diff options
Diffstat (limited to 'ext/openssl/ossl_x509crl.c')
-rw-r--r-- | ext/openssl/ossl_x509crl.c | 65 |
1 files changed, 36 insertions, 29 deletions
diff --git a/ext/openssl/ossl_x509crl.c b/ext/openssl/ossl_x509crl.c index 2cbe4f941f..0ff5d2f8ea 100644 --- a/ext/openssl/ossl_x509crl.c +++ b/ext/openssl/ossl_x509crl.c @@ -180,7 +180,7 @@ static VALUE ossl_x509crl_get_signature_algorithm(VALUE self) { X509_CRL *crl; - X509_ALGOR *alg; + const X509_ALGOR *alg; BIO *out; BUF_MEM *buf; VALUE str; @@ -189,7 +189,7 @@ ossl_x509crl_get_signature_algorithm(VALUE self) if (!(out = BIO_new(BIO_s_mem()))) { ossl_raise(eX509CRLError, NULL); } - X509_CRL_get0_signature(NULL, &alg, crl); + X509_CRL_get0_signature(crl, NULL, &alg); if (!i2a_ASN1_OBJECT(out, alg->algorithm)) { BIO_free(out); ossl_raise(eX509CRLError, NULL); @@ -230,17 +230,22 @@ ossl_x509crl_get_last_update(VALUE self) GetX509CRL(self, crl); - return asn1time_to_time(X509_CRL_get_lastUpdate(crl)); + return asn1time_to_time(X509_CRL_get0_lastUpdate(crl)); } static VALUE ossl_x509crl_set_last_update(VALUE self, VALUE time) { X509_CRL *crl; + ASN1_TIME *asn1time; GetX509CRL(self, crl); - if (!ossl_x509_time_adjust(X509_CRL_get_lastUpdate(crl), time)) - ossl_raise(eX509CRLError, NULL); + asn1time = ossl_x509_time_adjust(NULL, time); + if (!X509_CRL_set_lastUpdate(crl, asn1time)) { + ASN1_TIME_free(asn1time); + ossl_raise(eX509CRLError, "X509_CRL_set_lastUpdate"); + } + ASN1_TIME_free(asn1time); return time; } @@ -252,28 +257,22 @@ ossl_x509crl_get_next_update(VALUE self) GetX509CRL(self, crl); - return asn1time_to_time(X509_CRL_get_nextUpdate(crl)); + return asn1time_to_time(X509_CRL_get0_nextUpdate(crl)); } static VALUE ossl_x509crl_set_next_update(VALUE self, VALUE time) { X509_CRL *crl; - ASN1_TIME *orig, *new; + ASN1_TIME *asn1time; GetX509CRL(self, crl); - /* orig may be NULL at this time; in this case a new ASN1_TIME is created */ - orig = X509_CRL_get_nextUpdate(crl); - new = ossl_x509_time_adjust(orig, time); - - if (!X509_CRL_set_nextUpdate(crl, new)) { - if (!orig) - ASN1_TIME_free(new); - ossl_raise(eX509CRLError, NULL); + asn1time = ossl_x509_time_adjust(NULL, time); + if (!X509_CRL_set_nextUpdate(crl, asn1time)) { + ASN1_TIME_free(asn1time); + ossl_raise(eX509CRLError, "X509_CRL_set_nextUpdate"); } - /* X509_CRL_set_nextUpdate() dups when orig != new */ - if (!orig) - ASN1_TIME_free(new); + ASN1_TIME_free(asn1time); return time; } @@ -308,6 +307,7 @@ ossl_x509crl_set_revoked(VALUE self, VALUE ary) { X509_CRL *crl; X509_REVOKED *rev; + STACK_OF(X509_REVOKED) *sk; long i; Check_Type(ary, T_ARRAY); @@ -316,11 +316,15 @@ ossl_x509crl_set_revoked(VALUE self, VALUE ary) OSSL_Check_Kind(RARRAY_AREF(ary, i), cX509Rev); } GetX509CRL(self, crl); - sk_X509_REVOKED_pop_free(X509_CRL_get_REVOKED(crl), X509_REVOKED_free); + if ((sk = X509_CRL_get_REVOKED(crl))) { + while ((rev = sk_X509_REVOKED_pop(sk))) + X509_REVOKED_free(rev); + } for (i=0; i<RARRAY_LEN(ary); i++) { rev = DupX509RevokedPtr(RARRAY_AREF(ary, i)); if (!X509_CRL_add0_revoked(crl, rev)) { /* NO DUP - don't free! */ - ossl_raise(eX509CRLError, NULL); + X509_REVOKED_free(rev); + ossl_raise(eX509CRLError, "X509_CRL_add0_revoked"); } } X509_CRL_sort(crl); @@ -337,7 +341,8 @@ ossl_x509crl_add_revoked(VALUE self, VALUE revoked) GetX509CRL(self, crl); rev = DupX509RevokedPtr(revoked); if (!X509_CRL_add0_revoked(crl, rev)) { /* NO DUP - don't free! */ - ossl_raise(eX509CRLError, NULL); + X509_REVOKED_free(rev); + ossl_raise(eX509CRLError, "X509_CRL_add0_revoked"); } X509_CRL_sort(crl); @@ -492,12 +497,10 @@ ossl_x509crl_set_extensions(VALUE self, VALUE ary) while ((ext = X509_CRL_delete_ext(crl, 0))) X509_EXTENSION_free(ext); for (i=0; i<RARRAY_LEN(ary); i++) { - ext = DupX509ExtPtr(RARRAY_AREF(ary, i)); - if(!X509_CRL_add_ext(crl, ext, -1)) { /* DUPs ext - FREE it */ - X509_EXTENSION_free(ext); + ext = GetX509ExtPtr(RARRAY_AREF(ary, i)); /* NO NEED TO DUP */ + if (!X509_CRL_add_ext(crl, ext, -1)) { ossl_raise(eX509CRLError, NULL); } - X509_EXTENSION_free(ext); } return ary; @@ -510,12 +513,10 @@ ossl_x509crl_add_extension(VALUE self, VALUE extension) X509_EXTENSION *ext; GetX509CRL(self, crl); - ext = DupX509ExtPtr(extension); - if (!X509_CRL_add_ext(crl, ext, -1)) { /* DUPs ext - FREE it */ - X509_EXTENSION_free(ext); + ext = GetX509ExtPtr(extension); + if (!X509_CRL_add_ext(crl, ext, -1)) { ossl_raise(eX509CRLError, NULL); } - X509_EXTENSION_free(ext); return extension; } @@ -526,6 +527,12 @@ ossl_x509crl_add_extension(VALUE self, VALUE extension) void Init_ossl_x509crl(void) { +#if 0 + mOSSL = rb_define_module("OpenSSL"); + eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError); + mX509 = rb_define_module_under(mOSSL, "X509"); +#endif + eX509CRLError = rb_define_class_under(mX509, "CRLError", eOSSLError); cX509CRL = rb_define_class_under(mX509, "CRL", rb_cObject); |