static VALUE ossl_ec_point_initialize(int argc, VALUE *argv, VALUE self)
Data_Get_Struct(self, ossl_ec_point, ec_point);
if (ec_point->point)
- rb_raise(eEC_POINT, "EC_POINT already initialized");
+ ossl_raise(eEC_POINT, "EC_POINT already initialized");
switch (rb_scan_args(argc, argv, "11", &arg1, &arg2)) {
case 1:
@@ -1264,13 +1262,13 @@ static VALUE ossl_ec_point_initialize(int argc, VALUE *argv, VALUE self)
point = EC_POINT_new(group);
} else {
- rb_raise(eEC_POINT, "wrong argument type: must be OpenSSL::PKey::EC::Point or OpenSSL::Pkey::EC::Group");
+ ossl_raise(eEC_POINT, "wrong argument type: must be OpenSSL::PKey::EC::Point or OpenSSL::Pkey::EC::Group");
}
break;
case 2:
if (!rb_obj_is_kind_of(arg1, cEC_GROUP))
- rb_raise(rb_eArgError, "1st argument must be OpenSSL::PKey::EC::Group");
+ ossl_raise(rb_eArgError, "1st argument must be OpenSSL::PKey::EC::Group");
group_v = arg1;
SafeRequire_EC_GROUP(group_v, group);
@@ -1291,14 +1289,14 @@ static VALUE ossl_ec_point_initialize(int argc, VALUE *argv, VALUE self)
}
break;
default:
- rb_raise(rb_eArgError, "wrong number of arguments");
+ ossl_raise(rb_eArgError, "wrong number of arguments");
}
if (point == NULL)
ossl_raise(eEC_POINT, NULL);
if (NIL_P(group_v))
- rb_raise(rb_eRuntimeError, "missing group (internal error)");
+ ossl_raise(rb_eRuntimeError, "missing group (internal error)");
ec_point->point = point;
diff --git a/ext/openssl/ossl_pkey_rsa.c b/ext/openssl/ossl_pkey_rsa.c
index e846a35..eba693b 100644
--- a/ext/openssl/ossl_pkey_rsa.c
+++ b/ext/openssl/ossl_pkey_rsa.c
@@ -157,33 +157,27 @@ ossl_rsa_initialize(int argc, VALUE *argv, VALUE self)
in = ossl_obj2bio(arg);
rsa = PEM_read_bio_RSAPrivateKey(in, NULL, ossl_pem_passwd_cb, passwd);
if (!rsa) {
- (void)BIO_reset(in);
- (void)ERR_get_error();
+ OSSL_BIO_reset(in);
rsa = PEM_read_bio_RSA_PUBKEY(in, NULL, NULL, NULL);
}
if (!rsa) {
- (void)BIO_reset(in);
- (void)ERR_get_error();
+ OSSL_BIO_reset(in);
rsa = d2i_RSAPrivateKey_bio(in, NULL);
}
if (!rsa) {
- (void)BIO_reset(in);
- (void)ERR_get_error();
+ OSSL_BIO_reset(in);
rsa = d2i_RSA_PUBKEY_bio(in, NULL);
}
if (!rsa) {
- (void)BIO_reset(in);
- (void)ERR_get_error();
+ OSSL_BIO_reset(in);
rsa = PEM_read_bio_RSAPublicKey(in, NULL, NULL, NULL);
}
if (!rsa) {
- (void)BIO_reset(in);
- (void)ERR_get_error();
+ OSSL_BIO_reset(in);
rsa = d2i_RSAPublicKey_bio(in, NULL);
}
BIO_free(in);
if (!rsa) {
- (void)ERR_get_error();
ossl_raise(eRSAError, "Neither PUB key nor PRIV key:");
}
}
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c
index bcfaa32..112077a 100644
--- a/ext/openssl/ossl_ssl.c
+++ b/ext/openssl/ossl_ssl.c
@@ -493,7 +493,7 @@ ossl_call_servername_cb(VALUE ary)
Data_Get_Struct(ret_obj, SSL_CTX, ctx2);
SSL_set_SSL_CTX(ssl, ctx2);
} else if (!NIL_P(ret_obj)) {
- rb_raise(rb_eArgError, "servername_cb must return an OpenSSL::SSL::SSLContext object or nil");
+ ossl_raise(rb_eArgError, "servername_cb must return an OpenSSL::SSL::SSLContext object or nil");
}
return ret_obj;
@@ -952,7 +952,7 @@ ossl_sslctx_flush_sessions(int argc, VALUE *argv, VALUE self)
} else if (rb_obj_is_instance_of(arg1, rb_cTime)) {
tm = NUM2LONG(rb_funcall(arg1, rb_intern("to_i"), 0));
} else {
- rb_raise(rb_eArgError, "arg must be Time or nil");
+ ossl_raise(rb_eArgError, "arg must be Time or nil");
}
SSL_CTX_flush_sessions(ctx, (long)tm);
diff --git a/ext/openssl/ossl_ssl_session.c b/ext/openssl/ossl_ssl_session.c
index 45cc849..7b70207 100644
--- a/ext/openssl/ossl_ssl_session.c
+++ b/ext/openssl/ossl_ssl_session.c
@@ -53,7 +53,7 @@ static VALUE ossl_ssl_session_initialize(VALUE self, VALUE arg1)
ctx = PEM_read_bio_SSL_SESSION(in, NULL, NULL, NULL);
if (!ctx) {
- (void)BIO_reset(in);
+ OSSL_BIO_reset(in);
ctx = d2i_SSL_SESSION_bio(in, NULL);
}
@@ -152,7 +152,7 @@ static VALUE ossl_ssl_session_get_timeout(VALUE self)
} else if (FIXNUM_P(time_v)) { \
; \
} else { \
- rb_raise(rb_eArgError, "unknown type"); \
+ ossl_raise(rb_eArgError, "unknown type"); \
} \
\
t = NUM2ULONG(time_v); \
diff --git a/ext/openssl/ossl_x509cert.c b/ext/openssl/ossl_x509cert.c
index 58640d1..3fb19b4 100644
--- a/ext/openssl/ossl_x509cert.c
+++ b/ext/openssl/ossl_x509cert.c
@@ -71,6 +71,7 @@ ossl_x509_new_from_file(VALUE filename)
* prepare for DER...
#if !defined(OPENSSL_NO_FP_API)
if (!x509) {
+ (void)ERR_get_error();
rewind(fp);
x509 = d2i_X509_fp(fp, NULL);
@@ -146,7 +147,7 @@ ossl_x509_initialize(int argc, VALUE *argv, VALUE self)
x509 = PEM_read_bio_X509(in, &x, NULL, NULL);
DATA_PTR(self) = x;
if (!x509) {
- (void)BIO_reset(in);
+ OSSL_BIO_reset(in);
x509 = d2i_X509_bio(in, &x);
DATA_PTR(self) = x;
}
diff --git a/ext/openssl/ossl_x509crl.c b/ext/openssl/ossl_x509crl.c
index a9d45db..dec13c8 100644
--- a/ext/openssl/ossl_x509crl.c
+++ b/ext/openssl/ossl_x509crl.c
@@ -102,7 +102,7 @@ ossl_x509crl_initialize(int argc, VALUE *argv, VALUE self)
crl = PEM_read_bio_X509_CRL(in, &x, NULL, NULL);
DATA_PTR(self) = x;
if (!crl) {
- (void)BIO_reset(in);
+ OSSL_BIO_reset(in);
crl = d2i_X509_CRL_bio(in, &x);
DATA_PTR(self) = x;
}
diff --git a/ext/openssl/ossl_x509req.c b/ext/openssl/ossl_x509req.c
index ec5b4a3..5927f76 100644
--- a/ext/openssl/ossl_x509req.c
+++ b/ext/openssl/ossl_x509req.c
@@ -110,7 +110,7 @@ ossl_x509req_initialize(int argc, VALUE *argv, VALUE self)
req = PEM_read_bio_X509_REQ(in, &x, NULL, NULL);
DATA_PTR(self) = x;
if (!req) {
- (void)BIO_reset(in);
+ OSSL_BIO_reset(in);
req = d2i_X509_REQ_bio(in, &x);
DATA_PTR(self) = x;
}
diff --git a/test/openssl/test_pkey_dsa.rb b/test/openssl/test_pkey_dsa.rb
index ba3bfb5..e498e3c 100644
--- a/test/openssl/test_pkey_dsa.rb
+++ b/test/openssl/test_pkey_dsa.rb
@@ -76,6 +76,7 @@ end
assert_equal(g, key.g)
assert_equal(y, key.pub_key)
assert_equal(nil, key.priv_key)
+ assert_equal([], OpenSSL.errors)
end
def test_read_DSAPublicKey_pem
@@ -100,6 +101,7 @@ fWLOqqkzFeRrYMDzUpl36XktY6Yq8EJYlW9pCMmBVNy/dQ==
assert_equal(g, key.g)
assert_equal(y, key.pub_key)
assert_equal(nil, key.priv_key)
+ assert_equal([], OpenSSL.errors)
end
def test_read_DSA_PUBKEY_pem
@@ -125,6 +127,7 @@ YNMbNw==
assert_equal(g, key.g)
assert_equal(y, key.pub_key)
assert_equal(nil, key.priv_key)
+ assert_equal([], OpenSSL.errors)
end
def test_export_format_is_DSA_PUBKEY_pem
@@ -154,6 +157,7 @@ YNMbNw==
pub_key = OpenSSL::ASN1.decode(seq[1].value)
assert_equal(OpenSSL::ASN1::INTEGER, pub_key.tag)
assert_equal(key.pub_key, pub_key.value)
+ assert_equal([], OpenSSL.errors)
end
def test_read_private_key_der
@@ -162,6 +166,7 @@ YNMbNw==
key2 = OpenSSL::PKey.read(der)
assert(key2.private?)
assert_equal(der, key2.to_der)
+ assert_equal([], OpenSSL.errors)
end
def test_read_private_key_pem
@@ -170,6 +175,7 @@ YNMbNw==
key2 = OpenSSL::PKey.read(pem)
assert(key2.private?)
assert_equal(pem, key2.to_pem)
+ assert_equal([], OpenSSL.errors)
end
def test_read_public_key_der
@@ -178,6 +184,7 @@ YNMbNw==
key2 = OpenSSL::PKey.read(der)
assert(!key2.private?)
assert_equal(der, key2.to_der)
+ assert_equal([], OpenSSL.errors)
end
def test_read_public_key_pem
@@ -186,6 +193,7 @@ YNMbNw==
key2 = OpenSSL::PKey.read(pem)
assert(!key2.private?)
assert_equal(pem, key2.to_pem)
+ assert_equal([], OpenSSL.errors)
end
def test_read_private_key_pem_pw
@@ -200,6 +208,7 @@ YNMbNw==
key2 = OpenSSL::PKey.read(pem, 'secret')
assert(key2.private?)
#omit pem equality check, will be different due to cipher iv
+ assert_equal([], OpenSSL.errors)
end
private
diff --git a/test/openssl/test_pkey_ec.rb b/test/openssl/test_pkey_ec.rb
index 3fb8d29..e63f617 100644
--- a/test/openssl/test_pkey_ec.rb
+++ b/test/openssl/test_pkey_ec.rb
@@ -126,6 +126,7 @@ class OpenSSL::TestEC < Test::Unit::TestCase
ec2 = OpenSSL::PKey.read(der)
assert(ec2.private_key?)
assert_equal(der, ec2.to_der)
+ assert_equal([], OpenSSL.errors)
end
def test_read_private_key_pem
@@ -134,6 +135,7 @@ class OpenSSL::TestEC < Test::Unit::TestCase
ec2 = OpenSSL::PKey.read(pem)
assert(ec2.private_key?)
assert_equal(pem, ec2.to_pem)
+ assert_equal([], OpenSSL.errors)
end
def test_read_public_key_der
@@ -144,6 +146,7 @@ class OpenSSL::TestEC < Test::Unit::TestCase
ec3 = OpenSSL::PKey.read(der)
assert(!ec3.private_key?)
assert_equal(der, ec3.to_der)
+ assert_equal([], OpenSSL.errors)
end
def test_read_public_key_pem
@@ -154,6 +157,7 @@ class OpenSSL::TestEC < Test::Unit::TestCase
ec3 = OpenSSL::PKey.read(pem)
assert(!ec3.private_key?)
assert_equal(pem, ec3.to_pem)
+ assert_equal([], OpenSSL.errors)
end
def test_read_private_key_pem_pw
@@ -168,6 +172,7 @@ class OpenSSL::TestEC < Test::Unit::TestCase
ec2 = OpenSSL::PKey.read(pem, 'secret')
assert(ec2.private_key?)
#omit pem equality check, will be different due to cipher iv
+ assert_equal([], OpenSSL.errors)
end
# test Group: asn1_flag, point_conversion
diff --git a/test/openssl/test_pkey_rsa.rb b/test/openssl/test_pkey_rsa.rb
index 3dfb08e..5ba1422 100644
--- a/test/openssl/test_pkey_rsa.rb
+++ b/test/openssl/test_pkey_rsa.rb
@@ -42,7 +42,6 @@ class OpenSSL::TestPKeyRSA < Test::Unit::TestCase
end
def test_new
- OpenSSL.errors
key = OpenSSL::PKey::RSA.new 512
pem = key.public_key.to_pem
OpenSSL::PKey::RSA.new pem
@@ -92,6 +91,7 @@ class OpenSSL::TestPKeyRSA < Test::Unit::TestCase
assert_equal(nil, key.d)
assert_equal(nil, key.p)
assert_equal(nil, key.q)
+ assert_equal([], OpenSSL.errors)
end
def test_read_RSA_PUBKEY
@@ -110,6 +110,7 @@ class OpenSSL::TestPKeyRSA < Test::Unit::TestCase
assert_equal(nil, key.d)
assert_equal(nil, key.p)
assert_equal(nil, key.q)
+ assert_equal([], OpenSSL.errors)
end
def test_read_RSAPublicKey_pem
@@ -129,6 +130,7 @@ AudJR1JobbIbDJrQu6AXnWh5k/YtAgMBAAE=
assert_equal(nil, key.d)
assert_equal(nil, key.p)
assert_equal(nil, key.q)
+ assert_equal([], OpenSSL.errors)
end
def test_read_RSA_PUBKEY_pem
@@ -149,6 +151,7 @@ AwEAAQ==
assert_equal(nil, key.d)
assert_equal(nil, key.p)
assert_equal(nil, key.q)
+ assert_equal([], OpenSSL.errors)
end
def test_export_format_is_RSA_PUBKEY
@@ -170,6 +173,7 @@ AwEAAQ==
key = OpenSSL::PKey.read(der)
assert(key.private?)
assert_equal(der, key.to_der)
+ assert_equal([], OpenSSL.errors)
end
def test_read_private_key_pem
@@ -177,6 +181,7 @@ AwEAAQ==
key = OpenSSL::PKey.read(pem)
assert(key.private?)
assert_equal(pem, key.to_pem)
+ assert_equal([], OpenSSL.errors)
end
def test_read_public_key_der
@@ -184,6 +189,7 @@ AwEAAQ==
key = OpenSSL::PKey.read(der)
assert(!key.private?)
assert_equal(der, key.to_der)
+ assert_equal([], OpenSSL.errors)
end
def test_read_public_key_pem
@@ -191,6 +197,7 @@ AwEAAQ==
key = OpenSSL::PKey.read(pem)
assert(!key.private?)
assert_equal(pem, key.to_pem)
+ assert_equal([], OpenSSL.errors)
end
def test_read_private_key_pem_pw
@@ -204,6 +211,7 @@ AwEAAQ==
key = OpenSSL::PKey.read(pem, 'secret')
assert(key.private?)
#omit pem equality check, will be different due to cipher iv
+ assert_equal([], OpenSSL.errors)
end
private
@@ -228,6 +236,7 @@ AwEAAQ==
assert_equal(key.n, pub_key.value[0].value)
assert_equal(OpenSSL::ASN1::INTEGER, pub_key.value[1].tag)
assert_equal(key.e, pub_key.value[1].value)
+ assert_equal([], OpenSSL.errors)
end
end