diff options
| author | nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2013-03-04 15:17:27 +0000 |
|---|---|---|
| committer | nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2013-03-04 15:17:27 +0000 |
| commit | b2a8c2f35577f4ae7c5b5a6909ae071e0bfc2715 (patch) | |
| tree | d38e39e8b3aaf6680cbb977dc0d4a208c93478c3 /ext | |
| parent | 2fbe19cc4ef719858babc8228b51a1d95bc865f1 (diff) | |
merge revision(s) 39309,39310: [Backport #7551]
* ext/openssl/ossl.c (class OpenSSL): Fixed ExtensionFactory example.
Patch by Richard Bradley. [ruby-trunk - Bug #7551]
* ext/openssl/ossl.c (class OpenSSL): Use only inner parenthesis in
create_extension examples.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@39584 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext')
| -rw-r--r-- | ext/openssl/ossl.c | 39 |
1 files changed, 28 insertions, 11 deletions
diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c index df632947d4..99307b4a75 100644 --- a/ext/openssl/ossl.c +++ b/ext/openssl/ossl.c @@ -701,10 +701,18 @@ ossl_fips_mode_set(VALUE self, VALUE enabled) * * extension_factory = OpenSSL::X509::ExtensionFactory.new nil, cert * - * extension_factory.create_extension 'basicConstraints', 'CA:FALSE' - * extension_factory.create_extension 'keyUsage', - * 'keyEncipherment,dataEncipherment,digitalSignature' - * extension_factory.create_extension 'subjectKeyIdentifier', 'hash' + * cert.add_extension \ + * extension_factory.create_extension('basicConstraints', 'CA:FALSE', true) + * + * cert.add_extension \ + * extension_factory.create_extension( + * 'keyUsage', 'keyEncipherment,dataEncipherment,digitalSignature') + * + * cert.add_extension \ + * extension_factory.create_extension('subjectKeyIdentifier', 'hash') + * + * The list of supported extensions (and in some cases their possible values) + * can be derived from the "objects.h" file in the OpenSSL source code. * * === Signing a Certificate * @@ -772,16 +780,20 @@ ossl_fips_mode_set(VALUE self, VALUE enabled) * extension_factory.subject_certificate = ca_cert * extension_factory.issuer_certificate = ca_cert * - * extension_factory.create_extension 'subjectKeyIdentifier', 'hash' + * ca_cert.add_extension \ + * extension_factory.create_extension('subjectKeyIdentifier', 'hash') * * This extension indicates the CA's key may be used as a CA. * - * extension_factory.create_extension 'basicConstraints', 'CA:TRUE', true + * ca_cert.add_extension \ + * extension_factory.create_extension('basicConstraints', 'CA:TRUE', true) * * This extension indicates the CA's key may be used to verify signatures on * both certificates and certificate revocations. * - * extension_factory.create_extension 'keyUsage', 'cRLSign,keyCertSign', true + * ca_cert.add_extension \ + * extension_factory.create_extension( + * 'keyUsage', 'cRLSign,keyCertSign', true) * * Root CA certificates are self-signed. * @@ -837,10 +849,15 @@ ossl_fips_mode_set(VALUE self, VALUE enabled) * extension_factory.subject_certificate = csr_cert * extension_factory.issuer_certificate = ca_cert * - * extension_factory.create_extension 'basicConstraints', 'CA:FALSE' - * extension_factory.create_extension 'keyUsage', - * 'keyEncipherment,dataEncipherment,digitalSignature' - * extension_factory.create_extension 'subjectKeyIdentifier', 'hash' + * csr_cert.add_extension \ + * extension_factory.create_extension('basicConstraints', 'CA:FALSE') + * + * csr_cert.add_extension \ + * extension_factory.create_extension( + * 'keyUsage', 'keyEncipherment,dataEncipherment,digitalSignature') + * + * csr_cert.add_extension \ + * extension_factory.create_extension('subjectKeyIdentifier', 'hash') * * csr_cert.sign ca_key, OpenSSL::Digest::SHA1.new * |