* ext/openssl/ossl_ssl.c (ossl_ssl_peer_cert_chain): add new method

SSLSocket#peer_cert_chain. * ext/openssl/ossl_x509req.c (GetX509ReqPtr): new function which returns underlying X509_REQ. * ext/openssl/ossl_x509ext.c (ossl_x509extfactory_set_issuer_cert, ossl_x509extfactory_set_subject_cert, ossl_x509extfactory_set_crl, ossl_x509extfactory_set_subject_req, ossl_x509extfactory_set_config): use underlying C struct without duplication not to leak momory. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4884 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2003-11-01 09:24:55 +00:00 · 2003-11-01 09:24:55 +00:00 · fc133b8997
commit fc133b8997
parent 09125ff3d0
5 changed files with 55 additions and 5 deletions
--- a/13
+++ b/13
@ -1,3 +1,16 @@
 Sat Nov  1 18:21:09 2003 GOTOU Yuuzou  <gotoyuzo@notwork.org>
 	* ext/openssl/ossl_ssl.c (ossl_ssl_peer_cert_chain): add new method
 	  SSLSocket#peer_cert_chain.
 	* ext/openssl/ossl_x509req.c (GetX509ReqPtr): new function
 	  which returns underlying X509_REQ.
 	* ext/openssl/ossl_x509ext.c (ossl_x509extfactory_set_issuer_cert,
 	  ossl_x509extfactory_set_subject_cert, ossl_x509extfactory_set_crl,
 	  ossl_x509extfactory_set_subject_req, ossl_x509extfactory_set_config):
 	  use underlying C struct without duplication not to leak momory.
 Sat Nov  1 18:11:18 2003  Akinori MUSHA  <knu@iDaemons.org>
 	* ext/io/wait/wait.c: #include <sys/time.h> is needed for struct
--- a/ext/openssl/ossl_ssl.c
+++ b/ext/openssl/ossl_ssl.c
@ -603,6 +603,31 @@ ossl_ssl_get_peer_cert(VALUE self)
    return obj;
 }
 static VALUE
 ossl_ssl_get_peer_cert_chain(VALUE self)
 {
    SSL *ssl;
    STACK_OF(X509) *chain;
    X509 *cert;
    VALUE ary;
    int i, num;
    Data_Get_Struct(self, SSL, ssl);
    if(!ssl){
 	rb_warning("SSL session is not started yet.");
 	return Qnil;
    }
    chain = SSL_get_peer_cert_chain(ssl);
    num = sk_num(chain);
    ary = rb_ary_new2(num);
    for (i = 0; i < num; i++){
 	cert = (X509*)sk_value(chain, i);
 	rb_ary_push(ary, ossl_x509_new(cert));
    }
    return ary;
 }
 static VALUE
 ossl_ssl_get_cipher(VALUE self)
 {
@ -674,6 +699,7 @@ Init_ossl_ssl()
    rb_define_method(cSSLSocket, "sysclose",   ossl_ssl_close, 0);
    rb_define_method(cSSLSocket, "cert",       ossl_ssl_get_cert, 0);
    rb_define_method(cSSLSocket, "peer_cert",  ossl_ssl_get_peer_cert, 0);
    rb_define_method(cSSLSocket, "peer_cert_chain", ossl_ssl_get_peer_cert_chain, 0);
    rb_define_method(cSSLSocket, "cipher",     ossl_ssl_get_cipher, 0);
    rb_define_method(cSSLSocket, "state",      ossl_ssl_get_state, 0);
--- a/ext/openssl/ossl_x509.h
+++ b/ext/openssl/ossl_x509.h
@ -80,6 +80,7 @@ extern VALUE cX509Req;
 extern VALUE eX509ReqError;
 VALUE ossl_x509req_new(X509_REQ *);
 X509_REQ *GetX509ReqPtr(VALUE);
 X509_REQ *DupX509ReqPtr(VALUE);
 void Init_ossl_x509req(void);
--- a/ext/openssl/ossl_x509ext.c
+++ b/ext/openssl/ossl_x509ext.c
@ -118,7 +118,7 @@ ossl_x509extfactory_set_issuer_cert(VALUE self, VALUE cert)
    GetX509ExtFactory(self, ctx);
    rb_iv_set(self, "@issuer_certificate", cert);
-    ctx->issuer_cert = DupX509CertPtr(cert); /* DUP NEEDED */
+    ctx->issuer_cert = GetX509CertPtr(cert); /* NO DUP NEEDED */
    return cert;
 }
@ -130,7 +130,7 @@ ossl_x509extfactory_set_subject_cert(VALUE self, VALUE cert)
    GetX509ExtFactory(self, ctx);
    rb_iv_set(self, "@subject_certificate", cert);
-    ctx->subject_cert = DupX509CertPtr(cert); /* DUP NEEDED */
+    ctx->subject_cert = GetX509CertPtr(cert); /* NO DUP NEEDED */
    return cert;
 }
@ -142,7 +142,7 @@ ossl_x509extfactory_set_subject_req(VALUE self, VALUE req)
    GetX509ExtFactory(self, ctx);
    rb_iv_set(self, "@subject_request", req);
-    ctx->subject_req = DupX509ReqPtr(req);
+    ctx->subject_req = GetX509ReqPtr(req); /* NO DUP NEEDED */
    return req;
 }
@ -154,7 +154,7 @@ ossl_x509extfactory_set_crl(VALUE self, VALUE crl)
    GetX509ExtFactory(self, ctx);
    rb_iv_set(self, "@crl", crl);
-    ctx->crl = DupX509CRLPtr(crl);
+    ctx->crl = GetX509CRLPtr(crl); /* NO DUP NEEDED */
    return crl;
 }
@ -168,7 +168,7 @@ ossl_x509extfactory_set_config(VALUE self, VALUE config)
    GetX509ExtFactory(self, ctx);
    rb_iv_set(self, "@config", config);
-    conf = GetConfigPtr(config);
+    conf = GetConfigPtr(config);  /* NO DUP NEEDED */
    X509V3_set_nconf(ctx, conf);
    return config;
--- a/ext/openssl/ossl_x509req.c
+++ b/ext/openssl/ossl_x509req.c
@ -55,6 +55,16 @@ ossl_x509req_new(X509_REQ *req)
    return obj;
 }
 X509_REQ *
 GetX509ReqPtr(VALUE obj)
 {
    X509_REQ *req;
    SafeGetX509Req(obj, req);
    return req;
 }
 X509_REQ *
 DupX509ReqPtr(VALUE obj)
 {