summaryrefslogtreecommitdiff
path: root/ext/openssl/ossl.c
diff options
context:
space:
mode:
authorrhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2017-08-10 09:23:45 +0000
committerrhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2017-08-10 09:23:45 +0000
commitdf94c66f71448cf30b34375349fd201d1d035423 (patch)
tree2d1b53832bee1ca9a4119abfc1154233669b31d6 /ext/openssl/ossl.c
parentc9bb3cae315aa7d17f620e9bcaa9223b1e6d2c07 (diff)
openssl: import v2.0.5
Import Ruby/OpenSSL 2.0.5. The full commit history since v2.0.4 (imported at r59081) can be found at: https://github.com/ruby/openssl/compare/v2.0.4...v2.0.5 This will fix the test failure on latest Debian sid and the "no OPENSSL_Applink" issue on mswin. ---------------------------------------------------------------- Kazuki Yamaguchi (11): test/test_ssl: allow 3DES cipher suites in test_sslctx_set_params bio: prevent possible GC issue in ossl_obj2bio() bio: do not use the FILE BIO method in ossl_obj2bio() Rakefile: install_dependencies: install only when needed appveyor.yml: test against Ruby 2.4 ossl_pem_passwd_cb: relax passphrase length constraint ossl_pem_passwd_cb: do not check for taintedness ossl_pem_passwd_cb: handle nil from the block explicitly ssl: remove unsupported TLS versions from SSLContext::METHODS ssl: fix compile error with OpenSSL 1.0.0 Ruby/OpenSSL 2.0.5 Lars Kanis (1): Add msys2 library dependency tag in gem metadata git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59567 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext/openssl/ossl.c')
-rw-r--r--ext/openssl/ossl.c26
1 files changed, 7 insertions, 19 deletions
diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c
index eb71b64..c22966d 100644
--- a/ext/openssl/ossl.c
+++ b/ext/openssl/ossl.c
@@ -129,13 +129,6 @@ ossl_bin2hex(unsigned char *in, char *out, size_t inlen)
/*
* our default PEM callback
*/
-
-/*
- * OpenSSL requires passwords for PEM-encoded files to be at least four
- * characters long. See crypto/pem/pem_lib.c (as of 1.0.2h)
- */
-#define OSSL_MIN_PWD_LEN 4
-
VALUE
ossl_pem_passwd_value(VALUE pass)
{
@@ -144,8 +137,6 @@ ossl_pem_passwd_value(VALUE pass)
StringValue(pass);
- if (RSTRING_LEN(pass) < OSSL_MIN_PWD_LEN)
- ossl_raise(eOSSLError, "password must be at least %d bytes", OSSL_MIN_PWD_LEN);
/* PEM_BUFSIZE is currently used as the second argument of pem_password_cb,
* that is +max_len+ of ossl_pem_passwd_cb() */
if (RSTRING_LEN(pass) > PEM_BUFSIZE)
@@ -157,11 +148,10 @@ ossl_pem_passwd_value(VALUE pass)
static VALUE
ossl_pem_passwd_cb0(VALUE flag)
{
- VALUE pass;
-
- pass = rb_yield(flag);
- SafeStringValue(pass);
-
+ VALUE pass = rb_yield(flag);
+ if (NIL_P(pass))
+ return Qnil;
+ StringValue(pass);
return pass;
}
@@ -178,7 +168,7 @@ ossl_pem_passwd_cb(char *buf, int max_len, int flag, void *pwd_)
* bytes silently if the input is over 1024 bytes */
if (RB_TYPE_P(pass, T_STRING)) {
len = RSTRING_LEN(pass);
- if (len >= OSSL_MIN_PWD_LEN && len <= max_len) {
+ if (len <= max_len) {
memcpy(buf, RSTRING_PTR(pass), len);
return (int)len;
}
@@ -204,11 +194,9 @@ ossl_pem_passwd_cb(char *buf, int max_len, int flag, void *pwd_)
rb_set_errinfo(Qnil);
return -1;
}
+ if (NIL_P(pass))
+ return -1;
len = RSTRING_LEN(pass);
- if (len < OSSL_MIN_PWD_LEN) {
- rb_warning("password must be at least %d bytes", OSSL_MIN_PWD_LEN);
- continue;
- }
if (len > max_len) {
rb_warning("password must not be longer than %d bytes", max_len);
continue;