1 changed files with 12 additions and 11 deletions
Split View
Diff Options
-
+12 -11multiple_certs.patch
+ 12
- 11
multiple_certs.patch
View File
| @@ -5,17 +5,18 @@ index bcb167e..5f688db 100644 | |||
| @@ -70,7 +70,7 @@ class SSLContext | |||
| DEFAULT_CERT_STORE.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL | |||
| end | |||
| - INIT_VARS = ["cert", "key", "client_ca", "ca_file", "ca_path", | |||
| + INIT_VARS = ["client_ca", "ca_file", "ca_path", | |||
| "timeout", "verify_mode", "verify_depth", "renegotiation_cb", | |||
| "verify_callback", "cert_store", "extra_chain_cert", | |||
| "client_cert_cb", "session_id_context", "tmp_dh_callback", | |||
| @@ -106,6 +106,7 @@ class SSLContext | |||
| @@ -106,6 +106,8 @@ class SSLContext | |||
| # | |||
| # You can get a list of valid methods with OpenSSL::SSL::SSLContext::METHODS | |||
| def initialize(version = nil, fallback_scsv: false) | |||
| + @certs = @keys = [] | |||
| + @certs = [] | |||
| + @keys = [] | |||
| INIT_VARS.each { |v| instance_variable_set v, nil } | |||
| self.options = self.options | OpenSSL::SSL::OP_ALL | |||
| return unless version | |||
| @@ -40,7 +41,7 @@ index bcb167e..5f688db 100644 | |||
| + self.keys.first | |||
| + end | |||
| end | |||
| module SocketForwarder | |||
| diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c | |||
| index 9f7ee0b..9437793 100644 | |||
| @@ -49,7 +50,7 @@ index 9f7ee0b..9437793 100644 | |||
| @@ -36,8 +36,8 @@ VALUE cSSLSocket; | |||
| static VALUE eSSLErrorWaitReadable; | |||
| static VALUE eSSLErrorWaitWritable; | |||
| -#define ossl_sslctx_set_cert(o,v) rb_iv_set((o),"@cert",(v)) | |||
| -#define ossl_sslctx_set_key(o,v) rb_iv_set((o),"@key",(v)) | |||
| +#define ossl_sslctx_set_certs(o,v) rb_iv_set((o),"@certs",(v)) | |||
| @@ -60,7 +61,7 @@ index 9f7ee0b..9437793 100644 | |||
| @@ -50,8 +50,8 @@ static VALUE eSSLErrorWaitWritable; | |||
| #define ossl_sslctx_set_client_cert_cb(o,v) rb_iv_set((o),"@client_cert_cb",(v)) | |||
| #define ossl_sslctx_set_sess_id_ctx(o, v) rb_iv_set((o),"@session_id_context",(v)) | |||
| -#define ossl_sslctx_get_cert(o) rb_iv_get((o),"@cert") | |||
| -#define ossl_sslctx_get_key(o) rb_iv_get((o),"@key") | |||
| +#define ossl_sslctx_get_certs(o) rb_iv_get((o),"@certs") | |||
| @@ -75,12 +76,12 @@ index 9f7ee0b..9437793 100644 | |||
| - VALUE val; | |||
| + VALUE val, val2; | |||
| + int cert_defined = 0, key_defined = 0; | |||
| if(OBJ_FROZEN(self)) return Qnil; | |||
| GetSSLCTX(self, ctx); | |||
| @@ -761,19 +762,39 @@ ossl_sslctx_setup(VALUE self) | |||
| } | |||
| /* private key may be bundled in certificate file. */ | |||
| - val = ossl_sslctx_get_cert(self); | |||
| - cert = NIL_P(val) ? NULL : GetX509CertPtr(val); /* NO DUP NEEDED */ | |||
| @@ -131,20 +132,20 @@ index 9f7ee0b..9437793 100644 | |||
| } | |||
| @@ -2128,14 +2149,14 @@ Init_ossl_ssl(void) | |||
| rb_define_alloc_func(cSSLContext, ossl_sslctx_s_alloc); | |||
| /* | |||
| - * Context certificate | |||
| + * Context certificates | |||
| */ | |||
| - rb_attr(cSSLContext, rb_intern("cert"), 1, 1, Qfalse); | |||
| + rb_attr(cSSLContext, rb_intern("certs"), 1, 1, Qfalse); | |||
| /* | |||
| - * Context private key | |||
| + * Context private keys | |||
| */ | |||
| - rb_attr(cSSLContext, rb_intern("key"), 1, 1, Qfalse); | |||
| + rb_attr(cSSLContext, rb_intern("keys"), 1, 1, Qfalse); | |||
| /* | |||
| * A certificate or Array of certificates that will be sent to the client. | |||