diff options
| author | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2004-12-15 01:54:40 +0000 |
|---|---|---|
| committer | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2004-12-15 01:54:40 +0000 |
| commit | 1c474bb43e7bef7af8d0b3857d2bbbafa53d87f7 (patch) | |
| tree | 65e5b11627653d6cc3c5fe49f62b5b1c6899fdd5 | |
| parent | 6add16fdf5dfbca9c2692e0f05e17b35aa497f05 (diff) | |
| download | ruby-1c474bb43e7bef7af8d0b3857d2bbbafa53d87f7.tar.gz ruby-1c474bb43e7bef7af8d0b3857d2bbbafa53d87f7.tar.xz ruby-1c474bb43e7bef7af8d0b3857d2bbbafa53d87f7.zip | |
* ext/openssl/ossl_digest.c (ossl_digest_initialize): [ruby-dev:25198]
* lib/cgi/session.rb (CGI::Session::initialize): generate new
session if given session_id does not exist. [ruby-list:40368]
git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7556 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| -rw-r--r-- | ChangeLog | 13 | ||||
| -rw-r--r-- | ext/openssl/ossl_bn.c | 22 | ||||
| -rw-r--r-- | ext/openssl/ossl_cipher.c | 19 | ||||
| -rw-r--r-- | ext/openssl/ossl_config.c | 14 | ||||
| -rw-r--r-- | ext/openssl/ossl_digest.c | 10 | ||||
| -rw-r--r-- | ext/openssl/ossl_engine.c | 3 | ||||
| -rw-r--r-- | ext/openssl/ossl_hmac.c | 4 | ||||
| -rw-r--r-- | ext/openssl/ossl_ns_spki.c | 2 | ||||
| -rw-r--r-- | ext/openssl/ossl_ocsp.c | 32 | ||||
| -rw-r--r-- | ext/openssl/ossl_pkcs7.c | 17 | ||||
| -rw-r--r-- | ext/openssl/ossl_ssl.c | 20 | ||||
| -rw-r--r-- | ext/openssl/ossl_x509attr.c | 4 | ||||
| -rw-r--r-- | ext/openssl/ossl_x509cert.c | 15 | ||||
| -rw-r--r-- | ext/openssl/ossl_x509crl.c | 12 | ||||
| -rw-r--r-- | ext/openssl/ossl_x509ext.c | 7 | ||||
| -rw-r--r-- | ext/openssl/ossl_x509name.c | 31 | ||||
| -rw-r--r-- | ext/openssl/ossl_x509req.c | 6 | ||||
| -rw-r--r-- | ext/openssl/ossl_x509revoked.c | 4 | ||||
| -rw-r--r-- | ext/openssl/ossl_x509store.c | 20 | ||||
| -rw-r--r-- | lib/cgi/session.rb | 43 | ||||
| -rw-r--r-- | lib/cgi/session/pstore.rb | 2 | ||||
| -rw-r--r-- | lib/jcode.rb | 2 |
22 files changed, 168 insertions, 134 deletions
@@ -1,3 +1,7 @@ +Wed Dec 15 10:30:37 2004 Yukihiro Matsumoto <matz@ruby-lang.org> + + * ext/openssl/ossl_digest.c (ossl_digest_initialize): [ruby-dev:25198] + Tue Dec 14 17:10:09 2004 NAKAMURA Usaku <usa@ruby-lang.org> * win32/win32.c (rb_w32_close): need to reset osfhnd(). @@ -7,6 +11,11 @@ Tue Dec 14 14:03:57 2004 GOTOU Yuuzou <gotoyuzo@notwork.org> * ext/openssl/ossl.c (ossl_raise): avoid buffer overrun. [ruby-dev:25187] +Tue Dec 14 12:36:04 2004 Yukihiro Matsumoto <matz@ruby-lang.org> + + * lib/cgi/session.rb (CGI::Session::initialize): generate new + session if given session_id does not exist. [ruby-list:40368] + Mon Dec 13 18:13:52 2004 Tanaka Akira <akr@m17n.org> * gc.c (stack_end_address): new function to obtain stack end address. @@ -48,6 +57,10 @@ Sat Dec 11 20:12:21 2004 Masatoshi SEKI <m_seki@mva.biglobe.ne.jp> * test/drb/ut_drb.rb: ditto. +Sat Dec 11 15:38:14 2004 Yukihiro Matsumoto <matz@ruby-lang.org> + + * lib/jcode.rb (String::succ): [ruby-dev:25156] + Sat Dec 11 12:41:55 2004 NAKAMURA Usaku <usa@ruby-lang.org> * eval.c (run_trap_eval): prototype; avoid VC++ warnings. diff --git a/ext/openssl/ossl_bn.c b/ext/openssl/ossl_bn.c index c3a371a00..47a607e60 100644 --- a/ext/openssl/ossl_bn.c +++ b/ext/openssl/ossl_bn.c @@ -107,11 +107,11 @@ ossl_bn_initialize(int argc, VALUE *argv, VALUE self) VALUE str, bs; int base = 10; - GetBN(self, bn); - if (rb_scan_args(argc, argv, "11", &str, &bs) == 2) { base = NUM2INT(bs); } + StringValue(str); + GetBN(self, bn); if (RTEST(rb_obj_is_kind_of(str, cBN))) { BIGNUM *other; @@ -121,8 +121,6 @@ ossl_bn_initialize(int argc, VALUE *argv, VALUE self) } return self; } - str = rb_String(str); - StringValue(str); switch (base) { case 0: @@ -159,11 +157,10 @@ ossl_bn_to_s(int argc, VALUE *argv, VALUE self) int base = 10, len; char *buf; - GetBN(self, bn); - if (rb_scan_args(argc, argv, "01", &bs) == 1) { base = NUM2INT(bs); } + GetBN(self, bn); switch (base) { case 0: len = BN_bn2mpi(bn, NULL); @@ -380,11 +377,12 @@ BIGNUM_BIT(mask_bits); static VALUE ossl_bn_is_bit_set(VALUE self, VALUE bit) { + int b; BIGNUM *bn; + b = NUM2INT(bit); GetBN(self, bn); - - if (BN_is_bit_set(bn, NUM2INT(bit))) { + if (BN_is_bit_set(bn, b)) { return Qtrue; } return Qfalse; @@ -397,8 +395,8 @@ ossl_bn_is_bit_set(VALUE self, VALUE bit) BIGNUM *bn, *result; \ int b; \ VALUE obj; \ - GetBN(self, bn); \ b = NUM2INT(bits); \ + GetBN(self, bn); \ if (!(result = BN_new())) { \ ossl_raise(eBNError, NULL); \ } \ @@ -550,11 +548,10 @@ ossl_bn_is_prime(int argc, VALUE *argv, VALUE self) VALUE vchecks; int checks = BN_prime_checks; - GetBN(self, bn); - if (rb_scan_args(argc, argv, "01", &vchecks) == 0) { checks = NUM2INT(vchecks); } + GetBN(self, bn); switch (BN_is_prime(bn, checks, NULL, ossl_bn_ctx, NULL)) { case 1: return Qtrue; @@ -574,13 +571,12 @@ ossl_bn_is_prime_fasttest(int argc, VALUE *argv, VALUE self) VALUE vchecks, vtrivdiv; int checks = BN_prime_checks, do_trial_division = 1; - GetBN(self, bn); - rb_scan_args(argc, argv, "02", &vchecks, &vtrivdiv); if (!NIL_P(vchecks)) { checks = NUM2INT(vchecks); } + GetBN(self, bn); /* handle true/false */ if (vtrivdiv == Qfalse) { do_trial_division = 0; diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c index 98468e0f2..11edd9a32 100644 --- a/ext/openssl/ossl_cipher.c +++ b/ext/openssl/ossl_cipher.c @@ -91,10 +91,8 @@ ossl_cipher_initialize(VALUE self, VALUE str) const EVP_CIPHER *cipher; char *name; - GetCipher(self, ctx); - name = StringValuePtr(str); - + GetCipher(self, ctx); if (!(cipher = EVP_get_cipherbyname(name))) { ossl_raise(rb_eRuntimeError, "Unsupported cipher algorithm (%s).", name); } @@ -139,7 +137,6 @@ ossl_cipher_init(int argc, VALUE *argv, VALUE self, int mode) unsigned char iv[EVP_MAX_IV_LENGTH], *p_iv = NULL; VALUE pass, init_v; - GetCipher(self, ctx); if(rb_scan_args(argc, argv, "02", &pass, &init_v) > 0){ /* * oops. this code mistakes salt for IV. @@ -147,6 +144,7 @@ ossl_cipher_init(int argc, VALUE *argv, VALUE self, int mode) * keeping this behaviour for backward compatibility. */ StringValue(pass); + GetCipher(self, ctx); if (NIL_P(init_v)) memcpy(iv, "OpenSSL for Ruby rulez!", sizeof(iv)); else{ char *cname = rb_class2name(rb_obj_class(self)); @@ -164,6 +162,9 @@ ossl_cipher_init(int argc, VALUE *argv, VALUE self, int mode) p_key = key; p_iv = iv; } + else { + GetCipher(self, ctx); + } if (EVP_CipherInit_ex(ctx, NULL, NULL, p_key, p_iv, mode) != 1) { ossl_raise(eCipherError, NULL); } @@ -192,7 +193,6 @@ ossl_cipher_pkcs5_keyivgen(int argc, VALUE *argv, VALUE self) unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH], *salt = NULL; int iter; - GetCipher(self, ctx); rb_scan_args(argc, argv, "13", &vpass, &vsalt, &viter, &vdigest); StringValue(vpass); if(!NIL_P(vsalt)){ @@ -203,6 +203,7 @@ ossl_cipher_pkcs5_keyivgen(int argc, VALUE *argv, VALUE self) } iter = NIL_P(viter) ? 2048 : NUM2INT(viter); digest = NIL_P(vdigest) ? EVP_md5() : GetDigestPtr(vdigest); + GetCipher(self, ctx); EVP_BytesToKey(EVP_CIPHER_CTX_cipher(ctx), digest, salt, RSTRING(vpass)->ptr, RSTRING(vpass)->len, iter, key, iv); if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, -1) != 1) @@ -221,10 +222,10 @@ ossl_cipher_update(VALUE self, VALUE data) int in_len, out_len; VALUE str; - GetCipher(self, ctx); StringValue(data); in = RSTRING(data)->ptr; in_len = RSTRING(data)->len; + GetCipher(self, ctx); str = rb_str_new(0, in_len+EVP_CIPHER_CTX_block_size(ctx)); if (!EVP_CipherUpdate(ctx, RSTRING(str)->ptr, &out_len, in, in_len)) ossl_raise(eCipherError, NULL); @@ -311,9 +312,10 @@ static VALUE ossl_cipher_set_key_length(VALUE self, VALUE key_length) { EVP_CIPHER_CTX *ctx; + int len = NUM2INT(key_length); GetCipher(self, ctx); - if (EVP_CIPHER_CTX_set_key_length(ctx, NUM2INT(key_length)) != 1) + if (EVP_CIPHER_CTX_set_key_length(ctx, len) != 1) ossl_raise(eCipherError, NULL); return key_length; @@ -324,9 +326,10 @@ ossl_cipher_set_padding(VALUE self, VALUE padding) { #if defined(HAVE_EVP_CIPHER_CTX_SET_PADDING) EVP_CIPHER_CTX *ctx; + int pad = NUM2INT(padding); GetCipher(self, ctx); - if (EVP_CIPHER_CTX_set_padding(ctx, NUM2INT(padding)) != 1) + if (EVP_CIPHER_CTX_set_padding(ctx, pad) != 1) ossl_raise(eCipherError, NULL); #else rb_notimplement(); diff --git a/ext/openssl/ossl_config.c b/ext/openssl/ossl_config.c index 37abff508..ef89fdfe0 100644 --- a/ext/openssl/ossl_config.c +++ b/ext/openssl/ossl_config.c @@ -119,8 +119,8 @@ ossl_config_copy(VALUE self, VALUE other) VALUE str; CONF *conf; - GetConfig(other, conf); str = rb_funcall(self, rb_intern("to_s"), 0); + GetConfig(other, conf); parse_config(str, conf); return self; @@ -134,11 +134,11 @@ ossl_config_initialize(int argc, VALUE *argv, VALUE self) char *filename; VALUE path; - GetConfig(self, conf); rb_scan_args(argc, argv, "01", &path); if(!NIL_P(path)){ SafeStringValue(path); filename = StringValuePtr(path); + GetConfig(self, conf); if (!NCONF_load(conf, filename, &eline)){ if (eline <= 0) ossl_raise(eConfigError, "wrong config file %s", filename); @@ -149,7 +149,10 @@ ossl_config_initialize(int argc, VALUE *argv, VALUE self) #ifdef OSSL_NO_CONF_API else rb_raise(rb_eArgError, "wrong number of arguments (0 for 1)"); #else - else _CONF_new_data(conf); + else { + GetConfig(self, conf); + _CONF_new_data(conf); + } #endif return self; @@ -164,10 +167,10 @@ ossl_config_add_value(VALUE self, VALUE section, VALUE name, VALUE value) CONF *conf; CONF_VALUE *sv, *cv; - GetConfig(self, conf); StringValue(section); StringValue(name); StringValue(value); + GetConfig(self, conf); if(!(sv = _CONF_get_section(conf, RSTRING(section)->ptr))){ if(!(sv = _CONF_new_section(conf, RSTRING(section)->ptr))){ ossl_raise(eConfigError, NULL); @@ -195,9 +198,9 @@ ossl_config_get_value(VALUE self, VALUE section, VALUE name) CONF *conf; char *str; - GetConfig(self, conf); StringValue(section); StringValue(name); + GetConfig(self, conf); str = NCONF_get_string(conf, RSTRING(section)->ptr, RSTRING(name)->ptr); if(!str){ ERR_clear_error(); @@ -261,6 +264,7 @@ ossl_config_get_section(VALUE self, VALUE section) VALUE hash; hash = rb_hash_new(); + StringValue(section); GetConfig(self, conf); if (!(sk = NCONF_get_section(conf, StringValuePtr(section)))) { ERR_clear_error(); diff --git a/ext/openssl/ossl_digest.c b/ext/openssl/ossl_digest.c index 8ad9f01dc..d22f02244 100644 --- a/ext/openssl/ossl_digest.c +++ b/ext/openssl/ossl_digest.c @@ -85,16 +85,16 @@ ossl_digest_initialize(int argc, VALUE *argv, VALUE self) char *name; VALUE type, data; - GetDigest(self, ctx); - rb_scan_args(argc, argv, "11", &type, &data); - name = StringValuePtr(type); + StringValue(type); if (!NIL_P(data)) StringValue(data); + name = StringValuePtr(type); md = EVP_get_digestbyname(name); if (!md) { ossl_raise(rb_eRuntimeError, "Unsupported digest algorithm (%s).", name); } + GetDigest(self, ctx); EVP_DigestInit_ex(ctx, md, NULL); if (!NIL_P(data)) return ossl_digest_update(self, data); @@ -134,8 +134,8 @@ ossl_digest_update(VALUE self, VALUE data) { EVP_MD_CTX *ctx; - GetDigest(self, ctx); StringValue(data); + GetDigest(self, ctx); EVP_DigestUpdate(ctx, RSTRING(data)->ptr, RSTRING(data)->len); return self; @@ -218,13 +218,13 @@ ossl_digest_equal(VALUE self, VALUE other) EVP_MD_CTX *ctx; VALUE str1, str2; - GetDigest(self, ctx); if (rb_obj_is_kind_of(other, cDigest) == Qtrue) { str2 = ossl_digest_digest(other); } else { StringValue(other); str2 = other; } + GetDigest(self, ctx); if (RSTRING(str2)->len == EVP_MD_CTX_size(ctx)) { str1 = ossl_digest_digest(self); } else { diff --git a/ext/openssl/ossl_engine.c b/ext/openssl/ossl_engine.c index 91025941b..71ab37322 100644 --- a/ext/openssl/ossl_engine.c +++ b/ext/openssl/ossl_engine.c @@ -253,9 +253,10 @@ static VALUE ossl_engine_set_default(VALUE self, VALUE flag) { ENGINE *e; + int f = NUM2INT(flag); GetEngine(self, e); - ENGINE_set_default(e, NUM2INT(flag)); + ENGINE_set_default(e, f); return Qtrue; } diff --git a/ext/openssl/ossl_hmac.c b/ext/openssl/ossl_hmac.c index fb3d0a6a8..ca5917518 100644 --- a/ext/openssl/ossl_hmac.c +++ b/ext/openssl/ossl_hmac.c @@ -62,8 +62,8 @@ ossl_hmac_initialize(VALUE self, VALUE key, VALUE digest) { HMAC_CTX *ctx; - GetHMAC(self, ctx); StringValue(key); + GetHMAC(self, ctx); HMAC_Init_ex(ctx, RSTRING(key)->ptr, RSTRING(key)->len, GetDigestPtr(digest), NULL); @@ -92,8 +92,8 @@ ossl_hmac_update(VALUE self, VALUE data) { HMAC_CTX *ctx; - GetHMAC(self, ctx); StringValue(data); + GetHMAC(self, ctx); HMAC_Update(ctx, RSTRING(data)->ptr, RSTRING(data)->len); return self; diff --git a/ext/openssl/ossl_ns_spki.c b/ext/openssl/ossl_ns_spki.c index 9aed773ed..37fd88e3b 100644 --- a/ext/openssl/ossl_ns_spki.c +++ b/ext/openssl/ossl_ns_spki.c @@ -172,9 +172,9 @@ ossl_spki_sign(VALUE self, VALUE key, VALUE digest) EVP_PKEY *pkey; const EVP_MD *md; - GetSPKI(self, spki); pkey = GetPrivPKeyPtr(key); /* NO NEED TO DUP */ md = GetDigestPtr(digest); + GetSPKI(self, spki); if (!NETSCAPE_SPKI_sign(spki, pkey, md)) { ossl_raise(eSPKIError, NULL); } diff --git a/ext/openssl/ossl_ocsp.c b/ext/openssl/ossl_ocsp.c index d1f1b8412..f88f74994 100644 --- a/ext/openssl/ossl_ocsp.c +++ b/ext/openssl/ossl_ocsp.c @@ -127,11 +127,13 @@ ossl_ocspreq_add_nonce(int argc, VALUE *argv, VALUE self) int ret; rb_scan_args(argc, argv, "01", &val); - GetOCSPReq(self, req); - if(NIL_P(val)) + if(NIL_P(val)) { + GetOCSPReq(self, req); ret = OCSP_request_add1_nonce(req, NULL, -1); + } else{ StringValue(val); + GetOCSPReq(self, req); ret = OCSP_request_add1_nonce(req, RSTRING(val)->ptr, RSTRING(val)->len); } if(!ret) ossl_raise(eOCSPError, NULL); @@ -214,7 +216,6 @@ ossl_ocspreq_sign(int argc, VALUE *argv, VALUE self) int ret; rb_scan_args(argc, argv, "22", &signer_cert, &signer_key, &certs, &flags); - GetOCSPReq(self, req); signer = GetX509CertPtr(signer_cert); key = GetPrivPKeyPtr(signer_key); flg = NIL_P(flags) ? 0 : NUM2INT(flags); @@ -223,6 +224,7 @@ ossl_ocspreq_sign(int argc, VALUE *argv, VALUE self) flags |= OCSP_NOCERTS; } else x509s = ossl_x509_ary2sk(certs); + GetOCSPReq(self, req); ret = OCSP_request_sign(req, signer, key, EVP_sha1(), x509s, flg); sk_X509_pop_free(x509s, X509_free); if(!ret) ossl_raise(eOCSPError, NULL); @@ -240,10 +242,10 @@ ossl_ocspreq_verify(int argc, VALUE *argv, VALUE self) int flg, result; rb_scan_args(argc, argv, "21", &certs, &store, &flags); - GetOCSPReq(self, req); x509st = GetX509StorePtr(store); flg = NIL_P(flags) ? 0 : INT2NUM(flags); x509s = ossl_x509_ary2sk(certs); + GetOCSPReq(self, req); result = OCSP_request_verify(req, x509s, x509st, flg); sk_X509_pop_free(x509s, X509_free); if(!result) rb_warn("%s", ERR_error_string(ERR_peek_error(), NULL)); @@ -259,12 +261,11 @@ ossl_ocspreq_to_der(VALUE self) unsigned char *p; long len; - GetOCSPReq(self, req); - if((len = i2d_OCSP_REQUEST(req, NULL)) <= 0) ossl_raise(eOCSPError, NULL); str = rb_str_new(0, len); p = RSTRING(str)->ptr; + GetOCSPReq(self, req); if(i2d_OCSP_REQUEST(req, &p) <= 0) ossl_raise(eOCSPError, NULL); ossl_str_adjust(str, p); @@ -281,10 +282,11 @@ ossl_ocspres_s_create(VALUE klass, VALUE status, VALUE basic_resp) OCSP_BASICRESP *bs; OCSP_RESPONSE *res; VALUE obj; + int st = NUM2INT(status); if(NIL_P(basic_resp)) bs = NULL; else GetOCSPBasicRes(basic_resp, bs); /* NO NEED TO DUP */ - if(!(res = OCSP_response_create(NUM2INT(status), bs))) + if(!(res = OCSP_response_create(st, bs))) ossl_raise(eOCSPError, NULL); WrapOCSPRes(klass, obj, res); @@ -426,12 +428,14 @@ ossl_ocspbres_add_nonce(int argc, VALUE *argv, VALUE self) VALUE val; int ret; - GetOCSPBasicRes(self, bs); rb_scan_args(argc, argv, "01", &val); - if(NIL_P(val)) + if(NIL_P(val)) { + GetOCSPBasicRes(self, bs); ret = OCSP_basic_add1_nonce(bs, NULL, -1); + } else{ StringValue(val); + GetOCSPBasicRes(self, bs); ret = OCSP_basic_add1_nonce(bs, RSTRING(val)->ptr, RSTRING(val)->len); } if(!ret) ossl_raise(eOCSPError, NULL); @@ -452,8 +456,6 @@ ossl_ocspbres_add_status(VALUE self, VALUE cid, VALUE status, int error, i, rstatus = 0; VALUE tmp; - GetOCSPBasicRes(self, bs); - SafeGetOCSPCertId(cid, id); st = NUM2INT(status); rsn = NIL_P(status) ? 0 : NUM2INT(reason); if(!NIL_P(ext)){ @@ -477,6 +479,8 @@ ossl_ocspbres_add_status(VALUE self, VALUE cid, VALUE status, if(rstatus) goto err; nxt = X509_gmtime_adj(NULL, NUM2INT(tmp)); + GetOCSPBasicRes(self, bs); + SafeGetOCSPCertId(cid, id); if(!(single = OCSP_basic_add1_status(bs, id, st, rsn, rev, ths, nxt))){ error = 1; goto err; @@ -564,7 +568,6 @@ ossl_ocspbres_sign(int argc, VALUE *argv, VALUE self) int ret; rb_scan_args(argc, argv, "22", &signer_cert, &signer_key, &certs, &flags); - GetOCSPBasicRes(self, bs); signer = GetX509CertPtr(signer_cert); key = GetPrivPKeyPtr(signer_key); flg = NIL_P(flags) ? 0 : NUM2INT(flags); @@ -575,6 +578,7 @@ ossl_ocspbres_sign(int argc, VALUE *argv, VALUE self) else{ x509s = ossl_x509_ary2sk(certs); } + GetOCSPBasicRes(self, bs); ret = OCSP_basic_sign(bs, signer, key, EVP_sha1(), x509s, flg); sk_X509_pop_free(x509s, X509_free); if(!ret) ossl_raise(eOCSPError, NULL); @@ -592,10 +596,10 @@ ossl_ocspbres_verify(int argc, VALUE *argv, VALUE self) int flg, result; rb_scan_args(argc, argv, "21", &certs, &store, &flags); - GetOCSPBasicRes(self, bs); x509st = GetX509StorePtr(store); flg = NIL_P(flags) ? 0 : INT2NUM(flags); x509s = ossl_x509_ary2sk(certs); + GetOCSPBasicRes(self, bs); result = OCSP_basic_verify(bs, x509s, x509st, flg); sk_X509_pop_free(x509s, X509_free); if(!result) rb_warn("%s", ERR_error_string(ERR_peek_error(), NULL)); @@ -625,11 +629,11 @@ ossl_ocspcid_initialize(VALUE self, VALUE subject, VALUE issuer) OCSP_CERTID *id, *newid; X509 *x509s, *x509i; - GetOCSPCertId(self, id); x509s = GetX509CertPtr(subject); /* NO NEED TO DUP */ x509i = GetX509CertPtr(issuer); /* NO NEED TO DUP */ if(!(newid = OCSP_cert_to_id(NULL, x509s, x509i))) ossl_raise(eOCSPError, NULL); + GetOCSPCertId(self, id); OCSP_CERTID_free(id); RDATA(self)->data = newid; diff --git a/ext/openssl/ossl_pkcs7.c b/ext/openssl/ossl_pkcs7.c index 57825e8bb..8d4b1f206 100644 --- a/ext/openssl/ossl_pkcs7.c +++ b/ext/openssl/ossl_pkcs7.c @@ -122,9 +122,9 @@ ossl_pkcs7_s_write_smime(int argc, VALUE *argv, VALUE klass) int flg; rb_scan_args(argc, argv, "12", &pkcs7, &data, &flags); - SafeGetPKCS7(pkcs7, p7); flg = NIL_P(flags) ? 0 : NUM2INT(flags); if(NIL_P(data)) data = ossl_pkcs7_get_data(pkcs7); + SafeGetPKCS7(pkcs7, p7); if(!NIL_P(data) && PKCS7_is_detached(p7)) flg |= PKCS7_DETACHED; in = NIL_P(data) ? NULL : ossl_obj2bio(data); @@ -400,8 +400,8 @@ ossl_pkcs7_add_signer(VALUE self, VALUE signer) PKCS7 *pkcs7; PKCS7_SIGNER_INFO *p7si; - GetPKCS7(self, pkcs7); p7si = DupPKCS7SignerPtr(signer); /* NEED TO DUP */ + GetPKCS7(self, pkcs7); if (!PKCS7_add_signer(pkcs7, p7si)) { PKCS7_SIGNER_INFO_free(p7si); ossl_raise(ePKCS7Error, "Could not add signer."); @@ -447,7 +447,6 @@ ossl_pkcs7_add_recipient(VALUE self, VALUE cert) PKCS7_RECIP_INFO *ri; X509 *x509; - GetPKCS7(self, pkcs7); x509 = GetX509CertPtr(cert); /* NO NEED TO DUP */ if (!(ri = PKCS7_RECIP_INFO_new())) { ossl_raise(ePKCS7Error, NULL); @@ -456,6 +455,7 @@ ossl_pkcs7_add_recipient(VALUE self, VALUE cert) PKCS7_RECIP_INFO_free(ri); ossl_raise(ePKCS7Error, NULL); } + GetPKCS7(self, pkcs7); if (!PKCS7_add_recipient_info(pkcs7, ri)) { PKCS7_RECIP_INFO_free(ri); ossl_raise(ePKCS7Error, NULL); @@ -582,9 +582,7 @@ ossl_pkcs7_verify(int argc, VALUE *argv, VALUE self) VALUE data; const char *msg; - GetPKCS7(self, p7); rb_scan_args(argc, argv, "22", &certs, &store, &indata, &flags); - x509st = GetX509StorePtr(store); flg = NIL_P(flags) ? 0 : NUM2INT(flags); if(NIL_P(indata)) indata = ossl_pkcs7_get_data(self); in = NIL_P(indata) ? NULL : ossl_obj2bio(indata); @@ -596,6 +594,8 @@ ossl_pkcs7_verify(int argc, VALUE *argv, VALUE self) rb_jump_tag(status); } } + x509st = GetX509StorePtr(store); + GetPKCS7(self, p7); if(!(out = BIO_new(BIO_s_mem()))){ BIO_free(in); sk_X509_pop_free(x509s, X509_free); @@ -624,10 +624,10 @@ ossl_pkcs7_decrypt(int argc, VALUE *argv, VALUE self) VALUE str; rb_scan_args(argc, argv, "21", &pkey, &cert, &flags); - GetPKCS7(self, p7); key = GetPrivPKeyPtr(pkey); /* NO NEED TO DUP */ x509 = GetX509CertPtr(cert); /* NO NEED TO DUP */ flg = NIL_P(flags) ? 0 : NUM2INT(flags); + GetPKCS7(self, p7); if(!(out = BIO_new(BIO_s_mem()))) ossl_raise(ePKCS7Error, NULL); if(!PKCS7_decrypt(p7, key, x509, out, flg)){ @@ -647,13 +647,12 @@ ossl_pkcs7_add_data(VALUE self, VALUE data) char buf[4096]; int len; - in = out = NULL; + in = ossl_obj2bio(data); GetPKCS7(self, pkcs7); if(PKCS7_type_is_signed(pkcs7)){ if(!PKCS7_content_new(pkcs7, NID_pkcs7_data)) ossl_raise(ePKCS7Error, NULL); } - in = ossl_obj2bio(data); if(!(out = PKCS7_dataInit(pkcs7, NULL))) goto err; for(;;){ if((len = BIO_read(in, buf, sizeof(buf))) <= 0) @@ -739,10 +738,10 @@ ossl_pkcs7si_initialize(VALUE self, VALUE cert, VALUE key, VALUE digest) X509 *x509; const EVP_MD *md; - GetPKCS7si(self, p7si); pkey = GetPrivPKeyPtr(key); /* NO NEED TO DUP */ x509 = GetX509CertPtr(cert); /* NO NEED TO DUP */ md = GetDigestPtr(digest); + GetPKCS7si(self, p7si); if (!(PKCS7_SIGNER_INFO_set(p7si, x509, pkey, (EVP_MD*)md))) { ossl_raise(ePKCS7Error, NULL); } diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index 4d8a64fc1..c73a160a9 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -119,8 +119,6 @@ ossl_sslctx_initialize(int argc, VALUE *argv, VALUE self) int i; char *s; - Data_Get_Struct(self, SSL_CTX, ctx); - for(i = 0; i < numberof(ossl_sslctx_attrs); i++){ char buf[32]; snprintf(buf, sizeof(buf), "@%s", ossl_sslctx_attrs[i]); @@ -142,6 +140,7 @@ ossl_sslctx_initialize(int argc, VALUE *argv, VALUE self) if (!method) { ossl_raise(rb_eArgError, "unknown SSL method `%s'.", s); } + Data_Get_Struct(self, SSL_CTX, ctx); if (SSL_CTX_set_ssl_version(ctx, method) != 1) { ossl_raise(eSSLError, "SSL_CTX_set_ssl_version:"); } @@ -325,12 +324,6 @@ ossl_sslctx_set_ciphers(VALUE self, VALUE v) int i; rb_check_frozen(self); - Data_Get_Struct(self, SSL_CTX, ctx); - if(!ctx){ - ossl_raise(eSSLError, "SSL_CTX is not initialized."); - return Qnil; - } - if (TYPE(v) == T_ARRAY) { str = rb_str_new2(NULL); for (i = 0; i < RARRAY(v)->len; i++) { @@ -345,6 +338,11 @@ ossl_sslctx_set_ciphers(VALUE self, VALUE v) StringValue(str); } + Data_Get_Struct(self, SSL_CTX, ctx); + if(!ctx){ + ossl_raise(eSSLError, "SSL_CTX is not initialized."); + return Qnil; + } if (!SSL_CTX_set_cipher_list(ctx, RSTRING(str)->ptr)) { ossl_raise(eSSLError, "SSL_CTX_set_ciphers:"); } @@ -491,8 +489,6 @@ ossl_ssl_read(int argc, VALUE *argv, VALUE self) VALUE len, str; OpenFile *fptr; - Data_Get_Struct(self, SSL, ssl); - GetOpenFile(ossl_ssl_get_io(self), fptr); rb_scan_args(argc, argv, "11", &len, &str); ilen = NUM2INT(len); if(NIL_P(str)) str = rb_str_new(0, ilen); @@ -503,6 +499,8 @@ ossl_ssl_read(int argc, VALUE *argv, VALUE self) } if(ilen == 0) return str; + Data_Get_Struct(self, SSL, ssl); + GetOpenFile(ossl_ssl_get_io(self), fptr); if (ssl) { if(SSL_pending(ssl) <= 0) rb_thread_wait_fd(fileno(fptr->f)); @@ -546,8 +544,8 @@ ossl_ssl_write(VALUE self, VALUE str) int nwrite = 0; FILE *fp; - Data_Get_Struct(self, SSL, ssl); StringValue(str); + Data_Get_Struct(self, SSL, ssl); if (ssl) { for (;;){ diff --git a/ext/openssl/ossl_x509attr.c b/ext/openssl/ossl_x509attr.c index f03302d35..7b88e294a 100644 --- a/ext/openssl/ossl_x509attr.c +++ b/ext/openssl/ossl_x509attr.c @@ -115,11 +115,11 @@ ossl_x509attr_set_oid(VALUE self, VALUE oid) ASN1_OBJECT *obj; char *s; - GetX509Attr(self, attr); s = StringValuePtr(oid); obj = OBJ_txt2obj(s, 0); if(!obj) obj = OBJ_txt2obj(s, 1); if(!obj) ossl_raise(eX509AttrError, NULL); + GetX509Attr(self, attr); X509_ATTRIBUTE_set1_object(attr, obj); return oid; @@ -162,13 +162,13 @@ ossl_x509attr_set_value(VALUE self, VALUE value) X509_ATTRIBUTE *attr; ASN1_TYPE *a1type; - GetX509Attr(self, attr); if(!(a1type = ossl_asn1_get_asn1type(value))) ossl_raise(eASN1Error, "could not get ASN1_TYPE"); if(ASN1_TYPE_get(a1type) == V_ASN1_SEQUENCE){ ASN1_TYPE_free(a1type); ossl_raise(eASN1Error, "couldn't set SEQUENCE for attribute value."); } + GetX509Attr(self, attr); if(attr->value.set){ if(OSSL_X509ATTR_IS_SINGLE(attr)) ASN1_TYPE_free(attr->value.single); else sk_ASN1_TYPE_free(attr->value.set); diff --git a/ext/openssl/ossl_x509cert.c b/ext/openssl/ossl_x509cert.c index 443a2ba4c..fc587a31f 100644 --- a/ext/openssl/ossl_x509cert.c +++ b/ext/openssl/ossl_x509cert.c @@ -268,10 +268,10 @@ ossl_x509_set_version(VALUE self, VALUE version) X509 *x509; long ver; - GetX509(self, x509); if ((ver = NUM2LONG(version)) < 0) { ossl_raise(eX509CertError, "version must be >= 0!"); } + GetX509(self, x509); if (!X509_set_version(x509, ver)) { ossl_raise(eX509CertError, NULL); } @@ -310,7 +310,6 @@ ossl_x509_get_signature_algorithm(VALUE self) VALUE str; GetX509(self, x509); - out = BIO_new(BIO_s_mem()); if (!out) ossl_raise(eX509CertError, NULL); @@ -397,8 +396,8 @@ ossl_x509_set_not_before(VALUE self, VALUE time) X509 *x509; time_t sec; - GetX509(self, x509); sec = time_to_time_t(time); + GetX509(self, x509); if (!X509_time_adj(X509_get_notBefore(x509), 0, &sec)) { ossl_raise(eX509CertError, NULL); } @@ -426,8 +425,8 @@ ossl_x509_set_not_after(VALUE self, VALUE time) X509 *x509; time_t sec; - GetX509(self, x509); sec = time_to_time_t(time); + GetX509(self, x509); if (!X509_time_adj(X509_get_notAfter(x509), 0, &sec)) { ossl_raise(eX509CertError, NULL); } @@ -469,9 +468,9 @@ ossl_x509_sign(VALUE self, VALUE key, VALUE digest) EVP_PKEY *pkey; const EVP_MD *md; - GetX509(self, x509); pkey = GetPrivPKeyPtr(key); /* NO NEED TO DUP */ md = GetDigestPtr(digest); + GetX509(self, x509); if (!X509_sign(x509, pkey, md)) { ossl_raise(eX509CertError, NULL); } @@ -489,8 +488,8 @@ ossl_x509_verify(VALUE self, VALUE key) EVP_PKEY *pkey; int i; - GetX509(self, x509); pkey = GetPKeyPtr(key); /* NO NEED TO DUP */ + GetX509(self, x509); if ((i = X509_verify(x509, pkey)) < 0) { ossl_raise(eX509CertError, NULL); } @@ -510,9 +509,9 @@ ossl_x509_check_private_key(VALUE self, VALUE key) X509 *x509; EVP_PKEY *pkey; - GetX509(self, x509); /* not needed private key, but should be */ pkey = GetPrivPKeyPtr(key); /* NO NEED TO DUP */ + GetX509(self, x509); if (!X509_check_private_key(x509, pkey)) { OSSL_Warning("Check private key:%s", OSSL_ErrMsg()); return Qfalse; @@ -556,12 +555,12 @@ ossl_x509_set_extensions(VALUE self, VALUE ary) X509_EXTENSION *ext; int i; - GetX509(self, x509); Check_Type(ary, T_ARRAY); /* All ary's members should be X509Extension */ for (i=0; i<RARRAY(ary)->len; i++) { OSSL_Check_Kind(RARRAY(ary)->ptr[i], cX509Ext); } + GetX509(self, x509); sk_X509_EXTENSION_pop_free(x509->cert_info->extensions, X509_EXTENSION_free); x509->cert_info->extensions = NULL; for (i=0; i<RARRAY(ary)->len; i++) { diff --git a/ext/openssl/ossl_x509crl.c b/ext/openssl/ossl_x509crl.c index a7746aa2b..0dc22416e 100644 --- a/ext/openssl/ossl_x509crl.c +++ b/ext/openssl/ossl_x509crl.c @@ -146,11 +146,10 @@ ossl_x509crl_set_version(VALUE self, VALUE version) X509_CRL *crl; long ver; - GetX509CRL(self, crl); - if ((ver = NUM2LONG(version)) < 0) { ossl_raise(eX509CRLError, "version must be >= 0!"); } + GetX509CRL(self, crl); if (!X509_CRL_set_version(crl, ver)) { ossl_raise(eX509CRLError, NULL); } @@ -167,7 +166,6 @@ ossl_x509crl_get_signature_algorithm(VALUE self) VALUE str; GetX509CRL(self, crl); - if (!(out = BIO_new(BIO_s_mem()))) { ossl_raise(eX509CRLError, NULL); } @@ -220,8 +218,8 @@ ossl_x509crl_set_last_update(VALUE self, VALUE time) X509_CRL *crl; time_t sec; - GetX509CRL(self, crl); sec = time_to_time_t(time); + GetX509CRL(self, crl); if (!X509_time_adj(crl->crl->lastUpdate, 0, &sec)) { ossl_raise(eX509CRLError, NULL); } @@ -245,8 +243,8 @@ ossl_x509crl_set_next_update(VALUE self, VALUE time) X509_CRL *crl; time_t sec; - GetX509CRL(self, crl); sec = time_to_time_t(time); + GetX509CRL(self, crl); /* This must be some thinko in OpenSSL */ if (!(crl->crl->nextUpdate = X509_time_adj(crl->crl->nextUpdate, 0, &sec))){ ossl_raise(eX509CRLError, NULL); @@ -287,12 +285,12 @@ ossl_x509crl_set_revoked(VALUE self, VALUE ary) X509_REVOKED *rev; int i; - GetX509CRL(self, crl); Check_Type(ary, T_ARRAY); /* All ary members should be X509 Revoked */ for (i=0; i<RARRAY(ary)->len; i++) { OSSL_Check_Kind(RARRAY(ary)->ptr[i], cX509Rev); } + GetX509CRL(self, crl); sk_X509_REVOKED_pop_free(crl->crl->revoked, X509_REVOKED_free); crl->crl->revoked = NULL; for (i=0; i<RARRAY(ary)->len; i++) { @@ -461,12 +459,12 @@ ossl_x509crl_set_extensions(VALUE self, VALUE ary) X509_EXTENSION *ext; int i; - GetX509CRL(self, crl); Check_Type(ary, T_ARRAY); /* All ary members should be X509 Extensions */ for (i=0; i<RARRAY(ary)->len; i++) { OSSL_Check_Kind(RARRAY(ary)->ptr[i], cX509Ext); } + GetX509CRL(self, crl); sk_X509_EXTENSION_pop_free(crl->crl->extensions, X509_EXTENSION_free); crl->crl->extensions = NULL; for (i=0; i<RARRAY(ary)->len; i++) { diff --git a/ext/openssl/ossl_x509ext.c b/ext/openssl/ossl_x509ext.c index 57e005489..8ba555d3e 100644 --- a/ext/openssl/ossl_x509ext.c +++ b/ext/openssl/ossl_x509ext.c @@ -215,7 +215,6 @@ ossl_x509extfactory_create_ext(int argc, VALUE *argv, VALUE self) VALUE oid, value, critical, valstr, obj; int nid; - GetX509ExtFactory(self, ctx); rb_scan_args(argc, argv, "21", &oid, &value, &critical); StringValue(oid); StringValue(value); @@ -226,6 +225,7 @@ ossl_x509extfactory_create_ext(int argc, VALUE *argv, VALUE self) if(!nid) ossl_raise(eX509ExtError, "unknown OID `%s'", RSTRING(oid)->ptr); valstr = rb_str_new2(RTEST(critical) ? "critical," : ""); rb_str_append(valstr, value); + GetX509ExtFactory(self, ctx); ext = X509V3_EXT_conf_nid(NULL, ctx, nid, RSTRING(valstr)->ptr); if (!ext){ ossl_raise(eX509ExtError, "%s = %s", @@ -284,11 +284,11 @@ ossl_x509ext_set_oid(VALUE self, VALUE oid) ASN1_OBJECT *obj; char *s; - GetX509Ext(self, ext); s = StringValuePtr(oid); obj = OBJ_txt2obj(s, 0); if(!obj) obj = OBJ_txt2obj(s, 1); if(!obj) ossl_raise(eX509ExtError, NULL); + GetX509Ext(self, ext); X509_EXTENSION_set_object(ext, obj); return oid; @@ -301,7 +301,6 @@ ossl_x509ext_set_value(VALUE self, VALUE data) ASN1_OCTET_STRING *asn1s; char *s; - GetX509Ext(self, ext); data = ossl_to_der_if_possible(data); StringValue(data); if(!(s = OPENSSL_malloc(RSTRING(data)->len))) @@ -316,6 +315,7 @@ ossl_x509ext_set_value(VALUE self, VALUE data) ASN1_OCTET_STRING_free(asn1s); ossl_raise(eX509ExtError, NULL); } + GetX509Ext(self, ext); X509_EXTENSION_set_data(ext, asn1s); return data; @@ -376,6 +376,7 @@ static VALUE ossl_x509ext_get_critical(VALUE obj) { X509_EXTENSION *ext; + GetX509Ext(obj, ext); return X509_EXTENSION_get_critical(ext) ? Qtrue : Qfalse; } diff --git a/ext/openssl/ossl_x509name.c b/ext/openssl/ossl_x509name.c index b19815750..4a077af2d 100644 --- a/ext/openssl/ossl_x509name.c +++ b/ext/openssl/ossl_x509name.c @@ -119,19 +119,22 @@ ossl_x509name_initialize(int argc, VALUE *argv, VALUE self) if (rb_scan_args(argc, argv, "02", &arg, &template) == 0) { return self; } - else if (rb_obj_is_kind_of(arg, rb_cArray) == Qtrue){ - VALUE args; - if(NIL_P(template)) template = OBJECT_TYPE_TEMPLATE; - args = rb_ary_new3(2, self, template); - rb_iterate(rb_each, arg, ossl_x509name_init_i, args); - } - else{ - unsigned char *p; - VALUE str = ossl_to_der_if_possible(arg); - StringValue(str); - p = RSTRING(str)->ptr; - if(!d2i_X509_NAME((X509_NAME**)&DATA_PTR(self), &p, RSTRING(str)->len)){ - ossl_raise(eX509NameError, NULL); + else { + VALUE tmp = rb_check_array_type(arg); + if (!NIL_P(tmp)) { + VALUE args; + if(NIL_P(template)) template = OBJECT_TYPE_TEMPLATE; + args = rb_ary_new3(2, self, template); + rb_iterate(rb_each, tmp, ossl_x509name_init_i, args); + } + else{ + unsigned char *p; + VALUE str = ossl_to_der_if_possible(arg); + StringValue(str); + p = RSTRING(str)->ptr; + if(!d2i_X509_NAME((X509_NAME**)&DATA_PTR(self), &p, RSTRING(str)->len)){ + ossl_raise(eX509NameError, NULL); + } } } @@ -182,13 +185,13 @@ ossl_x509name_to_a(VALUE self) const char *short_name; VALUE ary, ret; - GetX509Name(self, name); entries = X509_NAME_entry_count(name); if (entries < 0) { OSSL_Debug("name entries < 0!"); return rb_ary_new(); } ret = rb_ary_new2(entries); + GetX509Name(self, name); for (i=0; i<entries; i++) { if (!(entry = X509_NAME_get_entry(name, i))) { ossl_raise(eX509NameError, NULL); diff --git a/ext/openssl/ossl_x509req.c b/ext/openssl/ossl_x509req.c index c53273999..35c520194 100644 --- a/ext/openssl/ossl_x509req.c +++ b/ext/openssl/ossl_x509req.c @@ -240,10 +240,10 @@ ossl_x509req_set_version(VALUE self, VALUE version) X509_REQ *req; long ver; - GetX509Req(self, req); if ((ver = FIX2LONG(version)) < 0) { ossl_raise(eX509ReqError, "version must be >= 0!"); } + GetX509Req(self, req); if (!X509_REQ_set_version(req, ver)) { ossl_raise(eX509ReqError, NULL); } @@ -400,13 +400,13 @@ ossl_x509req_set_attributes(VALUE self, VALUE ary) X509_REQ *req; X509_ATTRIBUTE *attr; int i; - VALUE item; + VALUE tmp, item; - GetX509Req(self, req); Check_Type(ary, T_ARRAY); for (i=0;i<RARRAY(ary)->len; i++) { OSSL_Check_Kind(RARRAY(ary)->ptr[i], cX509Attr); } + GetX509Req(self, req); sk_X509_ATTRIBUTE_pop_free(req->req_info->attributes, X509_ATTRIBUTE_free); req->req_info->attributes = NULL; for (i=0;i<RARRAY(ary)->len; i++) { diff --git a/ext/openssl/ossl_x509revoked.c b/ext/openssl/ossl_x509revoked.c index 30ce75207..3ccac8d26 100644 --- a/ext/openssl/ossl_x509revoked.c +++ b/ext/openssl/ossl_x509revoked.c @@ -129,8 +129,8 @@ ossl_x509revoked_set_time(VALUE self, VALUE time) X509_REVOKED *rev; time_t sec; - GetX509Rev(self, rev); sec = time_to_time_t(time); + GetX509Rev(self, rev); if (!X509_time_adj(rev->revocationDate, 0, &sec)) { ossl_raise(eX509RevError, NULL); } @@ -174,11 +174,11 @@ ossl_x509revoked_set_extensions(VALUE self, VALUE ary) int i; VALUE item; - GetX509Rev(self, rev); Check_Type(ary, T_ARRAY); for (i=0; i<RARRAY(ary)->len; i++) { OSSL_Check_Kind(RARRAY(ary)->ptr[i], cX509Ext); } + GetX509Rev(self, rev); sk_X509_EXTENSION_pop_free(rev->extensions, X509_EXTENSION_free); rev->extensions = NULL; for (i=0; i<RARRAY(ary)->len; i++) { diff --git a/ext/openssl/ossl_x509store.c b/ext/openssl/ossl_x509store.c index 4c5f0624a..45d4aee6c 100644 --- a/ext/openssl/ossl_x509store.c +++ b/ext/openssl/ossl_x509store.c @@ -146,9 +146,10 @@ ossl_x509store_set_flags(VALUE self, VALUE flags) { #if (OPENSSL_VERSION_NUMBER >= 0x00907000L) X509_STORE *store; + long f = NUM2LONG(flags); GetX509Store(self, store); - X509_STORE_set_flags(store, NUM2LONG(flags)); + X509_STORE_set_flags(store, f); #else rb_iv_set(self, "@flags", flags); #endif @@ -161,9 +162,10 @@ ossl_x509store_set_purpose(VALUE self, VALUE purpose) { #if (OPENSSL_VERSION_NUMBER >= 0x00907000L) X509_STORE *store; + long p = NUM2LONG(purpose); GetX509Store(self, store); - X509_STORE_set_purpose(store, NUM2LONG(purpose)); + X509_STORE_set_purpose(store, p); #else rb_iv_set(self, "@purpose", purpose); #endif @@ -176,9 +178,10 @@ ossl_x509store_set_trust(VALUE self, VALUE trust) { #if (OPENSSL_VERSION_NUMBER >= 0x00907000L) X509_STORE *store; + long t = NUM2LONG(trust); GetX509Store(self, store); - X509_STORE_set_trust(store, NUM2LONG(trust)); + X509_STORE_set_trust(store, t); #else rb_iv_set(self, "@trust", trust); #endif @@ -338,8 +341,8 @@ ossl_x509stctx_initialize(int argc, VALUE *argv, VALUE self) X509 *x509 = NULL; STACK_OF(X509) *x509s = NULL; - GetX509StCtx(self, ctx); rb_scan_args(argc, argv, "12", &store, &cert, &chain); + GetX509StCtx(self, ctx); SafeGetX509Store(store, x509st); if(!NIL_P(cert)) x509 = DupX509CertPtr(cert); /* NEED TO DUP */ if(!NIL_P(chain)) x509s = ossl_x509_ary2sk(chain); @@ -483,9 +486,10 @@ static VALUE ossl_x509stctx_set_flags(VALUE self, VALUE flags) { X509_STORE_CTX *store; + long f = NUM2LONG(flags); GetX509StCtx(self, store); - X509_STORE_CTX_set_flags(store, NUM2LONG(flags)); + X509_STORE_CTX_set_flags(store, f); return flags; } @@ -494,9 +498,10 @@ static VALUE ossl_x509stctx_set_purpose(VALUE self, VALUE purpose) { X509_STORE_CTX *store; + long p = NUM2LONG(purpose); GetX509StCtx(self, store); - X509_STORE_CTX_set_purpose(store, NUM2LONG(purpose)); + X509_STORE_CTX_set_purpose(store, p); return purpose; } @@ -505,9 +510,10 @@ static VALUE ossl_x509stctx_set_trust(VALUE self, VALUE trust) { X509_STORE_CTX *store; + long t = NUM2LONG(trust); GetX509StCtx(self, store); - X509_STORE_CTX_set_trust(store, NUM2LONG(trust)); + X509_STORE_CTX_set_trust(store, t); return trust; } diff --git a/lib/cgi/session.rb b/lib/cgi/session.rb index 1c493546f..50abf3213 100644 --- a/lib/cgi/session.rb +++ b/lib/cgi/session.rb @@ -155,6 +155,9 @@ class CGI # class Session + #:nodoc: + class NoSession < RuntimeError; end + # The id of this session. attr_reader :session_id, :new_session @@ -243,35 +246,43 @@ class CGI def initialize(request, option={}) @new_session = false session_key = option['session_key'] || '_session_id' - id = option['session_id'] - unless id + session_id = option['session_id'] + unless session_id if option['new_session'] - id = create_new_id + session_id = create_new_id end end - unless id + unless session_id if request.key?(session_key) - id = request[session_key] - id = id.read if id.respond_to?(:read) + session_id = request[session_key] + session_id = session_id.read if session_id.respond_to?(:read) end - unless id - id, = request.cookies[session_key] + unless session_id + session_id, = request.cookies[session_key] end - unless id + unless session_id if option.key?('new_session') and not option['new_session'] raise ArgumentError, "session_key `%s' should be supplied"%session_key end - id = create_new_id + session_id = create_new_id end end - @session_id = id + @session_id = session_id dbman = option['database_manager'] || FileStore - @dbman = dbman::new(self, option) + begin + @dbman = dbman::new(self, option) + rescue NoSession + if option.key?('new_session') and not option['new_session'] + raise ArgumentError, "invalid session_id `%s'"%session_id + end + session_id = @session_id = create_new_id + retry + end request.instance_eval do - @output_hidden = {session_key => id} + @output_hidden = {session_key => session_id} @output_cookies = [ Cookie::new("name" => session_key, - "value" => id, + "value" => session_id, "expires" => option['session_expires'], "domain" => option['session_domain'], "secure" => option['session_secure'], @@ -371,7 +382,7 @@ class CGI @path = dir+"/"+prefix+md5+suffix unless File::exist? @path unless session.new_session - raise RuntimeError, "uninitialized session" + raise CGI::Session::NoSession, "uninitialized session" end @hash = {} end @@ -441,7 +452,7 @@ class CGI @session_id = session.session_id unless GLOBAL_HASH_TABLE.key?(@session_id) unless session.new_session - raise RuntimeError, "uninitialized session" + raise CGI::Session::NoSession, "uninitialized session" end GLOBAL_HASH_TABLE[@session_id] = {} end diff --git a/lib/cgi/session/pstore.rb b/lib/cgi/session/pstore.rb index e65a2a97d..696f6f2d3 100644 --- a/lib/cgi/session/pstore.rb +++ b/lib/cgi/session/pstore.rb @@ -63,7 +63,7 @@ class CGI path.untaint unless File::exist?(path) unless session.new_session - raise RuntimeError, "uninitialized session" + raise CGI::Session::NoSession, "uninitialized session" end @hash = {} end diff --git a/lib/jcode.rb b/lib/jcode.rb index efb21af33..691d22daf 100644 --- a/lib/jcode.rb +++ b/lib/jcode.rb @@ -91,9 +91,7 @@ class String def succ str = self.dup - p [self.object_id, str.object_id] str.succ! or str -# (str = self.dup).succ! or str end private |