* ext/openssl/ossl.c

  ext/openssl/ossl_pkey_rsa.c
  ext/openssl/ossl_pkey_dsa.c
  ext/openssl/ossl_pkey_ec.c: Forbid export passwords that are less
  than four characters long, as OpenSSL itself does not allow this.
  Issue found by Eric Hodel.
* ext/openssl/ossl_pkey_ec.c: Add export as an alias of to_pem,
  following the PKey interface contract.
* test/openssl/test_pkey_dsa.rb
  test/openssl/test_pkey_rsa.rb
  test/openssl/test_pkey_ec.rb: Add tests that assert correct
  behaviour when dealing with passwords that are less than four
  characters long.
  [ruby-core: 42281][ruby-trunk - Bug #5951]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36001 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

1 files changed, 4 insertions, 1 deletions

diff --git a/ext/openssl/ossl_pkey_dsa.c b/ext/openssl/ossl_pkey_dsa.c
index 6fc3a44bbc..d3e91f00e3 100644
--- a/ext/openssl/ossl_pkey_dsa.c
+++ b/ext/openssl/ossl_pkey_dsa.c
@@ -318,7 +318,10 @@ ossl_dsa_export(int argc, VALUE *argv, VALUE self)
     if (!NIL_P(cipher)) {
 	ciph = GetCipherPtr(cipher);
 	if (!NIL_P(pass)) {
-	    passwd = StringValuePtr(pass);
+	    StringValue(pass);
+	    if (RSTRING_LENINT(pass) < OSSL_MIN_PWD_LEN)
+		ossl_raise(eOSSLError, "OpenSSL requires passwords to be at least four characters long");
+	    passwd = RSTRING_PTR(pass);
 	}
     }
     if (!(out = BIO_new(BIO_s_mem()))) {