diff options
| -rw-r--r-- | ChangeLog | 15 | ||||
| -rw-r--r-- | ext/openssl/ossl_config.c | 12 | ||||
| -rw-r--r-- | ext/openssl/ossl_pkcs5.c | 7 | ||||
| -rw-r--r-- | ext/openssl/ossl_ssl_session.c | 15 | ||||
| -rw-r--r-- | test/openssl/test_cipher.rb | 2 | ||||
| -rw-r--r-- | test/openssl/test_x509name.rb | 10 |
6 files changed, 48 insertions, 13 deletions
@@ -1,3 +1,18 @@ +Tue Mar 9 22:58:59 2010 NAKAMURA, Hiroshi <nahi@ruby-lang.org> + + * ext/openssl/ossl_config.c: defined own IMPLEMENT_LHASH_DOALL_ARG_FN_098 + macro according to IMPLEMENT_LHASH_DOALL_ARG_FN in OpenSSL 0.9.8m. + OpenSSL 1.0.0beta5 has a slightly different definiton so it could + be a temporal workaround for 0.9.8 and 1.0.0 dual support. + + * ext/openssl/ossl_pkcs5.c (ossl_pkcs5_pbkdf2_hmac): follows function + definition in OpenSSL 1.0.0beta5. PKCS5_PBKDF2_HMAC is from 1.0.0 + (0.9.8 only has PKCS5_PBKDF2_HMAC_SHA1) + + * ext/openssl/ossl_ssl_session.c (ossl_ssl_session_eq): do not use + SSL_SESSION_cmp and implement equality func by ousrself. See the + comment. + Mon Mar 8 14:58:42 2010 NAKAMURA, Hiroshi <nahi@ruby-lang.org> * ext/openssl/ossl_ssl_session.c diff --git a/ext/openssl/ossl_config.c b/ext/openssl/ossl_config.c index aaade578ad..366c20feba 100644 --- a/ext/openssl/ossl_config.c +++ b/ext/openssl/ossl_config.c @@ -313,6 +313,12 @@ ossl_config_get_section_old(VALUE self, VALUE section) } #ifdef IMPLEMENT_LHASH_DOALL_ARG_FN +#define IMPLEMENT_LHASH_DOALL_ARG_FN_098(f_name,o_type,a_type) \ + void f_name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \ + o_type a = (o_type)arg1; \ + a_type b = (a_type)arg2; \ + f_name(a,b); } + static void get_conf_section(CONF_VALUE *cv, VALUE ary) { @@ -320,7 +326,7 @@ get_conf_section(CONF_VALUE *cv, VALUE ary) rb_ary_push(ary, rb_str_new2(cv->section)); } -static IMPLEMENT_LHASH_DOALL_ARG_FN(get_conf_section, CONF_VALUE*, VALUE) +static IMPLEMENT_LHASH_DOALL_ARG_FN_098(get_conf_section, CONF_VALUE*, VALUE) static VALUE ossl_config_get_sections(VALUE self) @@ -358,7 +364,7 @@ dump_conf_value(CONF_VALUE *cv, VALUE str) rb_str_cat2(str, "\n"); } -static IMPLEMENT_LHASH_DOALL_ARG_FN(dump_conf_value, CONF_VALUE*, VALUE) +static IMPLEMENT_LHASH_DOALL_ARG_FN_098(dump_conf_value, CONF_VALUE*, VALUE) static VALUE dump_conf(CONF *conf) @@ -402,7 +408,7 @@ each_conf_value(CONF_VALUE *cv, void* dummy) } } -static IMPLEMENT_LHASH_DOALL_ARG_FN(each_conf_value, CONF_VALUE*, void*) +static IMPLEMENT_LHASH_DOALL_ARG_FN_098(each_conf_value, CONF_VALUE*, void*) static VALUE ossl_config_each(VALUE self) diff --git a/ext/openssl/ossl_pkcs5.c b/ext/openssl/ossl_pkcs5.c index c4476dae38..ca20339adb 100644 --- a/ext/openssl/ossl_pkcs5.c +++ b/ext/openssl/ossl_pkcs5.c @@ -29,14 +29,17 @@ ossl_pkcs5_pbkdf2_hmac(VALUE self, VALUE pass, VALUE salt, VALUE iter, VALUE key VALUE str; const EVP_MD *md; int len = NUM2INT(keylen); + unsigned char* salt_p; + unsigned char* str_p; StringValue(pass); StringValue(salt); md = GetDigestPtr(digest); - str = rb_str_new(0, len); + salt_p = (unsigned char*)RSTRING_PTR(salt); + str_p = (unsigned char*)RSTRING_PTR(str); - if (PKCS5_PBKDF2_HMAC(RSTRING_PTR(pass), RSTRING_LEN(pass), RSTRING_PTR(salt), RSTRING_LEN(salt), NUM2INT(iter), md, len, RSTRING_PTR(str)) != 1) + if (PKCS5_PBKDF2_HMAC(RSTRING_PTR(pass), RSTRING_LEN(pass), salt_p, RSTRING_LEN(salt), NUM2INT(iter), md, len, str_p) != 1) ossl_raise(ePKCS5, "PKCS5_PBKDF2_HMAC"); return str; diff --git a/ext/openssl/ossl_ssl_session.c b/ext/openssl/ossl_ssl_session.c index d660591b34..fcbcf8cb24 100644 --- a/ext/openssl/ossl_ssl_session.c +++ b/ext/openssl/ossl_ssl_session.c @@ -84,9 +84,18 @@ static VALUE ossl_ssl_session_eq(VALUE val1, VALUE val2) GetSSLSession(val1, ctx1); SafeGetSSLSession(val2, ctx2); - switch (SSL_SESSION_cmp(ctx1, ctx2)) { - case 0: return Qtrue; - default: return Qfalse; + /* + * OpenSSL 1.0.0betas do not have non-static SSL_SESSION_cmp. + * ssl_session_cmp (was SSL_SESSION_cmp in 0.9.8) is for lhash + * comparing so we should not depend on it. Just compare sessions + * by version and id. + */ + if ((ctx1->ssl_version == ctx2->ssl_version) && + (ctx1->session_id_length == ctx2->session_id_length) && + (memcmp(ctx1->session_id, ctx2->session_id, ctx1->session_id_length) == 0)) { + return Qtrue; + } else { + return Qfalse; } } diff --git a/test/openssl/test_cipher.rb b/test/openssl/test_cipher.rb index 39195a1e26..3bdad08cd7 100644 --- a/test/openssl/test_cipher.rb +++ b/test/openssl/test_cipher.rb @@ -101,7 +101,7 @@ class OpenSSL::TestCipher < Test::Unit::TestCase assert_equal(@data, decrypted_data[0...@data.size]) end - if PLATFORM =~ /java/ + if RUBY_PLATFORM =~ /java/ # JRuby extension - using Java padding types def test_disable_padding_javastyle diff --git a/test/openssl/test_x509name.rb b/test/openssl/test_x509name.rb index 434aa18940..073a922b63 100644 --- a/test/openssl/test_x509name.rb +++ b/test/openssl/test_x509name.rb @@ -270,18 +270,20 @@ class OpenSSL::TestX509Name < Test::Unit::TestCase name.respond_to?(:hash_old) ? name.hash_old : name.hash end + def calc_hash(d) + (d[0] & 0xff) | (d[1] & 0xff) << 8 | (d[2] & 0xff) << 16 | (d[3] & 0xff) << 24 + end + def test_hash dn = "/DC=org/DC=ruby-lang/CN=www.ruby-lang.org" name = OpenSSL::X509::Name.parse(dn) d = Digest::MD5.digest(name.to_der) - expected = (d[0] & 0xff) | (d[1] & 0xff) << 8 | (d[2] & 0xff) << 16 | (d[3] & 0xff) << 24 - assert_equal(expected, name_hash(name)) + assert_equal(calc_hash(d), name_hash(name)) # dn = "/DC=org/DC=ruby-lang/CN=baz.ruby-lang.org" name = OpenSSL::X509::Name.parse(dn) d = Digest::MD5.digest(name.to_der) - expected = (d[0] & 0xff) | (d[1] & 0xff) << 8 | (d[2] & 0xff) << 16 | (d[3] & 0xff) << 24 - assert_equal(expected, name_hash(name)) + assert_equal(calc_hash(d), name_hash(name)) end end |