[ruby-dev:39053] OpenSSL 1.0.0 support
From:
Takahiro Kambe <taca@...>
Date:
2009-08-09 08:01:30 UTC
List:
ruby-dev #39053
こんにちは。
NetBSD currentにOpenSSL 1.0.0系列のなsnap shotが取り込まれてからRubyの
openssl拡張がコンパイルできないという報告がありました。
ざーっと見直して、ウォーニングを減らす方向で修正してみましたが、かなり
の変更箇所がOpenSSLにあることが改めてわかりました。Rubyのベースは、
Ruby 1.8.7 patchlevel 174です。
なお、openssl_missing.hあたりは暫くdownする前のsvn.ruby-lang.orgの変更
点をそのまま採り入れている部分もあります。一応、
- OpenSSL 1.1.0-dev 10 Jul 2009 on NetBSD current (5.99.15)
- OpenSSL 0.9.9-dev 09 May 2008 on NetBSD 5.0_STABLE
- OpenSSL 0.9.8e 23 Feb 2007 on NetBSD 4.0_STABLE
でコンパイルを確認しました。OpenSSL 1.1.0-dev以外はウォーニングをなく
すことができました。
OpenSSL 1.1.0-devは、ossl_x509attr.cのossl_x509attr_get_value()で、
ossl_x509attr.c:220: warning: passing argument 1 of 'i2d_ASN1_SET' from incompat
ible pointer type
ossl_x509attr.c:224: warning: passing argument 1 of 'i2d_ASN1_SET' from incompat
ible pointer type
と、なります。該当箇所は、以下のi2d_ASN1_SET_OF_ASN1_TYPEが展開された
後のi2d_ASN1_SET()の第1引数ということになりますが、これはよくわかりま
せんでしたが、なんかまずそうな...?
else{
length = i2d_ASN1_SET_OF_ASN1_TYPE(attr->value.set, NULL,
i2d_ASN1_TYPE, V_ASN1_SET, V_ASN1_UNIVERSAL, 0);
str = rb_str_new(0, length);
p = RSTRING_PTR(str);
i2d_ASN1_SET_OF_ASN1_TYPE(attr->value.set, &p,
i2d_ASN1_TYPE, V_ASN1_SET, V_ASN1_UNIVERSAL, 0);
ossl_str_adjust(str, p);
}
0.9.8より古い、OpenSSLの0.9.6や0.9.7での確認はできていません。
以下、パッチの内容のまとめです。
openssl_missing.h
* i2d_of_void型を使って、ウォーニングをなくす修正。
ossl.h
* OpenSSL 0.9.9以降でだけconstとするOSSL_CONSTを追加。
ossl.c
* OSSL_IMPL_SK2ARY()マクロ中の変更。
- OpenSSL 1.0.0以降でSTACKは_STACKと名前が変更されてい
ることもあり、直接使用する代わりにSTACK_OF()マクロを
使用するように修正。
- sk_num()やsk_value()をキャストして使用するのではなく、
実際の型用に生成されている関数を使用するように修正。
ossl_asn1.c
ossl_cipher.c
ossl_engine.c
ossl_ns_spki.c
ossl_ocsp.c
ossl_x509attr.c
ossl_x509cert.c
ossl_x509ext.c
ossl_x509name.c
* const追加。
ossl_config.c
* IMPLEMENT_LHASH_DOALL_ARG_FN()のパラメータに渡された関数名は
そのまま使用されず、"_doall_arg"を付加した関数を呼び出すよう
に変更されたことへの対応。(OpenSSL 1.0.0)以降
* lh_doall_arg()を直接使うのではなく、LHM_lh_doall_arg()を使用
するように変更。(OpenSSL 1.0.0)以降
* const追加。
ossl_pkcs7.c
* certsかcrlsのいずれかを返すというpkcs7_get_certs_or_crls()は、
実行前にどちらを返すかは決まっていることから、別々の関数に分
離した上で、それぞれに応じた型を返す関数に変更。
(元のpkcs7_get_certs_or_crls()は、無理矢理コードを共用しよう
としていたように見えます。)
ossl_ssl.c
* OpenSSL 0.9.9以降だけのconst追加(OSSL_CONST)。
* const追加。
* キャストと共にsk_num()やsk_value()を使用するのではなく、それ
ぞれの型に応じて用意されている関数を使用。
ossl_x509crl.c
* sk_X509_REVOKED_num()を使用すべきところにsk_X509_CRL_num()を
使用している(?)のを修正。
以上、おそらくRuby 1.9等も同様の影響はあると思います。
--
神戸 隆博 / Takahiro Kambe
Index: ext/openssl/openssl_missing.h
--- ext/openssl/openssl_missing.h.orig 2008-08-04 13:44:17.000000000 +0900
+++ ext/openssl/openssl_missing.h
@@ -18,6 +18,9 @@ extern "C" {
#ifndef TYPEDEF_D2I_OF
typedef char *d2i_of_void();
#endif
+#ifndef TYPEDEF_I2D_OF
+typedef int i2d_of_void();
+#endif
/*
* These functions are not included in headers of OPENSSL <= 0.9.6b
@@ -25,39 +28,39 @@ typedef char *d2i_of_void();
#if !defined(PEM_read_bio_DSAPublicKey)
# define PEM_read_bio_DSAPublicKey(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
- (char *(*)())d2i_DSAPublicKey,PEM_STRING_DSA_PUBLIC,bp,(char **)x,cb,u)
+ (d2i_of_void *)d2i_DSAPublicKey,PEM_STRING_DSA_PUBLIC,bp,x,cb,u)
#endif
#if !defined(PEM_write_bio_DSAPublicKey)
# define PEM_write_bio_DSAPublicKey(bp,x) \
- PEM_ASN1_write_bio((int (*)())i2d_DSAPublicKey,\
+ PEM_ASN1_write_bio((i2d_of_void *)i2d_DSAPublicKey,\
PEM_STRING_DSA_PUBLIC,\
bp,(char *)x, NULL, NULL, 0, NULL, NULL)
#endif
#if !defined(DSAPrivateKey_dup)
-# define DSAPrivateKey_dup(dsa) (DSA *)ASN1_dup((int (*)())i2d_DSAPrivateKey, \
- (char *(*)())d2i_DSAPrivateKey,(char *)dsa)
+# define DSAPrivateKey_dup(dsa) (DSA *)ASN1_dup((i2d_of_void *)i2d_DSAPrivateKey, \
+ (d2i_of_void *)d2i_DSAPrivateKey,(char *)dsa)
#endif
#if !defined(DSAPublicKey_dup)
-# define DSAPublicKey_dup(dsa) (DSA *)ASN1_dup((int (*)())i2d_DSAPublicKey, \
- (char *(*)())d2i_DSAPublicKey,(char *)dsa)
+# define DSAPublicKey_dup(dsa) (DSA *)ASN1_dup((i2d_of_void *)i2d_DSAPublicKey, \
+ (d2i_of_void *)d2i_DSAPublicKey,(char *)dsa)
#endif
#if !defined(X509_REVOKED_dup)
-# define X509_REVOKED_dup(rev) (X509_REVOKED *)ASN1_dup((int (*)())i2d_X509_REVOKED, \
- (char *(*)())d2i_X509_REVOKED, (char *)rev)
+# define X509_REVOKED_dup(rev) (X509_REVOKED *)ASN1_dup((i2d_of_void *)i2d_X509_REVOKED, \
+ (d2i_of_void *)d2i_X509_REVOKED, (char *)rev)
#endif
#if !defined(PKCS7_SIGNER_INFO_dup)
-# define PKCS7_SIGNER_INFO_dup(si) (PKCS7_SIGNER_INFO *)ASN1_dup((int (*)())i2d_PKCS7_SIGNER_INFO, \
- (char *(*)())d2i_PKCS7_SIGNER_INFO, (char *)si)
+# define PKCS7_SIGNER_INFO_dup(si) (PKCS7_SIGNER_INFO *)ASN1_dup((i2d_of_void *)i2d_PKCS7_SIGNER_INFO, \
+ (d2i_of_void *)d2i_PKCS7_SIGNER_INFO, (char *)si)
#endif
#if !defined(PKCS7_RECIP_INFO_dup)
-# define PKCS7_RECIP_INFO_dup(ri) (PKCS7_RECIP_INFO *)ASN1_dup((int (*)())i2d_PKCS7_RECIP_INFO, \
- (char *(*)())d2i_PKCS7_RECIP_INFO, (char *)ri)
+# define PKCS7_RECIP_INFO_dup(ri) (PKCS7_RECIP_INFO *)ASN1_dup((i2d_of_void *)i2d_PKCS7_RECIP_INFO, \
+ (d2i_of_void *)d2i_PKCS7_RECIP_INFO, (char *)ri)
#endif
#if !defined(HAVE_EVP_MD_CTX_INIT)
Index: ext/openssl/ossl.h
--- ext/openssl/ossl.h.orig 2008-06-29 17:16:02.000000000 +0900
+++ ext/openssl/ossl.h
@@ -74,6 +74,12 @@ extern "C" {
# include <openssl/ocsp.h>
#endif
+#if OPENSSL_VERSION_NUMBER >= 0x00909000L
+#define OSSL_CONST const
+#else
+#define OSSL_CONST
+#endif
+
/*
* Common Module
*/
Index: ext/openssl/ossl.c
--- ext/openssl/ossl.c.orig 2007-06-09 00:02:04.000000000 +0900
+++ ext/openssl/ossl.c
@@ -92,7 +92,7 @@ ossl_x509_ary2sk(VALUE ary)
#define OSSL_IMPL_SK2ARY(name, type) \
VALUE \
-ossl_##name##_sk2ary(STACK *sk) \
+ossl_##name##_sk2ary(STACK_OF(type) *sk) \
{ \
type *t; \
int i, num; \
@@ -102,7 +102,7 @@ ossl_##name##_sk2ary(STACK *sk) \
OSSL_Debug("empty sk!"); \
return Qnil; \
} \
- num = sk_num(sk); \
+ num = sk_##type##_num(sk); \
if (num < 0) { \
OSSL_Debug("items in sk < -1???"); \
return rb_ary_new(); \
@@ -110,7 +110,7 @@ ossl_##name##_sk2ary(STACK *sk) \
ary = rb_ary_new2(num); \
\
for (i=0; i<num; i++) { \
- t = (type *)sk_value(sk, i); \
+ t = sk_##type##_value(sk, i); \
rb_ary_push(ary, ossl_##name##_new(t)); \
} \
return ary; \
Index: ext/openssl/ossl_asn1.c
--- ext/openssl/ossl_asn1.c.orig 2007-06-09 00:02:04.000000000 +0900
+++ ext/openssl/ossl_asn1.c
@@ -304,10 +304,10 @@ obj_to_asn1derstr(VALUE obj)
* DER to Ruby converters
*/
static VALUE
-decode_bool(unsigned char* der, int length)
+decode_bool(const unsigned char* der, int length)
{
int bool;
- unsigned char *p;
+ const unsigned char *p;
p = der;
if((bool = d2i_ASN1_BOOLEAN(NULL, &p, length)) < 0)
@@ -317,10 +317,10 @@ decode_bool(unsigned char* der, int leng
}
static VALUE
-decode_int(unsigned char* der, int length)
+decode_int(const unsigned char* der, int length)
{
ASN1_INTEGER *ai;
- unsigned char *p;
+ const unsigned char *p;
VALUE ret;
int status = 0;
@@ -336,10 +336,11 @@ decode_int(unsigned char* der, int lengt
}
static VALUE
-decode_bstr(unsigned char* der, int length, long *unused_bits)
+decode_bstr(const unsigned char* der, int length, long *unused_bits)
{
ASN1_BIT_STRING *bstr;
- unsigned char *p, *buf;
+ const unsigned char *p;
+ unsigned char *buf;
long len;
VALUE ret;
@@ -362,10 +363,10 @@ decode_bstr(unsigned char* der, int leng
}
static VALUE
-decode_enum(unsigned char* der, int length)
+decode_enum(const unsigned char* der, int length)
{
ASN1_ENUMERATED *ai;
- unsigned char *p;
+ const unsigned char *p;
VALUE ret;
int status = 0;
@@ -381,10 +382,10 @@ decode_enum(unsigned char* der, int leng
}
static VALUE
-decode_null(unsigned char* der, int length)
+decode_null(const unsigned char* der, int length)
{
ASN1_NULL *null;
- unsigned char *p;
+ const unsigned char *p;
p = der;
if(!(null = d2i_ASN1_NULL(NULL, &p, length)))
@@ -395,10 +396,10 @@ decode_null(unsigned char* der, int leng
}
static VALUE
-decode_obj(unsigned char* der, int length)
+decode_obj(const unsigned char* der, int length)
{
ASN1_OBJECT *obj;
- unsigned char *p;
+ const unsigned char *p;
VALUE ret;
int nid;
BIO *bio;
@@ -424,10 +425,10 @@ decode_obj(unsigned char* der, int lengt
}
static VALUE
-decode_time(unsigned char* der, int length)
+decode_time(const unsigned char* der, int length)
{
ASN1_TIME *time;
- unsigned char *p;
+ const unsigned char *p;
VALUE ret;
int status = 0;
@@ -712,10 +713,10 @@ ossl_asn1data_to_der(VALUE self)
}
static VALUE
-ossl_asn1_decode0(unsigned char **pp, long length, long *offset, long depth,
- int once, int yield)
+ossl_asn1_decode0(const unsigned char **pp, long length, long *offset,
+ long depth, int once, int yield)
{
- unsigned char *start, *p;
+ const unsigned char *p, *start;
long len, off = *offset;
int hlen, tag, tc, j;
VALUE ary, asn1data, value, tag_class;
@@ -818,7 +819,7 @@ ossl_asn1_decode0(unsigned char **pp, lo
static VALUE
ossl_asn1_traverse(VALUE self, VALUE obj)
{
- unsigned char *p;
+ const unsigned char *p;
long offset = 0;
volatile VALUE tmp;
@@ -834,7 +835,7 @@ static VALUE
ossl_asn1_decode(VALUE self, VALUE obj)
{
VALUE ret, ary;
- unsigned char *p;
+ const unsigned char *p;
long offset = 0;
volatile VALUE tmp;
@@ -851,7 +852,7 @@ static VALUE
ossl_asn1_decode_all(VALUE self, VALUE obj)
{
VALUE ret;
- unsigned char *p;
+ const unsigned char *p;
long offset = 0;
volatile VALUE tmp;
Index: ext/openssl/ossl_cipher.c
--- ext/openssl/ossl_cipher.c.orig 2007-06-09 00:02:04.000000000 +0900
+++ ext/openssl/ossl_cipher.c
@@ -186,7 +186,7 @@ ossl_cipher_init(int argc, VALUE *argv,
* We deprecated the arguments for this method, but we decided
* keeping this behaviour for backward compatibility.
*/
- char *cname = rb_class2name(rb_obj_class(self));
+ const char *cname = rb_class2name(rb_obj_class(self));
rb_warn("argumtents for %s#encrypt and %s#decrypt were deprecated; "
"use %s#pkcs5_keyivgen to derive key and IV",
cname, cname, cname);
@@ -307,7 +307,7 @@ ossl_cipher_pkcs5_keyivgen(int argc, VAL
static VALUE
ossl_cipher_update_deprecated(VALUE self, VALUE data)
{
- char *cname;
+ const char *cname;
cname = rb_class2name(rb_obj_class(self));
rb_warning("%s#<< is deprecated; use %s#update instead", cname, cname);
Index: ext/openssl/ossl_config.c
--- ext/openssl/ossl_config.c.orig 2007-07-20 15:22:54.000000000 +0900
+++ ext/openssl/ossl_config.c
@@ -293,12 +293,27 @@ ossl_config_get_section_old(VALUE self,
}
#ifdef IMPLEMENT_LHASH_DOALL_ARG_FN
+
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+static void
+get_conf_section_doall_arg(void *arg1, void *arg2)
+{
+ CONF_VALUE *cv;
+ VALUE ary;
+
+ cv = arg1;
+ ary = (VALUE)arg2;
+ if(cv->name) return;
+ rb_ary_push(ary, rb_str_new2(cv->section));
+}
+#else
static void
get_conf_section(CONF_VALUE *cv, VALUE ary)
{
if(cv->name) return;
rb_ary_push(ary, rb_str_new2(cv->section));
}
+#endif
static IMPLEMENT_LHASH_DOALL_ARG_FN(get_conf_section, CONF_VALUE*, VALUE);
@@ -310,11 +325,44 @@ ossl_config_get_sections(VALUE self)
GetConfig(self, conf);
ary = rb_ary_new();
+
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+ LHM_lh_doall_arg(CONF_VALUE, conf->data,
+ LHASH_DOALL_ARG_FN(get_conf_section), void, (void*)ary);
+#else
lh_doall_arg(conf->data, LHASH_DOALL_ARG_FN(get_conf_section), (void*)ary);
+#endif
return ary;
}
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+static void
+dump_conf_value_doall_arg(void *arg1, void *arg2)
+{
+ STACK_OF(CONF_VALUE) *sk;
+ CONF_VALUE *cv, *v;
+ VALUE str;
+ int i, num;
+
+ cv = arg1;
+ if (cv->name) return;
+ str = (VALUE)arg2;
+ sk = (STACK_OF(CONF_VALUE)*)cv->value;
+ num = sk_CONF_VALUE_num(sk);
+ rb_str_cat2(str, "[ ");
+ rb_str_cat2(str, cv->section);
+ rb_str_cat2(str, " ]\n");
+ for(i = 0; i < num; i++){
+ v = sk_CONF_VALUE_value(sk, i);
+ rb_str_cat2(str, v->name ? v->name : "None");
+ rb_str_cat2(str, "=");
+ rb_str_cat2(str, v->value ? v->value : "None");
+ rb_str_cat2(str, "\n");
+ }
+ rb_str_cat2(str, "\n");
+}
+#else
static void
dump_conf_value(CONF_VALUE *cv, VALUE str)
{
@@ -337,6 +385,7 @@ dump_conf_value(CONF_VALUE *cv, VALUE st
}
rb_str_cat2(str, "\n");
}
+#endif
static IMPLEMENT_LHASH_DOALL_ARG_FN(dump_conf_value, CONF_VALUE*, VALUE);
@@ -346,7 +395,12 @@ dump_conf(CONF *conf)
VALUE str;
str = rb_str_new(0, 0);
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+ LHM_lh_doall_arg(CONF_VALUE, conf->data,
+ LHASH_DOALL_ARG_FN(dump_conf_value), void, (void*)str);
+#else
lh_doall_arg(conf->data, LHASH_DOALL_ARG_FN(dump_conf_value), (void*)str);
+#endif
return str;
}
@@ -361,8 +415,32 @@ ossl_config_to_s(VALUE self)
return dump_conf(conf);
}
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+static void
+each_conf_value_doall_arg(void *arg1, void* dummy)
+{
+ STACK_OF(CONF_VALUE) *sk;
+ CONF_VALUE *cv, *v;
+ VALUE section, name, value, args;
+ int i, num;
+
+ cv = arg1;
+ if (cv->name) return;
+ sk = (STACK_OF(CONF_VALUE)*)cv->value;
+ num = sk_CONF_VALUE_num(sk);
+ section = rb_str_new2(cv->section);
+ for(i = 0; i < num; i++){
+ v = sk_CONF_VALUE_value(sk, i);
+ name = v->name ? rb_str_new2(v->name) : Qnil;
+ value = v->value ? rb_str_new2(v->value) : Qnil;
+ args = rb_ary_new3(3, section, name, value);
+ rb_yield(args);
+ }
+}
+#else
static void
-each_conf_value(CONF_VALUE *cv, void* dummy)
+each_conf_value
+(CONF_VALUE *cv, void* dummy)
{
STACK_OF(CONF_VALUE) *sk;
CONF_VALUE *v;
@@ -381,6 +459,7 @@ each_conf_value(CONF_VALUE *cv, void* du
rb_yield(args);
}
}
+#endif
static IMPLEMENT_LHASH_DOALL_ARG_FN(each_conf_value, CONF_VALUE*, void*);
@@ -390,7 +469,12 @@ ossl_config_each(VALUE self)
CONF *conf;
GetConfig(self, conf);
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+ LHM_lh_doall_arg(CONF_VALUE, conf->data,
+ LHASH_DOALL_ARG_FN(each_conf_value), void, (void*)NULL);
+#else
lh_doall_arg(conf->data, LHASH_DOALL_ARG_FN(each_conf_value), (void*)NULL);
+#endif
return self;
}
@@ -421,7 +505,7 @@ static VALUE
ossl_config_inspect(VALUE self)
{
VALUE str, ary = ossl_config_get_sections(self);
- char *cname = rb_class2name(rb_obj_class(self));
+ const char *cname = rb_class2name(rb_obj_class(self));
str = rb_str_new2("#<");
rb_str_cat2(str, cname);
Index: ext/openssl/ossl_engine.c
--- ext/openssl/ossl_engine.c.orig 2007-06-09 00:02:04.000000000 +0900
+++ ext/openssl/ossl_engine.c
@@ -326,7 +326,7 @@ static VALUE
ossl_engine_inspect(VALUE self)
{
VALUE str;
- char *cname = rb_class2name(rb_obj_class(self));
+ const char *cname = rb_class2name(rb_obj_class(self));
str = rb_str_new2("#<");
rb_str_cat2(str, cname);
Index: ext/openssl/ossl_ns_spki.c
--- ext/openssl/ossl_ns_spki.c.orig 2007-06-09 00:02:04.000000000 +0900
+++ ext/openssl/ossl_ns_spki.c
@@ -56,7 +56,7 @@ ossl_spki_initialize(int argc, VALUE *ar
{
NETSCAPE_SPKI *spki;
VALUE buffer;
- unsigned char *p;
+ const unsigned char *p;
if (rb_scan_args(argc, argv, "01", &buffer) == 0) {
return self;
Index: ext/openssl/ossl_ocsp.c
--- ext/openssl/ossl_ocsp.c.orig 2009-03-09 20:59:27.000000000 +0900
+++ ext/openssl/ossl_ocsp.c
@@ -103,7 +103,7 @@ static VALUE
ossl_ocspreq_initialize(int argc, VALUE *argv, VALUE self)
{
VALUE arg;
- unsigned char *p;
+ const unsigned char *p;
rb_scan_args(argc, argv, "01", &arg);
if(!NIL_P(arg)){
@@ -310,7 +310,7 @@ static VALUE
ossl_ocspres_initialize(int argc, VALUE *argv, VALUE self)
{
VALUE arg;
- unsigned char *p;
+ const unsigned char *p;
rb_scan_args(argc, argv, "01", &arg);
if(!NIL_P(arg)){
Index: ext/openssl/ossl_pkcs7.c
--- ext/openssl/ossl_pkcs7.c.orig 2007-06-09 00:02:04.000000000 +0900
+++ ext/openssl/ossl_pkcs7.c
@@ -570,12 +570,11 @@ ossl_pkcs7_add_certificate(VALUE self, V
return self;
}
-static STACK *
-pkcs7_get_certs_or_crls(VALUE self, int want_certs)
+static STACK_OF(X509) *
+pkcs7_get_certs(VALUE self)
{
PKCS7 *pkcs7;
STACK_OF(X509) *certs;
- STACK_OF(X509_CRL) *crls;
int i;
GetPKCS7(self, pkcs7);
@@ -583,17 +582,38 @@ pkcs7_get_certs_or_crls(VALUE self, int
switch(i){
case NID_pkcs7_signed:
certs = pkcs7->d.sign->cert;
- crls = pkcs7->d.sign->crl;
break;
case NID_pkcs7_signedAndEnveloped:
certs = pkcs7->d.signed_and_enveloped->cert;
+ break;
+ default:
+ certs = NULL;
+ }
+
+ return certs;
+}
+
+static STACK_OF(X509_CRL) *
+pkcs7_get_crls(VALUE self)
+{
+ PKCS7 *pkcs7;
+ STACK_OF(X509_CRL) *crls;
+ int i;
+
+ GetPKCS7(self, pkcs7);
+ i = OBJ_obj2nid(pkcs7->type);
+ switch(i){
+ case NID_pkcs7_signed:
+ crls = pkcs7->d.sign->crl;
+ break;
+ case NID_pkcs7_signedAndEnveloped:
crls = pkcs7->d.signed_and_enveloped->crl;
break;
default:
- certs = crls = NULL;
+ crls = NULL;
}
- return want_certs ? certs : crls;
+ return crls;
}
static VALUE
@@ -608,7 +628,7 @@ ossl_pkcs7_set_certificates(VALUE self,
STACK_OF(X509) *certs;
X509 *cert;
- certs = pkcs7_get_certs_or_crls(self, 1);
+ certs = pkcs7_get_certs(self);
while((cert = sk_X509_pop(certs))) X509_free(cert);
rb_block_call(ary, rb_intern("each"), 0, 0, ossl_pkcs7_set_certs_i, self);
@@ -618,7 +638,7 @@ ossl_pkcs7_set_certificates(VALUE self,
static VALUE
ossl_pkcs7_get_certificates(VALUE self)
{
- return ossl_x509_sk2ary(pkcs7_get_certs_or_crls(self, 1));
+ return ossl_x509_sk2ary(pkcs7_get_certs(self));
}
static VALUE
@@ -648,7 +668,7 @@ ossl_pkcs7_set_crls(VALUE self, VALUE ar
STACK_OF(X509_CRL) *crls;
X509_CRL *crl;
- crls = pkcs7_get_certs_or_crls(self, 0);
+ crls = pkcs7_get_crls(self);
while((crl = sk_X509_CRL_pop(crls))) X509_CRL_free(crl);
rb_block_call(ary, rb_intern("each"), 0, 0, ossl_pkcs7_set_crls_i, self);
@@ -658,7 +678,7 @@ ossl_pkcs7_set_crls(VALUE self, VALUE ar
static VALUE
ossl_pkcs7_get_crls(VALUE self)
{
- return ossl_x509crl_sk2ary(pkcs7_get_certs_or_crls(self, 0));
+ return ossl_x509crl_sk2ary(pkcs7_get_crls(self));
}
static VALUE
Index: ext/openssl/ossl_ssl.c
--- ext/openssl/ossl_ssl.c.orig 2008-06-06 17:05:24.000000000 +0900
+++ ext/openssl/ossl_ssl.c
@@ -95,7 +95,7 @@ ID ID_callback_state;
*/
struct {
const char *name;
- SSL_METHOD *(*func)(void);
+ OSSL_CONST SSL_METHOD *(*func)(void);
} ossl_ssl_method_tab[] = {
#define OSSL_SSL_METHOD_ENTRY(name) { #name, name##_method }
OSSL_SSL_METHOD_ENTRY(TLSv1),
@@ -144,7 +144,7 @@ ossl_sslctx_s_alloc(VALUE klass)
static VALUE
ossl_sslctx_set_ssl_version(VALUE self, VALUE ssl_method)
{
- SSL_METHOD *method = NULL;
+ OSSL_CONST SSL_METHOD *method = NULL;
const char *s;
int i;
@@ -585,7 +585,7 @@ ossl_sslctx_setup(VALUE self)
}
static VALUE
-ossl_ssl_cipher_to_ary(SSL_CIPHER *cipher)
+ossl_ssl_cipher_to_ary(const SSL_CIPHER *cipher)
{
VALUE ary;
int bits, alg_bits;
@@ -623,10 +623,10 @@ ossl_sslctx_get_ciphers(VALUE self)
if (!ciphers)
return rb_ary_new();
- num = sk_num((STACK*)ciphers);
+ num = sk_SSL_CIPHER_num(ciphers);
ary = rb_ary_new2(num);
for(i = 0; i < num; i++){
- cipher = (SSL_CIPHER*)sk_value((STACK*)ciphers, i);
+ cipher = sk_SSL_CIPHER_value(ciphers, i);
rb_ary_push(ary, ossl_ssl_cipher_to_ary(cipher));
}
return ary;
@@ -1196,10 +1196,10 @@ ossl_ssl_get_peer_cert_chain(VALUE self)
}
chain = SSL_get_peer_cert_chain(ssl);
if(!chain) return Qnil;
- num = sk_num(chain);
+ num = sk_X509_num(chain);
ary = rb_ary_new2(num);
for (i = 0; i < num; i++){
- cert = (X509*)sk_value(chain, i);
+ cert = sk_X509_value(chain, i);
rb_ary_push(ary, ossl_x509_new(cert));
}
@@ -1214,7 +1214,7 @@ static VALUE
ossl_ssl_get_cipher(VALUE self)
{
SSL *ssl;
- SSL_CIPHER *cipher;
+ const SSL_CIPHER *cipher;
Data_Get_Struct(self, SSL, ssl);
if (!ssl) {
Index: ext/openssl/ossl_x509attr.c
--- ext/openssl/ossl_x509attr.c.orig 2007-06-09 00:02:04.000000000 +0900
+++ ext/openssl/ossl_x509attr.c
@@ -93,7 +93,7 @@ ossl_x509attr_initialize(int argc, VALUE
{
VALUE oid, value;
X509_ATTRIBUTE *attr;
- unsigned char *p;
+ const unsigned char *p;
GetX509Attr(self, attr);
if(rb_scan_args(argc, argv, "11", &oid, &value) == 1){
Index: ext/openssl/ossl_x509cert.c
--- ext/openssl/ossl_x509cert.c.orig 2007-06-09 00:02:04.000000000 +0900
+++ ext/openssl/ossl_x509cert.c
@@ -690,7 +690,7 @@ static VALUE
ossl_x509_inspect(VALUE self)
{
VALUE str;
- char *cname = rb_class2name(rb_obj_class(self));
+ const char *cname = rb_class2name(rb_obj_class(self));
str = rb_str_new2("#<");
rb_str_cat2(str, cname);
Index: ext/openssl/ossl_x509crl.c
--- ext/openssl/ossl_x509crl.c.orig 2007-06-09 00:02:04.000000000 +0900
+++ ext/openssl/ossl_x509crl.c
@@ -262,7 +262,7 @@ ossl_x509crl_get_revoked(VALUE self)
VALUE ary, revoked;
GetX509CRL(self, crl);
- num = sk_X509_CRL_num(X509_CRL_get_REVOKED(crl));
+ num = sk_X509_REVOKED_num(X509_CRL_get_REVOKED(crl));
if (num < 0) {
OSSL_Debug("num < 0???");
return rb_ary_new();
@@ -270,7 +270,7 @@ ossl_x509crl_get_revoked(VALUE self)
ary = rb_ary_new2(num);
for(i=0; i<num; i++) {
/* NO DUP - don't free! */
- rev = (X509_REVOKED *)sk_X509_CRL_value(X509_CRL_get_REVOKED(crl), i);
+ rev = sk_X509_REVOKED_value(X509_CRL_get_REVOKED(crl), i);
revoked = ossl_x509revoked_new(rev);
rb_ary_push(ary, revoked);
}
Index: ext/openssl/ossl_x509ext.c
--- ext/openssl/ossl_x509ext.c.orig 2007-06-09 00:02:04.000000000 +0900
+++ ext/openssl/ossl_x509ext.c
@@ -273,7 +273,7 @@ static VALUE
ossl_x509ext_initialize(int argc, VALUE *argv, VALUE self)
{
VALUE oid, value, critical;
- unsigned char *p;
+ const unsigned char *p;
X509_EXTENSION *ext;
GetX509Ext(self, ext);
Index: ext/openssl/ossl_x509name.c
--- ext/openssl/ossl_x509name.c.orig 2007-07-15 22:24:51.000000000 +0900
+++ ext/openssl/ossl_x509name.c
@@ -135,7 +135,7 @@ ossl_x509name_initialize(int argc, VALUE
rb_block_call(tmp, rb_intern("each"), 0, 0, ossl_x509name_init_i, args);
}
else{
- unsigned char *p;
+ const unsigned char *p;
VALUE str = ossl_to_der_if_possible(arg);
StringValue(str);
p = RSTRING_PTR(str);