openssl 3.3.3 → 4.0.0

data/ext/openssl/ossl_x509name.c

@@ -13,21 +13,21 @@
     TypedData_Wrap_Struct((klass), &ossl_x509name_type, 0)
 #define SetX509Name(obj, name) do { \
     if (!(name)) { \
-	ossl_raise(rb_eRuntimeError, "Name wasn't initialized."); \
+        ossl_raise(rb_eRuntimeError, "Name wasn't initialized."); \
     } \
     RTYPEDDATA_DATA(obj) = (name); \
 } while (0)
 #define GetX509Name(obj, name) do { \
     TypedData_Get_Struct((obj), X509_NAME, &ossl_x509name_type, (name)); \
     if (!(name)) { \
-	ossl_raise(rb_eRuntimeError, "Name wasn't initialized."); \
+        ossl_raise(rb_eRuntimeError, "Name wasn't initialized."); \
     } \
 } while (0)
 
 #define OBJECT_TYPE_TEMPLATE \
-  rb_const_get(cX509Name, rb_intern("OBJECT_TYPE_TEMPLATE"))
+    rb_const_get(cX509Name, rb_intern("OBJECT_TYPE_TEMPLATE"))
 #define DEFAULT_OBJECT_TYPE \
-  rb_const_get(cX509Name, rb_intern("DEFAULT_OBJECT_TYPE"))
+    rb_const_get(cX509Name, rb_intern("DEFAULT_OBJECT_TYPE"))
 
 /*
  * Classes
@@ -44,7 +44,7 @@ ossl_x509name_free(void *ptr)
 static const rb_data_type_t ossl_x509name_type = {
     "OpenSSL/X509/NAME",
     {
-	0, ossl_x509name_free,
+        0, ossl_x509name_free,
     },
     0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
 };
@@ -53,21 +53,15 @@ static const rb_data_type_t ossl_x509name_type = {
  * Public
  */
 VALUE
-ossl_x509name_new(const X509_NAME *name)
+ossl_x509name_new(X509_NAME *name)
 {
     X509_NAME *new;
     VALUE obj;
 
     obj = NewX509Name(cX509Name);
-    if (!name) {
-	new = X509_NAME_new();
-    } else {
-	/* OpenSSL 1.1.1 takes a non-const pointer */
-	new = X509_NAME_dup((X509_NAME *)name);
-    }
-    if (!new) {
-	ossl_raise(eX509NameError, NULL);
-    }
+    new = X509_NAME_dup(name);
+    if (!new)
+        ossl_raise(eX509NameError, "X509_NAME_dup");
     SetX509Name(obj, new);
 
     return obj;
@@ -94,7 +88,7 @@ ossl_x509name_alloc(VALUE klass)
 
     obj = NewX509Name(klass);
     if (!(name = X509_NAME_new())) {
-	ossl_raise(eX509NameError, NULL);
+        ossl_raise(eX509NameError, NULL);
     }
     SetX509Name(obj, name);
 
@@ -151,33 +145,34 @@ ossl_x509name_initialize(int argc, VALUE *argv, VALUE self)
 
     GetX509Name(self, name);
     if (rb_scan_args(argc, argv, "02", &arg, &template) == 0) {
-	return self;
+        return self;
     }
     else {
-	VALUE tmp = rb_check_array_type(arg);
-	if (!NIL_P(tmp)) {
-	    VALUE args;
-	    if(NIL_P(template)) template = OBJECT_TYPE_TEMPLATE;
-	    args = rb_ary_new3(2, self, template);
-	    rb_block_call(tmp, rb_intern("each"), 0, 0, ossl_x509name_init_i, args);
-	}
-	else{
-	    const unsigned char *p;
-	    VALUE str = ossl_to_der_if_possible(arg);
-	    X509_NAME *x;
-	    StringValue(str);
-	    p = (unsigned char *)RSTRING_PTR(str);
-	    x = d2i_X509_NAME(&name, &p, RSTRING_LEN(str));
-	    DATA_PTR(self) = name;
-	    if(!x){
-		ossl_raise(eX509NameError, NULL);
-	    }
-	}
+        VALUE tmp = rb_check_array_type(arg);
+        if (!NIL_P(tmp)) {
+            VALUE args;
+            if(NIL_P(template)) template = OBJECT_TYPE_TEMPLATE;
+            args = rb_ary_new3(2, self, template);
+            rb_block_call(tmp, rb_intern("each"), 0, 0, ossl_x509name_init_i, args);
+        }
+        else{
+            const unsigned char *p;
+            VALUE str = ossl_to_der_if_possible(arg);
+            X509_NAME *x;
+            StringValue(str);
+            p = (unsigned char *)RSTRING_PTR(str);
+            x = d2i_X509_NAME(&name, &p, RSTRING_LEN(str));
+            DATA_PTR(self) = name;
+            if(!x){
+                ossl_raise(eX509NameError, NULL);
+            }
+        }
     }
 
     return self;
 }
 
+/* :nodoc: */
 static VALUE
 ossl_x509name_initialize_copy(VALUE self, VALUE other)
 {
@@ -189,7 +184,7 @@ ossl_x509name_initialize_copy(VALUE self, VALUE other)
 
     name_new = X509_NAME_dup(name_other);
     if (!name_new)
-	ossl_raise(eX509NameError, "X509_NAME_dup");
+        ossl_raise(eX509NameError, "X509_NAME_dup");
 
     SetX509Name(self, name_new);
     X509_NAME_free(name);
@@ -226,8 +221,8 @@ VALUE ossl_x509name_add_entry(int argc, VALUE *argv, VALUE self)
     int loc = -1, set = 0;
 
     if (!kwargs_ids[0]) {
-	kwargs_ids[0] = rb_intern_const("loc");
-	kwargs_ids[1] = rb_intern_const("set");
+        kwargs_ids[0] = rb_intern_const("loc");
+        kwargs_ids[1] = rb_intern_const("set");
     }
     rb_scan_args(argc, argv, "21:", &oid, &value, &type, &opts);
     rb_get_kwargs(opts, kwargs_ids, 0, 2, kwargs);
@@ -235,14 +230,14 @@ VALUE ossl_x509name_add_entry(int argc, VALUE *argv, VALUE self)
     StringValue(value);
     if(NIL_P(type)) type = rb_aref(OBJECT_TYPE_TEMPLATE, oid);
     if (kwargs[0] != Qundef)
-	loc = NUM2INT(kwargs[0]);
+        loc = NUM2INT(kwargs[0]);
     if (kwargs[1] != Qundef)
-	set = NUM2INT(kwargs[1]);
+        set = NUM2INT(kwargs[1]);
     GetX509Name(self, name);
     if (!X509_NAME_add_entry_by_txt(name, oid_name, NUM2INT(type),
-				    (unsigned char *)RSTRING_PTR(value),
-				    RSTRING_LENINT(value), loc, set))
-	ossl_raise(eX509NameError, "X509_NAME_add_entry_by_txt");
+                                    (unsigned char *)RSTRING_PTR(value),
+                                    RSTRING_LENINT(value), loc, set))
+        ossl_raise(eX509NameError, "X509_NAME_add_entry_by_txt");
     return self;
 }
 
@@ -255,7 +250,7 @@ ossl_x509name_to_s_old(VALUE self)
     GetX509Name(self, name);
     buf = X509_NAME_oneline(name, NULL, 0);
     if (!buf)
-	ossl_raise(eX509NameError, "X509_NAME_oneline");
+        ossl_raise(eX509NameError, "X509_NAME_oneline");
     return ossl_buf2str(buf, rb_long2int(strlen(buf)));
 }
 
@@ -269,11 +264,11 @@ x509name_print(VALUE self, unsigned long iflag)
     GetX509Name(self, name);
     out = BIO_new(BIO_s_mem());
     if (!out)
-	ossl_raise(eX509NameError, NULL);
+        ossl_raise(eX509NameError, NULL);
     ret = X509_NAME_print_ex(out, name, 0, iflag);
     if (ret < 0 || (iflag == XN_FLAG_COMPAT && ret == 0)) {
-	BIO_free(out);
-	ossl_raise(eX509NameError, "X509_NAME_print_ex");
+        BIO_free(out);
+        ossl_raise(eX509NameError, "X509_NAME_print_ex");
     }
     return ossl_membio2str(out);
 }
@@ -307,9 +302,9 @@ ossl_x509name_to_s(int argc, VALUE *argv, VALUE self)
     rb_check_arity(argc, 0, 1);
     /* name.to_s(nil) was allowed */
     if (!argc || NIL_P(argv[0]))
-	return ossl_x509name_to_s_old(self);
+        return ossl_x509name_to_s_old(self);
     else
-	return x509name_print(self, NUM2ULONG(argv[0]));
+        return x509name_print(self, NUM2ULONG(argv[0]));
 }
 
 /*
@@ -332,7 +327,7 @@ static VALUE
 ossl_x509name_inspect(VALUE self)
 {
     return rb_enc_sprintf(rb_utf8_encoding(), "#<%"PRIsVALUE" %"PRIsVALUE">",
-			  rb_obj_class(self), ossl_x509name_to_utf8(self));
+                          rb_obj_class(self), ossl_x509name_to_utf8(self));
 }
 
 /*
@@ -346,39 +341,22 @@ static VALUE
 ossl_x509name_to_a(VALUE self)
 {
     X509_NAME *name;
-    X509_NAME_ENTRY *entry;
-    int i,entries,nid;
-    char long_name[512];
-    const char *short_name;
-    VALUE ary, vname, ret;
-    ASN1_STRING *value;
+    int entries;
+    VALUE ret;
 
     GetX509Name(self, name);
     entries = X509_NAME_entry_count(name);
-    if (entries < 0) {
-	OSSL_Debug("name entries < 0!");
-	return rb_ary_new();
-    }
-    ret = rb_ary_new2(entries);
-    for (i=0; i<entries; i++) {
-	if (!(entry = (X509_NAME_ENTRY *)X509_NAME_get_entry(name, i))) {
-	    ossl_raise(eX509NameError, NULL);
-	}
-	if (!i2t_ASN1_OBJECT(long_name, sizeof(long_name),
-			     X509_NAME_ENTRY_get_object(entry))) {
-	    ossl_raise(eX509NameError, NULL);
-	}
-	nid = OBJ_ln2nid(long_name);
-	if (nid == NID_undef) {
-	    vname = rb_str_new2((const char *) &long_name);
-	} else {
-	    short_name = OBJ_nid2sn(nid);
-	    vname = rb_str_new2(short_name); /*do not free*/
-	}
-	value = (ASN1_STRING *)X509_NAME_ENTRY_get_data(entry);
-	ary = rb_ary_new3(3, vname, asn1str_to_str(value),
-                          INT2NUM(ASN1_STRING_type(value)));
-	rb_ary_push(ret, ary);
+    ret = rb_ary_new_capa(entries);
+    for (int i = 0; i < entries; i++) {
+        const X509_NAME_ENTRY *entry = X509_NAME_get_entry(name, i);
+        if (!entry)
+            ossl_raise(eX509NameError, "X509_NAME_get_entry");
+        const ASN1_OBJECT *obj = X509_NAME_ENTRY_get_object(entry);
+        VALUE vname = ossl_asn1obj_to_string(obj);
+        const ASN1_STRING *data = X509_NAME_ENTRY_get_data(entry);
+        VALUE vdata = asn1str_to_str(data);
+        VALUE type = INT2NUM(ASN1_STRING_type(data));
+        rb_ary_push(ret, rb_ary_new_from_args(3, vname, vdata, type));
     }
     return ret;
 }
@@ -409,7 +387,7 @@ ossl_x509name_cmp(VALUE self, VALUE other)
     int result;
 
     if (!rb_obj_is_kind_of(other, cX509Name))
-	return Qnil;
+        return Qnil;
 
     result = ossl_x509name_cmp0(self, other);
     if (result < 0) return INT2FIX(-1);
@@ -428,7 +406,7 @@ static VALUE
 ossl_x509name_eql(VALUE self, VALUE other)
 {
     if (!rb_obj_is_kind_of(other, cX509Name))
-	return Qfalse;
+        return Qfalse;
 
     return ossl_x509name_cmp0(self, other) == 0 ? Qtrue : Qfalse;
 }
@@ -488,11 +466,11 @@ ossl_x509name_to_der(VALUE self)
 
     GetX509Name(self, name);
     if((len = i2d_X509_NAME(name, NULL)) <= 0)
-	ossl_raise(eX509NameError, NULL);
+        ossl_raise(eX509NameError, NULL);
     str = rb_str_new(0, len);
     p = (unsigned char *)RSTRING_PTR(str);
     if(i2d_X509_NAME(name, &p) <= 0)
-	ossl_raise(eX509NameError, NULL);
+        ossl_raise(eX509NameError, NULL);
     ossl_str_adjust(str, p);
 
     return str;
@@ -518,12 +496,6 @@ Init_ossl_x509name(void)
 #undef rb_intern
     VALUE utf8str, ptrstr, ia5str, hash;
 
-#if 0
-    mOSSL = rb_define_module("OpenSSL");
-    eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);
-    mX509 = rb_define_module_under(mOSSL, "X509");
-#endif
-
     id_aref = rb_intern("[]");
     eX509NameError = rb_define_class_under(mX509, "NameError", eOSSLError);
     cX509Name = rb_define_class_under(mX509, "Name", rb_cObject);
@@ -562,6 +534,7 @@ Init_ossl_x509name(void)
     rb_hash_aset(hash, rb_str_new2("DC"), ia5str);
     rb_hash_aset(hash, rb_str_new2("domainComponent"), ia5str);
     rb_hash_aset(hash, rb_str_new2("emailAddress"), ia5str);
+    rb_obj_freeze(hash);
 
     /*
      * The default object type template for name entries.

data/ext/openssl/ossl_x509req.c

@@ -13,14 +13,14 @@
     TypedData_Wrap_Struct((klass), &ossl_x509req_type, 0)
 #define SetX509Req(obj, req) do { \
     if (!(req)) { \
-	ossl_raise(rb_eRuntimeError, "Req wasn't initialized!"); \
+        ossl_raise(rb_eRuntimeError, "Req wasn't initialized!"); \
     } \
     RTYPEDDATA_DATA(obj) = (req); \
 } while (0)
 #define GetX509Req(obj, req) do { \
     TypedData_Get_Struct((obj), X509_REQ, &ossl_x509req_type, (req)); \
     if (!(req)) { \
-	ossl_raise(rb_eRuntimeError, "Req wasn't initialized!"); \
+        ossl_raise(rb_eRuntimeError, "Req wasn't initialized!"); \
     } \
 } while (0)
 
@@ -39,7 +39,7 @@ ossl_x509req_free(void *ptr)
 static const rb_data_type_t ossl_x509req_type = {
     "OpenSSL/X509/REQ",
     {
-	0, ossl_x509req_free,
+        0, ossl_x509req_free,
     },
     0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
 };
@@ -68,7 +68,7 @@ ossl_x509req_alloc(VALUE klass)
 
     obj = NewX509Req(klass);
     if (!(req = X509_REQ_new())) {
-	ossl_raise(eX509ReqError, NULL);
+        ossl_raise(eX509ReqError, NULL);
     }
     SetX509Req(obj, req);
 
@@ -84,7 +84,7 @@ ossl_x509req_initialize(int argc, VALUE *argv, VALUE self)
 
     rb_check_frozen(self);
     if (rb_scan_args(argc, argv, "01", &arg) == 0) {
-	return self;
+        return self;
     }
     arg = ossl_to_der_if_possible(arg);
     in = ossl_obj2bio(&arg);
@@ -103,6 +103,7 @@ ossl_x509req_initialize(int argc, VALUE *argv, VALUE self)
     return self;
 }
 
+/* :nodoc: */
 static VALUE
 ossl_x509req_copy(VALUE self, VALUE other)
 {
@@ -113,7 +114,7 @@ ossl_x509req_copy(VALUE self, VALUE other)
     GetX509Req(self, a);
     GetX509Req(other, b);
     if (!(req = X509_REQ_dup(b))) {
-	ossl_raise(eX509ReqError, NULL);
+        ossl_raise(eX509ReqError, NULL);
     }
     X509_REQ_free(a);
     DATA_PTR(self) = req;
@@ -129,11 +130,11 @@ ossl_x509req_to_pem(VALUE self)
 
     GetX509Req(self, req);
     if (!(out = BIO_new(BIO_s_mem()))) {
-	ossl_raise(eX509ReqError, NULL);
+        ossl_raise(eX509ReqError, NULL);
     }
     if (!PEM_write_bio_X509_REQ(out, req)) {
-	BIO_free(out);
-	ossl_raise(eX509ReqError, NULL);
+        BIO_free(out);
+        ossl_raise(eX509ReqError, NULL);
     }
 
     return ossl_membio2str(out);
@@ -149,11 +150,11 @@ ossl_x509req_to_der(VALUE self)
 
     GetX509Req(self, req);
     if ((len = i2d_X509_REQ(req, NULL)) <= 0)
-	ossl_raise(eX509ReqError, NULL);
+        ossl_raise(eX509ReqError, NULL);
     str = rb_str_new(0, len);
     p = (unsigned char *)RSTRING_PTR(str);
     if (i2d_X509_REQ(req, &p) <= 0)
-	ossl_raise(eX509ReqError, NULL);
+        ossl_raise(eX509ReqError, NULL);
     ossl_str_adjust(str, p);
 
     return str;
@@ -167,11 +168,11 @@ ossl_x509req_to_text(VALUE self)
 
     GetX509Req(self, req);
     if (!(out = BIO_new(BIO_s_mem()))) {
-	ossl_raise(eX509ReqError, NULL);
+        ossl_raise(eX509ReqError, NULL);
     }
     if (!X509_REQ_print(out, req)) {
-	BIO_free(out);
-	ossl_raise(eX509ReqError, NULL);
+        BIO_free(out);
+        ossl_raise(eX509ReqError, NULL);
     }
 
     return ossl_membio2str(out);
@@ -190,7 +191,7 @@ ossl_x509req_to_x509(VALUE self, VALUE days, VALUE key)
     GetX509Req(self, req);
     ...
     if (!(x509 = X509_REQ_to_X509(req, d, pkey))) {
-	ossl_raise(eX509ReqError, NULL);
+        ossl_raise(eX509ReqError, NULL);
     }
 
     return ossl_x509_new(x509);
@@ -216,11 +217,11 @@ ossl_x509req_set_version(VALUE self, VALUE version)
     long ver;
 
     if ((ver = NUM2LONG(version)) < 0) {
-	ossl_raise(eX509ReqError, "version must be >= 0!");
+        ossl_raise(eX509ReqError, "version must be >= 0!");
     }
     GetX509Req(self, req);
     if (!X509_REQ_set_version(req, ver)) {
-	ossl_raise(eX509ReqError, "X509_REQ_set_version");
+        ossl_raise(eX509ReqError, "X509_REQ_set_version");
     }
 
     return version;
@@ -230,11 +231,11 @@ static VALUE
 ossl_x509req_get_subject(VALUE self)
 {
     X509_REQ *req;
-    const X509_NAME *name;
+    X509_NAME *name;
 
     GetX509Req(self, req);
     if (!(name = X509_REQ_get_subject_name(req))) { /* NO DUP - don't free */
-	ossl_raise(eX509ReqError, NULL);
+        ossl_raise(eX509ReqError, NULL);
     }
 
     return ossl_x509name_new(name);
@@ -248,31 +249,32 @@ ossl_x509req_set_subject(VALUE self, VALUE subject)
     GetX509Req(self, req);
     /* DUPs name */
     if (!X509_REQ_set_subject_name(req, GetX509NamePtr(subject))) {
-	ossl_raise(eX509ReqError, NULL);
+        ossl_raise(eX509ReqError, NULL);
     }
 
     return subject;
 }
 
+/*
+ * call-seq:
+ *    req.signature_algorithm -> string
+ *
+ * Returns the signature algorithm used to sign this request.
+ *
+ * Returns the long name of the signature algorithm, or the dotted decimal
+ * notation if \OpenSSL does not define a long name for it.
+ */
 static VALUE
 ossl_x509req_get_signature_algorithm(VALUE self)
 {
     X509_REQ *req;
     const X509_ALGOR *alg;
-    BIO *out;
+    const ASN1_OBJECT *obj;
 
     GetX509Req(self, req);
-
-    if (!(out = BIO_new(BIO_s_mem()))) {
-	ossl_raise(eX509ReqError, NULL);
-    }
     X509_REQ_get0_signature(req, NULL, &alg);
-    if (!i2a_ASN1_OBJECT(out, alg->algorithm)) {
-	BIO_free(out);
-	ossl_raise(eX509ReqError, NULL);
-    }
-
-    return ossl_membio2str(out);
+    X509_ALGOR_get0(&obj, NULL, NULL, alg);
+    return ossl_asn1obj_to_string_long_name(obj);
 }
 
 static VALUE
@@ -283,10 +285,10 @@ ossl_x509req_get_public_key(VALUE self)
 
     GetX509Req(self, req);
     if (!(pkey = X509_REQ_get_pubkey(req))) { /* adds reference */
-	ossl_raise(eX509ReqError, NULL);
+        ossl_raise(eX509ReqError, NULL);
     }
 
-    return ossl_pkey_new(pkey); /* NO DUP - OK */
+    return ossl_pkey_wrap(pkey);
 }
 
 static VALUE
@@ -299,7 +301,7 @@ ossl_x509req_set_public_key(VALUE self, VALUE key)
     pkey = GetPKeyPtr(key);
     ossl_pkey_check_public_key(pkey);
     if (!X509_REQ_set_pubkey(req, pkey))
-	ossl_raise(eX509ReqError, "X509_REQ_set_pubkey");
+        ossl_raise(eX509ReqError, "X509_REQ_set_pubkey");
     return key;
 }
 
@@ -309,17 +311,14 @@ ossl_x509req_sign(VALUE self, VALUE key, VALUE digest)
     X509_REQ *req;
     EVP_PKEY *pkey;
     const EVP_MD *md;
+    VALUE md_holder;
 
     GetX509Req(self, req);
     pkey = GetPrivPKeyPtr(key); /* NO NEED TO DUP */
-    if (NIL_P(digest)) {
-        md = NULL; /* needed for some key types, e.g. Ed25519 */
-    } else {
-        md = ossl_evp_get_digestbyname(digest);
-    }
-    if (!X509_REQ_sign(req, pkey, md)) {
-	ossl_raise(eX509ReqError, NULL);
-    }
+    /* NULL needed for some key types, e.g. Ed25519 */
+    md = NIL_P(digest) ? NULL : ossl_evp_md_fetch(digest, &md_holder);
+    if (!X509_REQ_sign(req, pkey, md))
+        ossl_raise(eX509ReqError, "X509_REQ_sign");
 
     return self;
 }
@@ -338,12 +337,12 @@ ossl_x509req_verify(VALUE self, VALUE key)
     ossl_pkey_check_public_key(pkey);
     switch (X509_REQ_verify(req, pkey)) {
       case 1:
-	return Qtrue;
+        return Qtrue;
       case 0:
-	ossl_clear_error();
-	return Qfalse;
+        ossl_clear_error();
+        return Qfalse;
       default:
-	ossl_raise(eX509ReqError, NULL);
+        ossl_raise(eX509ReqError, NULL);
     }
 }
 
@@ -352,20 +351,20 @@ ossl_x509req_get_attributes(VALUE self)
 {
     X509_REQ *req;
     int count, i;
-    const X509_ATTRIBUTE *attr;
+    X509_ATTRIBUTE *attr;
     VALUE ary;
 
     GetX509Req(self, req);
 
     count = X509_REQ_get_attr_count(req);
     if (count < 0) {
-	OSSL_Debug("count < 0???");
-	return rb_ary_new();
+        OSSL_Debug("count < 0???");
+        return rb_ary_new();
     }
     ary = rb_ary_new2(count);
     for (i=0; i<count; i++) {
-	attr = X509_REQ_get_attr(req, i);
-	rb_ary_push(ary, ossl_x509attr_new(attr));
+        attr = X509_REQ_get_attr(req, i);
+        rb_ary_push(ary, ossl_x509attr_new(attr));
     }
 
     return ary;
@@ -381,17 +380,17 @@ ossl_x509req_set_attributes(VALUE self, VALUE ary)
 
     Check_Type(ary, T_ARRAY);
     for (i=0;i<RARRAY_LEN(ary); i++) {
-	OSSL_Check_Kind(RARRAY_AREF(ary, i), cX509Attr);
+        OSSL_Check_Kind(RARRAY_AREF(ary, i), cX509Attr);
     }
     GetX509Req(self, req);
     for (i = X509_REQ_get_attr_count(req); i > 0; i--)
         X509_ATTRIBUTE_free(X509_REQ_delete_attr(req, 0));
     for (i=0;i<RARRAY_LEN(ary); i++) {
-	item = RARRAY_AREF(ary, i);
-	attr = GetX509AttrPtr(item);
-	if (!X509_REQ_add1_attr(req, attr)) {
-	    ossl_raise(eX509ReqError, "X509_REQ_add1_attr");
-	}
+        item = RARRAY_AREF(ary, i);
+        attr = GetX509AttrPtr(item);
+        if (!X509_REQ_add1_attr(req, attr)) {
+            ossl_raise(eX509ReqError, "X509_REQ_add1_attr");
+        }
     }
     return ary;
 }
@@ -403,7 +402,7 @@ ossl_x509req_add_attribute(VALUE self, VALUE attr)
 
     GetX509Req(self, req);
     if (!X509_REQ_add1_attr(req, GetX509AttrPtr(attr))) {
-	ossl_raise(eX509ReqError, NULL);
+        ossl_raise(eX509ReqError, NULL);
     }
 
     return attr;
@@ -415,12 +414,6 @@ ossl_x509req_add_attribute(VALUE self, VALUE attr)
 void
 Init_ossl_x509req(void)
 {
-#if 0
-    mOSSL = rb_define_module("OpenSSL");
-    eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);
-    mX509 = rb_define_module_under(mOSSL, "X509");
-#endif
-
     eX509ReqError = rb_define_class_under(mX509, "RequestError", eOSSLError);
 
     cX509Req = rb_define_class_under(mX509, "Request", rb_cObject);