summaryrefslogtreecommitdiff
path: root/ext/openssl/ossl_x509ext.c
diff options
context:
space:
mode:
authorgotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2003-09-17 09:05:02 +0000
committergotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2003-09-17 09:05:02 +0000
commit30103702c367c5cdaa18b6a622f3916cec6c701e (patch)
treec236089aa9c6b4183729735e221606a9b536d217 /ext/openssl/ossl_x509ext.c
parent12196ee24fce0e601106036e67526819cac07291 (diff)
* ext/openssl: all files are reviewed to simplify and avoid memory leak.
* ext/openssl/extconf.rb: add check for assert.h. * ext/openssl/ossl.c (ossl_buf2str): new function to convert C buffer to String and free buffer. * ext/openssl/ossl.c (ossl_x509_ary2sk): new function to convert Array of OpenSSL::X509 to STACK_OF(X509) with exception safe. * ext/openssl/ossl.c (ossl_to_der, ossl_to_der_if_possible): new functions to convert object to DER string. * ext/openssl/ossl.h: ditto. * ext/openssl/ossl_bio.c (ossl_membio2str): new function to convert BIO to String object and free BIO. * ext/openssl/ossl_bio.h: ditto. * ext/openssl/ossl_pkcs7.c (ossl_pkcs7_to_der): add for "to_der". * ext/openssl/ossl_x509name.c (ossl_x509name_to_der): ditto. * ext/openssl/ossl_x509ext.c (ossl_x509ext_to_der): ditto. * ext/openssl/ossl_x509ext.c (create_ext_from_array): removed and reimplement in openssl/x509.rb. * ext/openssl/ossl_x509attr.c: reimplemented and disable some method temporarily. this class doesn't work fine without ASN.1 data support;-) I'll rewrite in near future. * ext/openssl/lib/openssl/x509.c (X509::Attribute): get rid off unused code. * ext/openssl/lib/openssl/x509.c (X509::ExtensionFactory): refine all. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4558 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext/openssl/ossl_x509ext.c')
-rw-r--r--ext/openssl/ossl_x509ext.c112
1 files changed, 48 insertions, 64 deletions
diff --git a/ext/openssl/ossl_x509ext.c b/ext/openssl/ossl_x509ext.c
index c1f443d..495c180 100644
--- a/ext/openssl/ossl_x509ext.c
+++ b/ext/openssl/ossl_x509ext.c
@@ -181,20 +181,17 @@ ossl_x509extfactory_initialize(int argc, VALUE *argv, VALUE self)
/*GetX509ExtFactory(self, ctx);*/
- rb_scan_args(argc, argv, "04", &issuer_cert, &subject_cert, &subject_req, &crl);
-
- if (!NIL_P(issuer_cert)) {
+ rb_scan_args(argc, argv, "04",
+ &issuer_cert, &subject_cert, &subject_req, &crl);
+ if (!NIL_P(issuer_cert))
ossl_x509extfactory_set_issuer_cert(self, issuer_cert);
- }
- if (!NIL_P(subject_cert)) {
+ if (!NIL_P(subject_cert))
ossl_x509extfactory_set_subject_cert(self, subject_cert);
- }
- if (!NIL_P(subject_req)) {
+ if (!NIL_P(subject_req))
ossl_x509extfactory_set_subject_req(self, subject_req);
- }
- if (!NIL_P(crl)) {
+ if (!NIL_P(crl))
ossl_x509extfactory_set_crl(self, crl);
- }
+
return self;
}
@@ -207,46 +204,26 @@ ossl_x509extfactory_initialize(int argc, VALUE *argv, VALUE self)
* ["ln", "value"] => not critical
*/
static VALUE
-ossl_x509extfactory_create_ext_from_array(VALUE self, VALUE ary)
+ossl_x509extfactory_create_ext(int argc, VALUE *argv, VALUE self)
{
X509V3_CTX *ctx;
X509_EXTENSION *ext;
+ VALUE oid, value, critical, valstr, obj;
int nid;
- char *value;
- VALUE item, obj;
GetX509ExtFactory(self, ctx);
- Check_Type(ary, T_ARRAY);
- if ((RARRAY(ary)->len) < 2 || (RARRAY(ary)->len > 3)) { /*2 or 3 allowed*/
- ossl_raise(eX509ExtError, "unsupported structure");
- }
- /* key [0] */
- item = RARRAY(ary)->ptr[0];
- StringValue(item);
- if (!(nid = OBJ_ln2nid(RSTRING(item)->ptr))) {
- if (!(nid = OBJ_sn2nid(RSTRING(item)->ptr))) {
- ossl_raise(eX509ExtError, NULL);
- }
- }
- /* data [1] */
- item = RARRAY(ary)->ptr[1];
- StringValue(item);
- /* (optional) critical [2] */
- if (RARRAY(ary)->len == 3 && RARRAY(ary)->ptr[2] == Qtrue) {
- if (!(value = OPENSSL_malloc(strlen("critical,") +
- (RSTRING(item)->len) + 1))) {
- ossl_raise(eX509ExtError, "malloc error");
- }
- strcpy(value, "critical,");
- strncat(value, RSTRING(item)->ptr, RSTRING(item)->len);
- } else {
- value = strdup(StringValuePtr(item));
- }
- if (!(ext = X509V3_EXT_conf_nid(NULL, ctx, nid, value))) {
- OPENSSL_free(value);
- ossl_raise(eX509ExtError, NULL);
- }
- OPENSSL_free(value);
+ rb_scan_args(argc, argv, "21", &oid, &value, &critical);
+ StringValue(oid);
+ StringValue(value);
+ if(NIL_P(critical)) critical = Qfalse;
+
+ nid = OBJ_ln2nid(RSTRING(oid)->ptr);
+ if(!nid) nid = OBJ_sn2nid(RSTRING(oid)->ptr);
+ if(!nid) ossl_raise(eX509ExtError, NULL);
+ valstr = rb_str_new2(RTEST(critical) ? "critical," : "");
+ rb_str_append(valstr, value);
+ ext = X509V3_EXT_conf_nid(NULL, ctx, nid, RSTRING(valstr)->ptr);
+ if (!ext) ossl_raise(eX509ExtError, NULL);
WrapX509Ext(cX509Ext, obj, ext);
return obj;
@@ -273,8 +250,18 @@ static VALUE
ossl_x509ext_initialize(int argc, VALUE *argv, VALUE self)
{
VALUE oid, value, critical;
+ unsigned char *p;
+ X509_EXTENSION *ext;
- rb_scan_args(argc, argv, "21", &oid, &value, &critical);
+ if(rb_scan_args(argc, argv, "12", &oid, &value, &critical) == 1){
+ /* evaluate oid as a DER string */
+ oid = ossl_to_der_if_possible(oid);
+ GetX509Ext(self, ext);
+ p = RSTRING(oid)->ptr;
+ if(!d2i_X509_EXTENSION(&ext, &p, RSTRING(oid)->len))
+ ossl_raise(eX509ExtError, NULL);
+ return self;
+ }
rb_funcall(self, rb_intern("oid="), 1, oid);
rb_funcall(self, rb_intern("value="), 1, value);
if(argc > 2) rb_funcall(self, rb_intern("critical="), 1, critical);
@@ -307,17 +294,17 @@ ossl_x509ext_set_value(VALUE self, VALUE data)
char *s;
GetX509Ext(self, ext);
- StringValue(data);
+ data = ossl_to_der_if_possible(data);
if(!(s = OPENSSL_malloc(RSTRING(data)->len)))
ossl_raise(eX509ExtError, "malloc error");
memcpy(s, RSTRING(data)->ptr, RSTRING(data)->len);
if(!(asn1s = ASN1_OCTET_STRING_new())){
- free(s);
+ free(s);
ossl_raise(eX509ExtError, NULL);
}
if(!M_ASN1_OCTET_STRING_set(asn1s, s, RSTRING(data)->len)){
- free(s);
- ASN1_OCTET_STRING_free(asn1s);
+ free(s);
+ ASN1_OCTET_STRING_free(asn1s);
ossl_raise(eX509ExtError, NULL);
}
X509_EXTENSION_set_data(ext, asn1s);
@@ -343,7 +330,7 @@ ossl_x509ext_get_oid(VALUE obj)
ASN1_OBJECT *extobj;
BIO *out;
VALUE ret;
- int nid, status = 0;
+ int nid;
GetX509Ext(obj, ext);
extobj = X509_EXTENSION_get_object(ext);
@@ -353,9 +340,7 @@ ossl_x509ext_get_oid(VALUE obj)
if (!(out = BIO_new(BIO_s_mem())))
ossl_raise(eX509ExtError, NULL);
i2a_ASN1_OBJECT(out, extobj);
- ret = ossl_protect_membio2str(out, &status);
- BIO_free(out);
- if(status) rb_jump_tag(status);
+ ret = ossl_membio2str(out);
}
return ret;
@@ -367,16 +352,13 @@ ossl_x509ext_get_value(VALUE obj)
X509_EXTENSION *ext;
BIO *out;
VALUE ret;
- int status = 0;
GetX509Ext(obj, ext);
if (!(out = BIO_new(BIO_s_mem())))
ossl_raise(eX509ExtError, NULL);
if (!X509V3_EXT_print(out, ext, 0, 0))
M_ASN1_OCTET_STRING_print(out, ext->value);
- ret = ossl_protect_membio2str(out, &status);
- BIO_free(out);
- if(status) rb_jump_tag(status);
+ ret = ossl_membio2str(out);
return ret;
}
@@ -394,15 +376,17 @@ ossl_x509ext_to_der(VALUE obj)
{
X509_EXTENSION *ext;
unsigned char *p;
- int len;
+ long len;
VALUE str;
GetX509Ext(obj, ext);
- p = NULL;
- if((len = i2d_X509_EXTENSION(ext, &p)) < 0)
- ossl_raise(eX509ExtError, NULL);
- str = rb_str_new(p, len);
- free(p);
+ if((len = i2d_X509_EXTENSION(ext, NULL)) <= 0)
+ ossl_raise(eX509ExtError, NULL);
+ str = rb_str_new(0, len);
+ p = RSTRING(str)->ptr;
+ if(i2d_X509_EXTENSION(ext, &p) < 0)
+ ossl_raise(eX509ExtError, NULL);
+ ossl_str_adjust(str, p);
return str;
}
@@ -431,7 +415,7 @@ Init_ossl_x509ext()
rb_define_method(cX509ExtFactory, "subject_request=", ossl_x509extfactory_set_subject_req, 1);
rb_define_method(cX509ExtFactory, "crl=", ossl_x509extfactory_set_crl, 1);
rb_define_method(cX509ExtFactory, "config=", ossl_x509extfactory_set_config, 1);
- rb_define_method(cX509ExtFactory, "create_ext_from_array", ossl_x509extfactory_create_ext_from_array, 1);
+ rb_define_method(cX509ExtFactory, "create_ext", ossl_x509extfactory_create_ext, -1);
cX509Ext = rb_define_class_under(mX509, "Extension", rb_cObject);
rb_define_alloc_func(cX509Ext, ossl_x509ext_alloc);