1 files changed, 28 insertions, 31 deletions

diff --git a/sample/openssl/certstore.rb b/sample/openssl/certstore.rb
index c0bc21bcbb..72e59f6dad 100644
--- a/sample/openssl/certstore.rb
+++ b/sample/openssl/certstore.rb
@@ -3,9 +3,6 @@ require 'crlstore'
 
 
 class CertStore
-  include OpenSSL
-  include X509
-
   attr_reader :self_signed_ca
   attr_reader :other_ca
   attr_reader :ee
@@ -17,11 +14,11 @@ class CertStore
     @c_store = CHashDir.new(@certs_dir)
     @c_store.hash_dir(true)
     @crl_store = CrlStore.new(@c_store)
-    @x509store = Store.new
+    @x509store = OpenSSL::X509::Store.new
     @self_signed_ca = @other_ca = @ee = @crl = nil
 
     # Uncomment this line to let OpenSSL to check CRL for each certs.
-    # @x509store.flags = V_FLAG_CRL_CHECK | V_FLAG_CRL_CHECK_ALL
+    # @x509store.flags = OpenSSL::X509::V_FLAG_CRL_CHECK | OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
 
     add_path
     scan_certs
@@ -76,27 +73,27 @@ private
     result = @x509store.verify(cert) do |ok, ctx|
       cert = ctx.current_cert
       if ctx.current_crl
-	crl_map[cert.subject] = true
+        crl_map[cert.subject] = true
       end
       if ok
-	if !ctx.current_crl
-	  if crl = @crl_store.find_crl(cert)
-	    crl_map[cert.subject] = true
-	    if crl.revoked.find { |revoked| revoked.serial == cert.serial }
-	      ok = false
-	      error_string = 'certification revoked'
-	    end
-	  end
-	end
+        if !ctx.current_crl
+          if crl = @crl_store.find_crl(cert)
+            crl_map[cert.subject] = true
+            if crl.revoked.find { |revoked| revoked.serial == cert.serial }
+              ok = false
+              error_string = 'certification revoked'
+            end
+          end
+        end
       end
       error_map[cert.subject] = error_string if error_string
       ok
     end
     error = if result
-	nil
-      else
-	error_map[cert.subject] || @x509store.error_string
-      end
+      nil
+    else
+      error_map[cert.subject] || @x509store.error_string
+    end
     return error, crl_map
   end
 
@@ -105,13 +102,13 @@ private
       cert = generate_cert(certfile)
       case guess_cert_type(cert)
       when CERT_TYPE_SELF_SIGNED
-	@self_signed_ca << cert
+        @self_signed_ca << cert
       when CERT_TYPE_OTHER
-	@other_ca << cert
+        @other_ca << cert
       when CERT_TYPE_EE
-	@ee << cert
+        @ee << cert
       else
-	raise "Unknown cert type."
+        raise "Unknown cert type."
       end
     end
     @c_store.get_crls.each do |crlfile|
@@ -128,21 +125,21 @@ private
       # Ignores criticality of extensions.  It's 'guess'ing.
       case ext.oid
       when 'basicConstraints'
-	/CA:(TRUE|FALSE), pathlen:(\d+)/ =~ ext.value
-	ca = ($1 == 'TRUE') unless ca
+        /CA:(TRUE|FALSE), pathlen:(\d+)/ =~ ext.value
+        ca = ($1 == 'TRUE') unless ca
       when 'keyUsage'
-	usage = ext.value.split(/\s*,\s*/)
-	ca = usage.include?('Certificate Sign') unless ca
+        usage = ext.value.split(/\s*,\s*/)
+        ca = usage.include?('Certificate Sign') unless ca
       when 'nsCertType'
-	usage = ext.value.split(/\s*,\s*/)
-	ca = usage.include?('SSL CA') unless ca
+        usage = ext.value.split(/\s*,\s*/)
+        ca = usage.include?('SSL CA') unless ca
       end
     end
     if ca
       if self_signed
-	CERT_TYPE_SELF_SIGNED
+        CERT_TYPE_SELF_SIGNED
       else
-	CERT_TYPE_OTHER
+        CERT_TYPE_OTHER
       end
     else
       CERT_TYPE_EE