Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

make cert/crl/name/attr/revoked/ext/extfactory shareable when frozen #816

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

make cert/crl/name/attr/revoked/ext/extfactory shareable when frozen #816

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 6 additions & 2 deletions ext/openssl/ossl_x509attr.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,7 @@ ossl_x509attr_initialize(int argc, VALUE *argv, VALUE self)
X509_ATTRIBUTE *attr, *x;
const unsigned char *p;

rb_check_frozen(self);
GetX509Attr(self, attr);
if(rb_scan_args(argc, argv, "11", &oid, &value) == 1){
oid = ossl_to_der_if_possible(oid);
Expand All @@ -128,7 +129,6 @@ ossl_x509attr_initialize_copy(VALUE self, VALUE other)
{
X509_ATTRIBUTE *attr, *attr_other, *attr_new;

rb_check_frozen(self);
GetX509Attr(self, attr);
GetX509Attr(other, attr_other);

Expand All @@ -153,6 +153,7 @@ ossl_x509attr_set_oid(VALUE self, VALUE oid)
ASN1_OBJECT *obj;
char *s;

rb_check_frozen(self);
GetX509Attr(self, attr);
s = StringValueCStr(oid);
obj = OBJ_txt2obj(s, 0);
Expand Down Expand Up @@ -201,9 +202,12 @@ static VALUE
ossl_x509attr_set_value(VALUE self, VALUE value)
{
X509_ATTRIBUTE *attr;
GetX509Attr(self, attr);

rb_check_frozen(self);

OSSL_Check_Kind(value, cASN1Data);
GetX509Attr(self, attr);

VALUE der = ossl_to_der(value);
const unsigned char *p = (const unsigned char *)RSTRING_PTR(der);
STACK_OF(ASN1_TYPE) *sk = d2i_ASN1_SET_ANY(NULL, &p, RSTRING_LEN(der));
Expand Down
13 changes: 12 additions & 1 deletion ext/openssl/ossl_x509cert.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ static const rb_data_type_t ossl_x509_type = {
{
0, ossl_x509_free,
},
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED | RUBY_TYPED_FROZEN_SHAREABLE,
};

/*
Expand Down Expand Up @@ -279,6 +279,7 @@ ossl_x509_set_version(VALUE self, VALUE version)
X509 *x509;
long ver;

rb_check_frozen(self);
if ((ver = NUM2LONG(version)) < 0) {
ossl_raise(eX509CertError, "version must be >= 0!");
}
Expand Down Expand Up @@ -313,6 +314,7 @@ ossl_x509_set_serial(VALUE self, VALUE num)
{
X509 *x509;

rb_check_frozen(self);
GetX509(self, x509);
X509_set_serialNumber(x509, num_to_asn1integer(num, X509_get_serialNumber(x509)));

Expand Down Expand Up @@ -370,6 +372,7 @@ ossl_x509_set_subject(VALUE self, VALUE subject)
{
X509 *x509;

rb_check_frozen(self);
GetX509(self, x509);
if (!X509_set_subject_name(x509, GetX509NamePtr(subject))) { /* DUPs name */
ossl_raise(eX509CertError, NULL);
Expand Down Expand Up @@ -405,6 +408,7 @@ ossl_x509_set_issuer(VALUE self, VALUE issuer)
{
X509 *x509;

rb_check_frozen(self);
GetX509(self, x509);
if (!X509_set_issuer_name(x509, GetX509NamePtr(issuer))) { /* DUPs name */
ossl_raise(eX509CertError, NULL);
Expand Down Expand Up @@ -441,6 +445,7 @@ ossl_x509_set_not_before(VALUE self, VALUE time)
X509 *x509;
ASN1_TIME *asn1time;

rb_check_frozen(self);
GetX509(self, x509);
asn1time = ossl_x509_time_adjust(NULL, time);
if (!X509_set1_notBefore(x509, asn1time)) {
Expand Down Expand Up @@ -480,6 +485,7 @@ ossl_x509_set_not_after(VALUE self, VALUE time)
X509 *x509;
ASN1_TIME *asn1time;

rb_check_frozen(self);
GetX509(self, x509);
asn1time = ossl_x509_time_adjust(NULL, time);
if (!X509_set1_notAfter(x509, asn1time)) {
Expand Down Expand Up @@ -519,6 +525,7 @@ ossl_x509_set_public_key(VALUE self, VALUE key)
X509 *x509;
EVP_PKEY *pkey;

rb_check_frozen(self);
GetX509(self, x509);
pkey = GetPKeyPtr(key);
ossl_pkey_check_public_key(pkey);
Expand All @@ -538,6 +545,7 @@ ossl_x509_sign(VALUE self, VALUE key, VALUE digest)
EVP_PKEY *pkey;
const EVP_MD *md;

rb_check_frozen(self);
pkey = GetPrivPKeyPtr(key); /* NO NEED TO DUP */
if (NIL_P(digest)) {
md = NULL; /* needed for some key types, e.g. Ed25519 */
Expand Down Expand Up @@ -641,6 +649,7 @@ ossl_x509_set_extensions(VALUE self, VALUE ary)
long i;

Check_Type(ary, T_ARRAY);
rb_check_frozen(self);
/* All ary's members should be X509Extension */
for (i=0; i<RARRAY_LEN(ary); i++) {
OSSL_Check_Kind(RARRAY_AREF(ary, i), cX509Ext);
Expand Down Expand Up @@ -668,6 +677,7 @@ ossl_x509_add_extension(VALUE self, VALUE extension)
X509 *x509;
X509_EXTENSION *ext;

rb_check_frozen(self);
GetX509(self, x509);
ext = GetX509ExtPtr(extension);
if (!X509_add_ext(x509, ext, -1)) { /* DUPs ext - FREE it */
Expand Down Expand Up @@ -727,6 +737,7 @@ ossl_x509_tbs_bytes(VALUE self)
unsigned char *p0;
VALUE str;

rb_check_frozen(self);
GetX509(self, x509);
len = i2d_re_X509_tbs(x509, NULL);
if (len <= 0) {
Expand Down
10 changes: 9 additions & 1 deletion ext/openssl/ossl_x509crl.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ static const rb_data_type_t ossl_x509crl_type = {
{
0, ossl_x509crl_free,
},
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED | RUBY_TYPED_FROZEN_SHAREABLE,
};

/*
Expand Down Expand Up @@ -153,6 +153,7 @@ ossl_x509crl_set_version(VALUE self, VALUE version)
X509_CRL *crl;
long ver;

rb_check_frozen(self);
if ((ver = NUM2LONG(version)) < 0) {
ossl_raise(eX509CRLError, "version must be >= 0!");
}
Expand Down Expand Up @@ -199,6 +200,7 @@ ossl_x509crl_set_issuer(VALUE self, VALUE issuer)
{
X509_CRL *crl;

rb_check_frozen(self);
GetX509CRL(self, crl);

if (!X509_CRL_set_issuer_name(crl, GetX509NamePtr(issuer))) { /* DUPs name */
Expand Down Expand Up @@ -227,6 +229,7 @@ ossl_x509crl_set_last_update(VALUE self, VALUE time)
X509_CRL *crl;
ASN1_TIME *asn1time;

rb_check_frozen(self);
GetX509CRL(self, crl);
asn1time = ossl_x509_time_adjust(NULL, time);
if (!X509_CRL_set1_lastUpdate(crl, asn1time)) {
Expand Down Expand Up @@ -302,6 +305,7 @@ ossl_x509crl_set_revoked(VALUE self, VALUE ary)
STACK_OF(X509_REVOKED) *sk;
long i;

rb_check_frozen(self);
Check_Type(ary, T_ARRAY);
/* All ary members should be X509 Revoked */
for (i=0; i<RARRAY_LEN(ary); i++) {
Expand Down Expand Up @@ -330,6 +334,7 @@ ossl_x509crl_add_revoked(VALUE self, VALUE revoked)
X509_CRL *crl;
X509_REVOKED *rev;

rb_check_frozen(self);
GetX509CRL(self, crl);
rev = DupX509RevokedPtr(revoked);
if (!X509_CRL_add0_revoked(crl, rev)) { /* NO DUP - don't free! */
Expand All @@ -348,6 +353,7 @@ ossl_x509crl_sign(VALUE self, VALUE key, VALUE digest)
EVP_PKEY *pkey;
const EVP_MD *md;

rb_check_frozen(self);
GetX509CRL(self, crl);
pkey = GetPrivPKeyPtr(key); /* NO NEED TO DUP */
if (NIL_P(digest)) {
Expand Down Expand Up @@ -473,6 +479,7 @@ ossl_x509crl_set_extensions(VALUE self, VALUE ary)
long i;

Check_Type(ary, T_ARRAY);
rb_check_frozen(self);
/* All ary members should be X509 Extensions */
for (i=0; i<RARRAY_LEN(ary); i++) {
OSSL_Check_Kind(RARRAY_AREF(ary, i), cX509Ext);
Expand All @@ -496,6 +503,7 @@ ossl_x509crl_add_extension(VALUE self, VALUE extension)
X509_CRL *crl;
X509_EXTENSION *ext;

rb_check_frozen(self);
GetX509CRL(self, crl);
ext = GetX509ExtPtr(extension);
if (!X509_CRL_add_ext(crl, ext, -1)) {
Expand Down
37 changes: 35 additions & 2 deletions ext/openssl/ossl_x509ext.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ static const rb_data_type_t ossl_x509ext_type = {
{
0, ossl_x509ext_free,
},
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED | RUBY_TYPED_FROZEN_SHAREABLE,
};

/*
Expand Down Expand Up @@ -108,7 +108,7 @@ static const rb_data_type_t ossl_x509extfactory_type = {
{
0, ossl_x509extfactory_free,
},
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED | RUBY_TYPED_FROZEN_SHAREABLE,
};

static VALUE
Expand Down Expand Up @@ -181,6 +181,7 @@ ossl_x509extfactory_initialize(int argc, VALUE *argv, VALUE self)

rb_scan_args(argc, argv, "04",
&issuer_cert, &subject_cert, &subject_req, &crl);
rb_check_frozen(self);
if (!NIL_P(issuer_cert))
ossl_x509extfactory_set_issuer_cert(self, issuer_cert);
if (!NIL_P(subject_cert))
Expand Down Expand Up @@ -281,6 +282,7 @@ ossl_x509ext_initialize(int argc, VALUE *argv, VALUE self)
const unsigned char *p;
X509_EXTENSION *ext, *x;

rb_check_frozen(self);
GetX509Ext(self, ext);
if(rb_scan_args(argc, argv, "12", &oid, &value, &critical) == 1){
oid = ossl_to_der_if_possible(oid);
Expand Down Expand Up @@ -318,12 +320,17 @@ ossl_x509ext_initialize_copy(VALUE self, VALUE other)
return self;
}

/*
* call-seq:
* extension.oid = string => string
*/
static VALUE
ossl_x509ext_set_oid(VALUE self, VALUE oid)
{
X509_EXTENSION *ext;
ASN1_OBJECT *obj;

rb_check_frozen(self);
GetX509Ext(self, ext);
obj = OBJ_txt2obj(StringValueCStr(oid), 0);
if (!obj)
Expand All @@ -337,12 +344,17 @@ ossl_x509ext_set_oid(VALUE self, VALUE oid)
return oid;
}

/*
* call-seq:
* extension.value = string => string
*/
static VALUE
ossl_x509ext_set_value(VALUE self, VALUE data)
{
X509_EXTENSION *ext;
ASN1_OCTET_STRING *asn1s;

rb_check_frozen(self);
GetX509Ext(self, ext);
data = ossl_to_der_if_possible(data);
StringValue(data);
Expand All @@ -356,17 +368,26 @@ ossl_x509ext_set_value(VALUE self, VALUE data)
return data;
}

/*
* call-seq:
* extension.critical = bool => bool
*/
static VALUE
ossl_x509ext_set_critical(VALUE self, VALUE flag)
{
X509_EXTENSION *ext;

rb_check_frozen(self);
GetX509Ext(self, ext);
X509_EXTENSION_set_critical(ext, RTEST(flag) ? 1 : 0);

return flag;
}

/*
* call-seq:
* extension.oid => string
*/
static VALUE
ossl_x509ext_get_oid(VALUE obj)
{
Expand All @@ -390,6 +411,10 @@ ossl_x509ext_get_oid(VALUE obj)
return ret;
}

/*
* call-seq:
* extension.value => string
*/
static VALUE
ossl_x509ext_get_value(VALUE obj)
{
Expand Down Expand Up @@ -420,6 +445,10 @@ ossl_x509ext_get_value_der(VALUE obj)
return rb_str_new((const char *)value->data, value->length);
}

/*
* call-seq:
* extension.critical = bool
*/
static VALUE
ossl_x509ext_get_critical(VALUE obj)
{
Expand All @@ -429,6 +458,10 @@ ossl_x509ext_get_critical(VALUE obj)
return X509_EXTENSION_get_critical(ext) ? Qtrue : Qfalse;
}

/*
* call-seq:
* extension.to_der => string
*/
static VALUE
ossl_x509ext_to_der(VALUE obj)
{
Expand Down
4 changes: 3 additions & 1 deletion ext/openssl/ossl_x509name.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ static const rb_data_type_t ossl_x509name_type = {
{
0, ossl_x509name_free,
},
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED
};

/*
Expand Down Expand Up @@ -148,6 +148,7 @@ ossl_x509name_initialize(int argc, VALUE *argv, VALUE self)
X509_NAME *name;
VALUE arg, template;

rb_check_frozen(self);
GetX509Name(self, name);
if (rb_scan_args(argc, argv, "02", &arg, &template) == 0) {
return self;
Expand Down Expand Up @@ -229,6 +230,7 @@ VALUE ossl_x509name_add_entry(int argc, VALUE *argv, VALUE self)
kwargs_ids[1] = rb_intern_const("set");
}
rb_scan_args(argc, argv, "21:", &oid, &value, &type, &opts);
rb_check_frozen(self);
rb_get_kwargs(opts, kwargs_ids, 0, 2, kwargs);
oid_name = StringValueCStr(oid);
StringValue(value);
Expand Down
Loading