diff options
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | ext/openssl/ossl_pkcs12.c | 4 | ||||
| -rw-r--r-- | version.h | 2 |
3 files changed, 11 insertions, 1 deletions
@@ -1,3 +1,9 @@ +Mon Sep 26 23:34:09 2016 Kazuki Yamaguchi <k@rhe.jp> + + * ext/openssl/ossl_pkcs12.c (ossl_pkcs12_initialize): pop errors + leaked by PKCS12_parse(). This is a bug in OpenSSL, which exists + in the versions before the version 1.0.0t, 1.0.1p, 1.0.2d. + Mon Sep 26 23:10:43 2016 NARUSE, Yui <naruse@ruby-lang.org> * vm_dump.c (backtrace): use rip in the saved context for the case diff --git a/ext/openssl/ossl_pkcs12.c b/ext/openssl/ossl_pkcs12.c index c70ebca195..2a42ee973b 100644 --- a/ext/openssl/ossl_pkcs12.c +++ b/ext/openssl/ossl_pkcs12.c @@ -165,8 +165,12 @@ ossl_pkcs12_initialize(int argc, VALUE *argv, VALUE self) BIO_free(in); pkey = cert = ca = Qnil; + /* OpenSSL's bug; PKCS12_parse() puts errors even if it succeeds. + * Fixed in OpenSSL 1.0.0t, 1.0.1p, 1.0.2d */ + ERR_set_mark(); if(!PKCS12_parse(pkcs, passphrase, &key, &x509, &x509s)) ossl_raise(ePKCS12Error, "PKCS12_parse"); + ERR_pop_to_mark(); pkey = rb_protect((VALUE(*)_((VALUE)))ossl_pkey_new, (VALUE)key, &st); /* NO DUP */ if(st) goto err; @@ -1,6 +1,6 @@ #define RUBY_VERSION "2.3.2" #define RUBY_RELEASE_DATE "2016-09-26" -#define RUBY_PATCHLEVEL 190 +#define RUBY_PATCHLEVEL 191 #define RUBY_RELEASE_YEAR 2016 #define RUBY_RELEASE_MONTH 9 |