summaryrefslogtreecommitdiff
path: root/ext/openssl/ossl_x509crl.c
diff options
context:
space:
mode:
Diffstat (limited to 'ext/openssl/ossl_x509crl.c')
-rw-r--r--ext/openssl/ossl_x509crl.c65
1 files changed, 36 insertions, 29 deletions
diff --git a/ext/openssl/ossl_x509crl.c b/ext/openssl/ossl_x509crl.c
index 2cbe4f941f..0ff5d2f8ea 100644
--- a/ext/openssl/ossl_x509crl.c
+++ b/ext/openssl/ossl_x509crl.c
@@ -180,7 +180,7 @@ static VALUE
ossl_x509crl_get_signature_algorithm(VALUE self)
{
X509_CRL *crl;
- X509_ALGOR *alg;
+ const X509_ALGOR *alg;
BIO *out;
BUF_MEM *buf;
VALUE str;
@@ -189,7 +189,7 @@ ossl_x509crl_get_signature_algorithm(VALUE self)
if (!(out = BIO_new(BIO_s_mem()))) {
ossl_raise(eX509CRLError, NULL);
}
- X509_CRL_get0_signature(NULL, &alg, crl);
+ X509_CRL_get0_signature(crl, NULL, &alg);
if (!i2a_ASN1_OBJECT(out, alg->algorithm)) {
BIO_free(out);
ossl_raise(eX509CRLError, NULL);
@@ -230,17 +230,22 @@ ossl_x509crl_get_last_update(VALUE self)
GetX509CRL(self, crl);
- return asn1time_to_time(X509_CRL_get_lastUpdate(crl));
+ return asn1time_to_time(X509_CRL_get0_lastUpdate(crl));
}
static VALUE
ossl_x509crl_set_last_update(VALUE self, VALUE time)
{
X509_CRL *crl;
+ ASN1_TIME *asn1time;
GetX509CRL(self, crl);
- if (!ossl_x509_time_adjust(X509_CRL_get_lastUpdate(crl), time))
- ossl_raise(eX509CRLError, NULL);
+ asn1time = ossl_x509_time_adjust(NULL, time);
+ if (!X509_CRL_set_lastUpdate(crl, asn1time)) {
+ ASN1_TIME_free(asn1time);
+ ossl_raise(eX509CRLError, "X509_CRL_set_lastUpdate");
+ }
+ ASN1_TIME_free(asn1time);
return time;
}
@@ -252,28 +257,22 @@ ossl_x509crl_get_next_update(VALUE self)
GetX509CRL(self, crl);
- return asn1time_to_time(X509_CRL_get_nextUpdate(crl));
+ return asn1time_to_time(X509_CRL_get0_nextUpdate(crl));
}
static VALUE
ossl_x509crl_set_next_update(VALUE self, VALUE time)
{
X509_CRL *crl;
- ASN1_TIME *orig, *new;
+ ASN1_TIME *asn1time;
GetX509CRL(self, crl);
- /* orig may be NULL at this time; in this case a new ASN1_TIME is created */
- orig = X509_CRL_get_nextUpdate(crl);
- new = ossl_x509_time_adjust(orig, time);
-
- if (!X509_CRL_set_nextUpdate(crl, new)) {
- if (!orig)
- ASN1_TIME_free(new);
- ossl_raise(eX509CRLError, NULL);
+ asn1time = ossl_x509_time_adjust(NULL, time);
+ if (!X509_CRL_set_nextUpdate(crl, asn1time)) {
+ ASN1_TIME_free(asn1time);
+ ossl_raise(eX509CRLError, "X509_CRL_set_nextUpdate");
}
- /* X509_CRL_set_nextUpdate() dups when orig != new */
- if (!orig)
- ASN1_TIME_free(new);
+ ASN1_TIME_free(asn1time);
return time;
}
@@ -308,6 +307,7 @@ ossl_x509crl_set_revoked(VALUE self, VALUE ary)
{
X509_CRL *crl;
X509_REVOKED *rev;
+ STACK_OF(X509_REVOKED) *sk;
long i;
Check_Type(ary, T_ARRAY);
@@ -316,11 +316,15 @@ ossl_x509crl_set_revoked(VALUE self, VALUE ary)
OSSL_Check_Kind(RARRAY_AREF(ary, i), cX509Rev);
}
GetX509CRL(self, crl);
- sk_X509_REVOKED_pop_free(X509_CRL_get_REVOKED(crl), X509_REVOKED_free);
+ if ((sk = X509_CRL_get_REVOKED(crl))) {
+ while ((rev = sk_X509_REVOKED_pop(sk)))
+ X509_REVOKED_free(rev);
+ }
for (i=0; i<RARRAY_LEN(ary); i++) {
rev = DupX509RevokedPtr(RARRAY_AREF(ary, i));
if (!X509_CRL_add0_revoked(crl, rev)) { /* NO DUP - don't free! */
- ossl_raise(eX509CRLError, NULL);
+ X509_REVOKED_free(rev);
+ ossl_raise(eX509CRLError, "X509_CRL_add0_revoked");
}
}
X509_CRL_sort(crl);
@@ -337,7 +341,8 @@ ossl_x509crl_add_revoked(VALUE self, VALUE revoked)
GetX509CRL(self, crl);
rev = DupX509RevokedPtr(revoked);
if (!X509_CRL_add0_revoked(crl, rev)) { /* NO DUP - don't free! */
- ossl_raise(eX509CRLError, NULL);
+ X509_REVOKED_free(rev);
+ ossl_raise(eX509CRLError, "X509_CRL_add0_revoked");
}
X509_CRL_sort(crl);
@@ -492,12 +497,10 @@ ossl_x509crl_set_extensions(VALUE self, VALUE ary)
while ((ext = X509_CRL_delete_ext(crl, 0)))
X509_EXTENSION_free(ext);
for (i=0; i<RARRAY_LEN(ary); i++) {
- ext = DupX509ExtPtr(RARRAY_AREF(ary, i));
- if(!X509_CRL_add_ext(crl, ext, -1)) { /* DUPs ext - FREE it */
- X509_EXTENSION_free(ext);
+ ext = GetX509ExtPtr(RARRAY_AREF(ary, i)); /* NO NEED TO DUP */
+ if (!X509_CRL_add_ext(crl, ext, -1)) {
ossl_raise(eX509CRLError, NULL);
}
- X509_EXTENSION_free(ext);
}
return ary;
@@ -510,12 +513,10 @@ ossl_x509crl_add_extension(VALUE self, VALUE extension)
X509_EXTENSION *ext;
GetX509CRL(self, crl);
- ext = DupX509ExtPtr(extension);
- if (!X509_CRL_add_ext(crl, ext, -1)) { /* DUPs ext - FREE it */
- X509_EXTENSION_free(ext);
+ ext = GetX509ExtPtr(extension);
+ if (!X509_CRL_add_ext(crl, ext, -1)) {
ossl_raise(eX509CRLError, NULL);
}
- X509_EXTENSION_free(ext);
return extension;
}
@@ -526,6 +527,12 @@ ossl_x509crl_add_extension(VALUE self, VALUE extension)
void
Init_ossl_x509crl(void)
{
+#if 0
+ mOSSL = rb_define_module("OpenSSL");
+ eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);
+ mX509 = rb_define_module_under(mOSSL, "X509");
+#endif
+
eX509CRLError = rb_define_class_under(mX509, "CRLError", eOSSLError);
cX509CRL = rb_define_class_under(mX509, "CRL", rb_cObject);
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-18 20:40:58 +0000