rubysl-openssl 2.2.1 → 2.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (64) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +4 -4
  3. data/MRI_LICENSE +56 -0
  4. data/ext/rubysl/openssl/openssl_missing.c +1 -1
  5. data/ext/rubysl/openssl/openssl_missing.h +1 -1
  6. data/ext/rubysl/openssl/ossl.c +17 -16
  7. data/ext/rubysl/openssl/ossl.h +7 -7
  8. data/ext/rubysl/openssl/ossl_asn1.c +5 -5
  9. data/ext/rubysl/openssl/ossl_asn1.h +1 -1
  10. data/ext/rubysl/openssl/ossl_bio.c +2 -2
  11. data/ext/rubysl/openssl/ossl_bio.h +1 -1
  12. data/ext/rubysl/openssl/ossl_bn.c +37 -13
  13. data/ext/rubysl/openssl/ossl_bn.h +1 -1
  14. data/ext/rubysl/openssl/ossl_cipher.c +64 -17
  15. data/ext/rubysl/openssl/ossl_cipher.h +1 -1
  16. data/ext/rubysl/openssl/ossl_config.c +3 -3
  17. data/ext/rubysl/openssl/ossl_config.h +1 -1
  18. data/ext/rubysl/openssl/ossl_digest.c +19 -7
  19. data/ext/rubysl/openssl/ossl_digest.h +1 -1
  20. data/ext/rubysl/openssl/ossl_engine.c +24 -17
  21. data/ext/rubysl/openssl/ossl_engine.h +1 -1
  22. data/ext/rubysl/openssl/ossl_hmac.c +15 -7
  23. data/ext/rubysl/openssl/ossl_hmac.h +1 -1
  24. data/ext/rubysl/openssl/ossl_ns_spki.c +19 -4
  25. data/ext/rubysl/openssl/ossl_ns_spki.h +1 -1
  26. data/ext/rubysl/openssl/ossl_ocsp.c +518 -60
  27. data/ext/rubysl/openssl/ossl_ocsp.h +1 -1
  28. data/ext/rubysl/openssl/ossl_pkcs12.c +18 -4
  29. data/ext/rubysl/openssl/ossl_pkcs12.h +1 -1
  30. data/ext/rubysl/openssl/ossl_pkcs5.c +1 -1
  31. data/ext/rubysl/openssl/ossl_pkcs7.c +59 -15
  32. data/ext/rubysl/openssl/ossl_pkcs7.h +1 -1
  33. data/ext/rubysl/openssl/ossl_pkey.c +16 -2
  34. data/ext/rubysl/openssl/ossl_pkey.h +4 -3
  35. data/ext/rubysl/openssl/ossl_pkey_dh.c +3 -3
  36. data/ext/rubysl/openssl/ossl_pkey_dsa.c +3 -3
  37. data/ext/rubysl/openssl/ossl_pkey_ec.c +32 -12
  38. data/ext/rubysl/openssl/ossl_pkey_rsa.c +3 -3
  39. data/ext/rubysl/openssl/ossl_rand.c +58 -34
  40. data/ext/rubysl/openssl/ossl_rand.h +1 -1
  41. data/ext/rubysl/openssl/ossl_ssl.c +75 -46
  42. data/ext/rubysl/openssl/ossl_ssl.h +8 -2
  43. data/ext/rubysl/openssl/ossl_ssl_session.c +16 -15
  44. data/ext/rubysl/openssl/ossl_version.h +1 -1
  45. data/ext/rubysl/openssl/ossl_x509.c +2 -2
  46. data/ext/rubysl/openssl/ossl_x509.h +1 -1
  47. data/ext/rubysl/openssl/ossl_x509attr.c +18 -4
  48. data/ext/rubysl/openssl/ossl_x509cert.c +27 -33
  49. data/ext/rubysl/openssl/ossl_x509crl.c +18 -4
  50. data/ext/rubysl/openssl/ossl_x509ext.c +29 -7
  51. data/ext/rubysl/openssl/ossl_x509name.c +22 -7
  52. data/ext/rubysl/openssl/ossl_x509req.c +18 -4
  53. data/ext/rubysl/openssl/ossl_x509revoked.c +18 -4
  54. data/ext/rubysl/openssl/ossl_x509store.c +33 -8
  55. data/ext/rubysl/openssl/ruby_missing.h +1 -1
  56. data/lib/openssl/bn.rb +8 -1
  57. data/lib/openssl/buffering.rb +1 -1
  58. data/lib/openssl/cipher.rb +1 -1
  59. data/lib/openssl/digest.rb +1 -1
  60. data/lib/openssl/ssl.rb +65 -7
  61. data/lib/openssl/x509.rb +22 -2
  62. data/lib/rubysl/openssl.rb +1 -1
  63. data/lib/rubysl/openssl/version.rb +1 -1
  64. metadata +4 -3
@@ -1,5 +1,5 @@
1
1
  /*
2
- * $Id$
2
+ * $Id: ossl_pkey_rsa.c 47744 2014-09-30 05:25:32Z nobu $
3
3
  * 'OpenSSL for Ruby' project
4
4
  * Copyright (C) 2001-2002 Michal Rokos <m.rokos@sh.cvut.cz>
5
5
  * All rights reserved.
@@ -626,7 +626,7 @@ OSSL_PKEY_BN(rsa, iqmp)
626
626
  #define DefRSAConst(x) rb_define_const(cRSA, #x,INT2FIX(RSA_##x))
627
627
 
628
628
  void
629
- Init_ossl_rsa()
629
+ Init_ossl_rsa(void)
630
630
  {
631
631
  #if 0
632
632
  mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL and mPKey */
@@ -694,7 +694,7 @@ Init_ossl_rsa()
694
694
 
695
695
  #else /* defined NO_RSA */
696
696
  void
697
- Init_ossl_rsa()
697
+ Init_ossl_rsa(void)
698
698
  {
699
699
  }
700
700
  #endif /* NO_RSA */
@@ -1,37 +1,23 @@
1
1
  /*
2
- * $Id$
2
+ * $Id: ossl_rand.c 47782 2014-10-04 00:01:07Z zzak $
3
3
  * 'OpenSSL for Ruby' project
4
4
  * Copyright (C) 2001-2002 Michal Rokos <m.rokos@sh.cvut.cz>
5
+ *
5
6
  * All rights reserved.
6
- */
7
- /*
7
+ *
8
8
  * This program is licenced under the same licence as Ruby.
9
9
  * (See the file 'LICENCE'.)
10
10
  */
11
11
  #include "ossl.h"
12
12
 
13
- /*
14
- * Classes
15
- */
16
13
  VALUE mRandom;
17
14
  VALUE eRandomError;
18
15
 
19
- /*
20
- * Struct
21
- */
22
-
23
- /*
24
- * Public
25
- */
26
-
27
- /*
28
- * Private
29
- */
30
-
31
16
  /*
32
17
  * call-seq:
33
18
  * seed(str) -> str
34
19
  *
20
+ * ::seed is equivalent to ::add where +entropy+ is length of +str+.
35
21
  */
36
22
  static VALUE
37
23
  ossl_rand_seed(VALUE self, VALUE str)
@@ -46,6 +32,23 @@ ossl_rand_seed(VALUE self, VALUE str)
46
32
  * call-seq:
47
33
  * add(str, entropy) -> self
48
34
  *
35
+ * Mixes the bytes from +str+ into the Pseudo Random Number Generator(PRNG)
36
+ * state.
37
+ *
38
+ * Thus, if the data from +str+ are unpredictable to an adversary, this
39
+ * increases the uncertainty about the state and makes the PRNG output less
40
+ * predictable.
41
+ *
42
+ * The +entropy+ argument is (the lower bound of) an estimate of how much
43
+ * randomness is contained in +str+, measured in bytes.
44
+ *
45
+ * Example:
46
+ *
47
+ * pid = $$
48
+ * now = Time.now
49
+ * ary = [now.to_i, now.nsec, 1000, pid]
50
+ * OpenSSL::Random.add(ary.join("").to_s, 0.0)
51
+ * OpenSSL::Random.seed(ary.join("").to_s)
49
52
  */
50
53
  static VALUE
51
54
  ossl_rand_add(VALUE self, VALUE str, VALUE entropy)
@@ -60,6 +63,7 @@ ossl_rand_add(VALUE self, VALUE str, VALUE entropy)
60
63
  * call-seq:
61
64
  * load_random_file(filename) -> true
62
65
  *
66
+ * Reads bytes from +filename+ and adds them to the PRNG.
63
67
  */
64
68
  static VALUE
65
69
  ossl_rand_load_file(VALUE self, VALUE filename)
@@ -76,6 +80,9 @@ ossl_rand_load_file(VALUE self, VALUE filename)
76
80
  * call-seq:
77
81
  * write_random_file(filename) -> true
78
82
  *
83
+ * Writes a number of random generated bytes (currently 1024) to +filename+
84
+ * which can be used to initialize the PRNG by calling ::load_random_file in a
85
+ * later session.
79
86
  */
80
87
  static VALUE
81
88
  ossl_rand_write_file(VALUE self, VALUE filename)
@@ -89,8 +96,15 @@ ossl_rand_write_file(VALUE self, VALUE filename)
89
96
 
90
97
  /*
91
98
  * call-seq:
92
- * random_bytes(length) -> aString
99
+ * random_bytes(length) -> string
100
+ *
101
+ * Generates +string+ with +length+ number of cryptographically strong
102
+ * pseudo-random bytes.
93
103
  *
104
+ * Example:
105
+ *
106
+ * OpenSSL::Random.random_bytes(12)
107
+ * => "..."
94
108
  */
95
109
  static VALUE
96
110
  ossl_rand_bytes(VALUE self, VALUE len)
@@ -108,8 +122,17 @@ ossl_rand_bytes(VALUE self, VALUE len)
108
122
 
109
123
  /*
110
124
  * call-seq:
111
- * pseudo_bytes(length) -> aString
125
+ * pseudo_bytes(length) -> string
126
+ *
127
+ * Generates +string+ with +length+ number of pseudo-random bytes.
128
+ *
129
+ * Pseudo-random byte sequences generated by ::pseudo_bytes will be unique if
130
+ * they are of sufficient length, but are not necessarily unpredictable.
112
131
  *
132
+ * Example:
133
+ *
134
+ * OpenSSL::Random.pseudo_bytes(12)
135
+ * => "..."
113
136
  */
114
137
  static VALUE
115
138
  ossl_rand_pseudo_bytes(VALUE self, VALUE len)
@@ -129,6 +152,7 @@ ossl_rand_pseudo_bytes(VALUE self, VALUE len)
129
152
  * call-seq:
130
153
  * egd(filename) -> true
131
154
  *
155
+ * Same as ::egd_bytes but queries 255 bytes by default.
132
156
  */
133
157
  static VALUE
134
158
  ossl_rand_egd(VALUE self, VALUE filename)
@@ -145,6 +169,10 @@ ossl_rand_egd(VALUE self, VALUE filename)
145
169
  * call-seq:
146
170
  * egd_bytes(filename, length) -> true
147
171
  *
172
+ * Queries the entropy gathering daemon EGD on socket path given by +filename+.
173
+ *
174
+ * Fetches +length+ number of bytes and uses ::add to seed the OpenSSL built-in
175
+ * PRNG.
148
176
  */
149
177
  static VALUE
150
178
  ossl_rand_egd_bytes(VALUE self, VALUE filename, VALUE len)
@@ -171,15 +199,11 @@ ossl_rand_status(VALUE self)
171
199
  return RAND_status() ? Qtrue : Qfalse;
172
200
  }
173
201
 
174
- #define DEFMETH(class, name, func, argc) \
175
- rb_define_method((class), (name), (func), (argc)); \
176
- rb_define_singleton_method((class), (name), (func), (argc));
177
-
178
202
  /*
179
203
  * INIT
180
204
  */
181
205
  void
182
- Init_ossl_rand()
206
+ Init_ossl_rand(void)
183
207
  {
184
208
  #if 0
185
209
  mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */
@@ -189,14 +213,14 @@ Init_ossl_rand()
189
213
 
190
214
  eRandomError = rb_define_class_under(mRandom, "RandomError", eOSSLError);
191
215
 
192
- DEFMETH(mRandom, "seed", ossl_rand_seed, 1);
193
- DEFMETH(mRandom, "random_add", ossl_rand_add, 2);
194
- DEFMETH(mRandom, "load_random_file", ossl_rand_load_file, 1);
195
- DEFMETH(mRandom, "write_random_file", ossl_rand_write_file, 1);
196
- DEFMETH(mRandom, "random_bytes", ossl_rand_bytes, 1);
197
- DEFMETH(mRandom, "pseudo_bytes", ossl_rand_pseudo_bytes, 1);
198
- DEFMETH(mRandom, "egd", ossl_rand_egd, 1);
199
- DEFMETH(mRandom, "egd_bytes", ossl_rand_egd_bytes, 2);
200
- DEFMETH(mRandom, "status?", ossl_rand_status, 0)
216
+ rb_define_module_function(mRandom, "seed", ossl_rand_seed, 1);
217
+ rb_define_module_function(mRandom, "random_add", ossl_rand_add, 2);
218
+ rb_define_module_function(mRandom, "load_random_file", ossl_rand_load_file, 1);
219
+ rb_define_module_function(mRandom, "write_random_file", ossl_rand_write_file, 1);
220
+ rb_define_module_function(mRandom, "random_bytes", ossl_rand_bytes, 1);
221
+ rb_define_module_function(mRandom, "pseudo_bytes", ossl_rand_pseudo_bytes, 1);
222
+ rb_define_module_function(mRandom, "egd", ossl_rand_egd, 1);
223
+ rb_define_module_function(mRandom, "egd_bytes", ossl_rand_egd_bytes, 2);
224
+ rb_define_module_function(mRandom, "status?", ossl_rand_status, 0);
201
225
  }
202
226
 
@@ -1,5 +1,5 @@
1
1
  /*
2
- * $Id$
2
+ * $Id: ossl_rand.h 25189 2009-10-02 12:04:37Z akr $
3
3
  * 'OpenSSL for Ruby' project
4
4
  * Copyright (C) 2001-2002 Michal Rokos <m.rokos@sh.cvut.cz>
5
5
  * All rights reserved.
@@ -1,5 +1,5 @@
1
1
  /*
2
- * $Id$
2
+ * $Id: ossl_ssl.c 48801 2014-12-12 21:58:34Z nobu $
3
3
  * 'OpenSSL for Ruby' project
4
4
  * Copyright (C) 2000-2002 GOTOU Yuuzou <gotoyuzo@notwork.org>
5
5
  * Copyright (C) 2001-2002 Michal Rokos <m.rokos@sh.cvut.cz>
@@ -24,6 +24,10 @@
24
24
  # define TO_SOCKET(s) (s)
25
25
  #endif
26
26
 
27
+ #define GetSSLCTX(obj, ctx) do { \
28
+ TypedData_Get_Struct((obj), SSL_CTX, &ossl_sslctx_type, (ctx)); \
29
+ } while (0)
30
+
27
31
  VALUE mSSL;
28
32
  VALUE eSSLError;
29
33
  VALUE cSSLContext;
@@ -108,7 +112,7 @@ static VALUE sym_exception;
108
112
  /*
109
113
  * SSLContext class
110
114
  */
111
- struct {
115
+ static const struct {
112
116
  const char *name;
113
117
  SSL_METHOD *(*func)(void);
114
118
  } ossl_ssl_method_tab[] = {
@@ -150,13 +154,22 @@ int ossl_ssl_ex_client_cert_cb_idx;
150
154
  int ossl_ssl_ex_tmp_dh_callback_idx;
151
155
 
152
156
  static void
153
- ossl_sslctx_free(SSL_CTX *ctx)
157
+ ossl_sslctx_free(void *ptr)
154
158
  {
159
+ SSL_CTX *ctx = ptr;
155
160
  if(ctx && SSL_CTX_get_ex_data(ctx, ossl_ssl_ex_store_p)== (void*)1)
156
161
  ctx->cert_store = NULL;
157
162
  SSL_CTX_free(ctx);
158
163
  }
159
164
 
165
+ static const rb_data_type_t ossl_sslctx_type = {
166
+ "OpenSSL/SSL/CTX",
167
+ {
168
+ 0, ossl_sslctx_free,
169
+ },
170
+ 0, 0, RUBY_TYPED_FREE_IMMEDIATELY,
171
+ };
172
+
160
173
  static VALUE
161
174
  ossl_sslctx_s_alloc(VALUE klass)
162
175
  {
@@ -172,7 +185,7 @@ ossl_sslctx_s_alloc(VALUE klass)
172
185
  ossl_raise(eSSLError, "SSL_CTX_new");
173
186
  }
174
187
  SSL_CTX_set_mode(ctx, mode);
175
- return Data_Wrap_Struct(klass, 0, ossl_sslctx_free, ctx);
188
+ return TypedData_Wrap_Struct(klass, &ossl_sslctx_type, ctx);
176
189
  }
177
190
 
178
191
  /*
@@ -190,7 +203,7 @@ ossl_sslctx_set_ssl_version(VALUE self, VALUE ssl_method)
190
203
  int i;
191
204
 
192
205
  SSL_CTX *ctx;
193
- if(TYPE(ssl_method) == T_SYMBOL)
206
+ if (RB_TYPE_P(ssl_method, T_SYMBOL))
194
207
  s = rb_id2name(SYM2ID(ssl_method));
195
208
  else
196
209
  s = StringValuePtr(ssl_method);
@@ -203,7 +216,7 @@ ossl_sslctx_set_ssl_version(VALUE self, VALUE ssl_method)
203
216
  if (!method) {
204
217
  ossl_raise(rb_eArgError, "unknown SSL method `%s'.", s);
205
218
  }
206
- Data_Get_Struct(self, SSL_CTX, ctx);
219
+ GetSSLCTX(self, ctx);
207
220
  if (SSL_CTX_set_ssl_version(ctx, method) != 1) {
208
221
  ossl_raise(eSSLError, "SSL_CTX_set_ssl_version");
209
222
  }
@@ -244,7 +257,7 @@ ossl_call_client_cert_cb(VALUE obj)
244
257
  VALUE cb, ary, cert, key;
245
258
  SSL *ssl;
246
259
 
247
- Data_Get_Struct(obj, SSL, ssl);
260
+ GetSSL(obj, ssl);
248
261
  cb = (VALUE)SSL_get_ex_data(ssl, ossl_ssl_ex_client_cert_cb_idx);
249
262
  if (NIL_P(cb)) return Qfalse;
250
263
  ary = rb_funcall(cb, rb_intern("call"), 1, obj);
@@ -280,7 +293,7 @@ ossl_call_tmp_dh_callback(VALUE *args)
280
293
  VALUE cb, dh;
281
294
  EVP_PKEY *pkey;
282
295
 
283
- Data_Get_Struct(args[0], SSL, ssl);
296
+ GetSSL(args[0], ssl);
284
297
  cb = (VALUE)SSL_get_ex_data(ssl, ossl_ssl_ex_tmp_dh_callback_idx);
285
298
  if (NIL_P(cb)) return Qfalse;
286
299
  dh = rb_funcall(cb, rb_intern("call"), 3, args[0], args[1], args[2]);
@@ -482,7 +495,7 @@ ossl_sslctx_add_extra_chain_cert_i(RB_BLOCK_CALL_FUNC_ARGLIST(i, arg))
482
495
  X509 *x509;
483
496
  SSL_CTX *ctx;
484
497
 
485
- Data_Get_Struct(arg, SSL_CTX, ctx);
498
+ GetSSLCTX(arg, ctx);
486
499
  x509 = DupX509CertPtr(i);
487
500
  if(!SSL_CTX_add_extra_chain_cert(ctx, x509)){
488
501
  ossl_raise(eSSLError, NULL);
@@ -513,8 +526,8 @@ ossl_call_servername_cb(VALUE ary)
513
526
  SSL_CTX *ctx2;
514
527
 
515
528
  ossl_sslctx_setup(ret_obj);
516
- Data_Get_Struct(ssl_obj, SSL, ssl);
517
- Data_Get_Struct(ret_obj, SSL_CTX, ctx2);
529
+ GetSSL(ssl_obj, ssl);
530
+ GetSSLCTX(ret_obj, ctx2);
518
531
  SSL_set_SSL_CTX(ssl, ctx2);
519
532
  } else if (!NIL_P(ret_obj)) {
520
533
  ossl_raise(rb_eArgError, "servername_cb must return an OpenSSL::SSL::SSLContext object or nil");
@@ -665,7 +678,7 @@ ossl_sslctx_setup(VALUE self)
665
678
  VALUE val;
666
679
 
667
680
  if(OBJ_FROZEN(self)) return Qnil;
668
- Data_Get_Struct(self, SSL_CTX, ctx);
681
+ GetSSLCTX(self, ctx);
669
682
 
670
683
  #if !defined(OPENSSL_NO_DH)
671
684
  if (RTEST(ossl_sslctx_get_tmp_dh_cb(self))){
@@ -716,7 +729,7 @@ ossl_sslctx_setup(VALUE self)
716
729
 
717
730
  val = ossl_sslctx_get_client_ca(self);
718
731
  if(!NIL_P(val)){
719
- if(TYPE(val) == T_ARRAY){
732
+ if (RB_TYPE_P(val, T_ARRAY)) {
720
733
  for(i = 0; i < RARRAY_LEN(val); i++){
721
734
  client_ca = GetX509CertPtr(RARRAY_PTR(val)[i]);
722
735
  if (!SSL_CTX_add_client_CA(ctx, client_ca)){
@@ -841,7 +854,7 @@ ossl_sslctx_get_ciphers(VALUE self)
841
854
  VALUE ary;
842
855
  int i, num;
843
856
 
844
- Data_Get_Struct(self, SSL_CTX, ctx);
857
+ GetSSLCTX(self, ctx);
845
858
  if(!ctx){
846
859
  rb_warning("SSL_CTX is not initialized.");
847
860
  return Qnil;
@@ -882,11 +895,11 @@ ossl_sslctx_set_ciphers(VALUE self, VALUE v)
882
895
  rb_check_frozen(self);
883
896
  if (NIL_P(v))
884
897
  return v;
885
- else if (TYPE(v) == T_ARRAY) {
898
+ else if (RB_TYPE_P(v, T_ARRAY)) {
886
899
  str = rb_str_new(0, 0);
887
900
  for (i = 0; i < RARRAY_LEN(v); i++) {
888
901
  elem = rb_ary_entry(v, i);
889
- if (TYPE(elem) == T_ARRAY) elem = rb_ary_entry(elem, 0);
902
+ if (RB_TYPE_P(elem, T_ARRAY)) elem = rb_ary_entry(elem, 0);
890
903
  elem = rb_String(elem);
891
904
  rb_str_append(str, elem);
892
905
  if (i < RARRAY_LEN(v)-1) rb_str_cat2(str, ":");
@@ -896,7 +909,7 @@ ossl_sslctx_set_ciphers(VALUE self, VALUE v)
896
909
  StringValue(str);
897
910
  }
898
911
 
899
- Data_Get_Struct(self, SSL_CTX, ctx);
912
+ GetSSLCTX(self, ctx);
900
913
  if(!ctx){
901
914
  ossl_raise(eSSLError, "SSL_CTX is not initialized.");
902
915
  return Qnil;
@@ -920,7 +933,7 @@ ossl_sslctx_session_add(VALUE self, VALUE arg)
920
933
  SSL_CTX *ctx;
921
934
  SSL_SESSION *sess;
922
935
 
923
- Data_Get_Struct(self, SSL_CTX, ctx);
936
+ GetSSLCTX(self, ctx);
924
937
  SafeGetSSLSession(arg, sess);
925
938
 
926
939
  return SSL_CTX_add_session(ctx, sess) == 1 ? Qtrue : Qfalse;
@@ -938,7 +951,7 @@ ossl_sslctx_session_remove(VALUE self, VALUE arg)
938
951
  SSL_CTX *ctx;
939
952
  SSL_SESSION *sess;
940
953
 
941
- Data_Get_Struct(self, SSL_CTX, ctx);
954
+ GetSSLCTX(self, ctx);
942
955
  SafeGetSSLSession(arg, sess);
943
956
 
944
957
  return SSL_CTX_remove_session(ctx, sess) == 1 ? Qtrue : Qfalse;
@@ -955,7 +968,7 @@ ossl_sslctx_get_session_cache_mode(VALUE self)
955
968
  {
956
969
  SSL_CTX *ctx;
957
970
 
958
- Data_Get_Struct(self, SSL_CTX, ctx);
971
+ GetSSLCTX(self, ctx);
959
972
 
960
973
  return LONG2NUM(SSL_CTX_get_session_cache_mode(ctx));
961
974
  }
@@ -973,7 +986,7 @@ ossl_sslctx_set_session_cache_mode(VALUE self, VALUE arg)
973
986
  {
974
987
  SSL_CTX *ctx;
975
988
 
976
- Data_Get_Struct(self, SSL_CTX, ctx);
989
+ GetSSLCTX(self, ctx);
977
990
 
978
991
  SSL_CTX_set_session_cache_mode(ctx, NUM2LONG(arg));
979
992
 
@@ -992,7 +1005,7 @@ ossl_sslctx_get_session_cache_size(VALUE self)
992
1005
  {
993
1006
  SSL_CTX *ctx;
994
1007
 
995
- Data_Get_Struct(self, SSL_CTX, ctx);
1008
+ GetSSLCTX(self, ctx);
996
1009
 
997
1010
  return LONG2NUM(SSL_CTX_sess_get_cache_size(ctx));
998
1011
  }
@@ -1009,7 +1022,7 @@ ossl_sslctx_set_session_cache_size(VALUE self, VALUE arg)
1009
1022
  {
1010
1023
  SSL_CTX *ctx;
1011
1024
 
1012
- Data_Get_Struct(self, SSL_CTX, ctx);
1025
+ GetSSLCTX(self, ctx);
1013
1026
 
1014
1027
  SSL_CTX_sess_set_cache_size(ctx, NUM2LONG(arg));
1015
1028
 
@@ -1044,7 +1057,7 @@ ossl_sslctx_get_session_cache_stats(VALUE self)
1044
1057
  SSL_CTX *ctx;
1045
1058
  VALUE hash;
1046
1059
 
1047
- Data_Get_Struct(self, SSL_CTX, ctx);
1060
+ GetSSLCTX(self, ctx);
1048
1061
 
1049
1062
  hash = rb_hash_new();
1050
1063
  rb_hash_aset(hash, ID2SYM(rb_intern("cache_num")), LONG2NUM(SSL_CTX_sess_number(ctx)));
@@ -1079,7 +1092,7 @@ ossl_sslctx_flush_sessions(int argc, VALUE *argv, VALUE self)
1079
1092
 
1080
1093
  rb_scan_args(argc, argv, "01", &arg1);
1081
1094
 
1082
- Data_Get_Struct(self, SSL_CTX, ctx);
1095
+ GetSSLCTX(self, ctx);
1083
1096
 
1084
1097
  if (NIL_P(arg1)) {
1085
1098
  tm = time(0);
@@ -1111,7 +1124,7 @@ ossl_ssl_shutdown(SSL *ssl)
1111
1124
  * Ignore the case SSL_shutdown returns -1. Empty handshake_func
1112
1125
  * must not happen.
1113
1126
  */
1114
- if ((rc = SSL_shutdown(ssl)))
1127
+ if (rc = SSL_shutdown(ssl))
1115
1128
  break;
1116
1129
  }
1117
1130
  SSL_clear(ssl);
@@ -1120,15 +1133,23 @@ ossl_ssl_shutdown(SSL *ssl)
1120
1133
  }
1121
1134
 
1122
1135
  static void
1123
- ossl_ssl_free(SSL *ssl)
1136
+ ossl_ssl_free(void *ssl)
1124
1137
  {
1125
1138
  SSL_free(ssl);
1126
1139
  }
1127
1140
 
1141
+ const rb_data_type_t ossl_ssl_type = {
1142
+ "OpenSSL/SSL",
1143
+ {
1144
+ 0, ossl_ssl_free,
1145
+ },
1146
+ 0, 0, RUBY_TYPED_FREE_IMMEDIATELY,
1147
+ };
1148
+
1128
1149
  static VALUE
1129
1150
  ossl_ssl_s_alloc(VALUE klass)
1130
1151
  {
1131
- return Data_Wrap_Struct(klass, 0, ossl_ssl_free, NULL);
1152
+ return TypedData_Wrap_Struct(klass, &ossl_ssl_type, NULL);
1132
1153
  }
1133
1154
 
1134
1155
  /*
@@ -1177,14 +1198,14 @@ ossl_ssl_setup(VALUE self)
1177
1198
  SSL *ssl;
1178
1199
  rb_io_t *fptr;
1179
1200
 
1180
- Data_Get_Struct(self, SSL, ssl);
1201
+ GetSSL(self, ssl);
1181
1202
  if(!ssl){
1182
1203
  #ifdef HAVE_SSL_SET_TLSEXT_HOST_NAME
1183
1204
  VALUE hostname = rb_iv_get(self, "@hostname");
1184
1205
  #endif
1185
1206
 
1186
1207
  v_ctx = ossl_ssl_get_ctx(self);
1187
- Data_Get_Struct(v_ctx, SSL_CTX, ctx);
1208
+ GetSSLCTX(v_ctx, ctx);
1188
1209
 
1189
1210
  ssl = SSL_new(ctx);
1190
1211
  if (!ssl) {
@@ -1224,7 +1245,7 @@ ossl_ssl_setup(VALUE self)
1224
1245
 
1225
1246
  #define ossl_ssl_data_get_struct(v, ssl) \
1226
1247
  do { \
1227
- Data_Get_Struct((v), SSL, (ssl)); \
1248
+ GetSSL((v), (ssl)); \
1228
1249
  if (!(ssl)) { \
1229
1250
  rb_warning("SSL session is not started yet."); \
1230
1251
  return Qnil; \
@@ -1394,7 +1415,7 @@ ossl_ssl_read_internal(int argc, VALUE *argv, VALUE self, int nonblock)
1394
1415
  }
1395
1416
  if(ilen == 0) return str;
1396
1417
 
1397
- Data_Get_Struct(self, SSL, ssl);
1418
+ GetSSL(self, ssl);
1398
1419
  GetOpenFile(ossl_ssl_get_io(self), fptr);
1399
1420
  if (ssl) {
1400
1421
  if(!nonblock && SSL_pending(ssl) <= 0)
@@ -1431,7 +1452,11 @@ ossl_ssl_read_internal(int argc, VALUE *argv, VALUE self, int nonblock)
1431
1452
  else {
1432
1453
  ID meth = nonblock ? rb_intern("read_nonblock") : rb_intern("sysread");
1433
1454
  rb_warning("SSL session is not started yet.");
1434
- return rb_funcall(ossl_ssl_get_io(self), meth, 2, len, str);
1455
+ if (nonblock) {
1456
+ return rb_funcall(ossl_ssl_get_io(self), meth, 3, len, str, opts);
1457
+ } else {
1458
+ return rb_funcall(ossl_ssl_get_io(self), meth, 2, len, str);
1459
+ }
1435
1460
  }
1436
1461
 
1437
1462
  end:
@@ -1482,7 +1507,7 @@ ossl_ssl_write_internal(VALUE self, VALUE str, int nonblock, int no_exception)
1482
1507
  rb_io_t *fptr;
1483
1508
 
1484
1509
  StringValue(str);
1485
- Data_Get_Struct(self, SSL, ssl);
1510
+ GetSSL(self, ssl);
1486
1511
  GetOpenFile(ossl_ssl_get_io(self), fptr);
1487
1512
 
1488
1513
  if (ssl) {
@@ -1562,18 +1587,22 @@ static VALUE
1562
1587
  ossl_ssl_close(VALUE self)
1563
1588
  {
1564
1589
  SSL *ssl;
1590
+ VALUE io;
1565
1591
 
1566
- ossl_ssl_data_get_struct(self, ssl);
1592
+ /* ossl_ssl_data_get_struct() is not usable here because it may return
1593
+ * from this function; */
1567
1594
 
1568
- if (ssl) {
1569
- VALUE io = ossl_ssl_get_io(self);
1570
- if (!RTEST(rb_funcall(io, rb_intern("closed?"), 0))) {
1571
- ossl_ssl_shutdown(ssl);
1572
- SSL_free(ssl);
1573
- DATA_PTR(self) = NULL;
1574
- if (RTEST(ossl_ssl_get_sync_close(self)))
1575
- rb_funcall(io, rb_intern("close"), 0);
1576
- }
1595
+ GetSSL(self, ssl);
1596
+
1597
+ io = ossl_ssl_get_io(self);
1598
+ if (!RTEST(rb_funcall(io, rb_intern("closed?"), 0))) {
1599
+ if (ssl) {
1600
+ ossl_ssl_shutdown(ssl);
1601
+ SSL_free(ssl);
1602
+ }
1603
+ DATA_PTR(self) = NULL;
1604
+ if (RTEST(ossl_ssl_get_sync_close(self)))
1605
+ rb_funcall(io, rb_intern("close"), 0);
1577
1606
  }
1578
1607
 
1579
1608
  return Qnil;
@@ -1850,7 +1879,7 @@ ossl_ssl_npn_protocol(VALUE self)
1850
1879
  #endif /* !defined(OPENSSL_NO_SOCK) */
1851
1880
 
1852
1881
  void
1853
- Init_ossl_ssl()
1882
+ Init_ossl_ssl(void)
1854
1883
  {
1855
1884
  int i;
1856
1885
  VALUE ary;
@@ -2019,7 +2048,7 @@ Init_ossl_ssl()
2019
2048
  rb_attr(cSSLContext, rb_intern("session_get_cb"), 1, 1, Qfalse);
2020
2049
 
2021
2050
  /*
2022
- * A callback invoked when a new session was negotiatied.
2051
+ * A callback invoked when a new session was negotiated.
2023
2052
  *
2024
2053
  * The callback is invoked with an SSLSocket. If false is returned the
2025
2054
  * session will be removed from the internal cache.