Bladeren bron

Fix certs and keys pointing to the same variable

new-scoring
aeris 2 jaren geleden
bovenliggende
commit
395d78bc64
1 gewijzigde bestanden met toevoegingen van 12 en 11 verwijderingen
  1. 12
    11
      multiple_certs.patch

+ 12
- 11
multiple_certs.patch Bestand weergeven

@@ -5,17 +5,18 @@ index bcb167e..5f688db 100644
5 5
 @@ -70,7 +70,7 @@ class SSLContext
6 6
          DEFAULT_CERT_STORE.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
7 7
        end
8
- 
8
+
9 9
 -      INIT_VARS = ["cert", "key", "client_ca", "ca_file", "ca_path",
10 10
 +      INIT_VARS = ["client_ca", "ca_file", "ca_path",
11 11
          "timeout", "verify_mode", "verify_depth", "renegotiation_cb",
12 12
          "verify_callback", "cert_store", "extra_chain_cert",
13 13
          "client_cert_cb", "session_id_context", "tmp_dh_callback",
14
-@@ -106,6 +106,7 @@ class SSLContext
14
+@@ -106,6 +106,8 @@ class SSLContext
15 15
        #
16 16
        # You can get a list of valid methods with OpenSSL::SSL::SSLContext::METHODS
17 17
        def initialize(version = nil, fallback_scsv: false)
18
-+        @certs = @keys = []
18
++        @certs = []
19
++         @keys = []
19 20
          INIT_VARS.each { |v| instance_variable_set v, nil }
20 21
          self.options = self.options | OpenSSL::SSL::OP_ALL
21 22
          return unless version
@@ -40,7 +41,7 @@ index bcb167e..5f688db 100644
40 41
 +        self.keys.first
41 42
 +      end
42 43
      end
43
- 
44
+
44 45
      module SocketForwarder
45 46
 diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c
46 47
 index 9f7ee0b..9437793 100644
@@ -49,7 +50,7 @@ index 9f7ee0b..9437793 100644
49 50
 @@ -36,8 +36,8 @@ VALUE cSSLSocket;
50 51
  static VALUE eSSLErrorWaitReadable;
51 52
  static VALUE eSSLErrorWaitWritable;
52
- 
53
+
53 54
 -#define ossl_sslctx_set_cert(o,v)        	rb_iv_set((o),"@cert",(v))
54 55
 -#define ossl_sslctx_set_key(o,v)         	rb_iv_set((o),"@key",(v))
55 56
 +#define ossl_sslctx_set_certs(o,v)        	rb_iv_set((o),"@certs",(v))
@@ -60,7 +61,7 @@ index 9f7ee0b..9437793 100644
60 61
 @@ -50,8 +50,8 @@ static VALUE eSSLErrorWaitWritable;
61 62
  #define ossl_sslctx_set_client_cert_cb(o,v) 	rb_iv_set((o),"@client_cert_cb",(v))
62 63
  #define ossl_sslctx_set_sess_id_ctx(o, v) 	rb_iv_set((o),"@session_id_context",(v))
63
- 
64
+
64 65
 -#define ossl_sslctx_get_cert(o)          	rb_iv_get((o),"@cert")
65 66
 -#define ossl_sslctx_get_key(o)           	rb_iv_get((o),"@key")
66 67
 +#define ossl_sslctx_get_certs(o)          	rb_iv_get((o),"@certs")
@@ -75,12 +76,12 @@ index 9f7ee0b..9437793 100644
75 76
 -    VALUE val;
76 77
 +    VALUE val, val2;
77 78
 +    int cert_defined = 0, key_defined = 0;
78
- 
79
+
79 80
      if(OBJ_FROZEN(self)) return Qnil;
80 81
      GetSSLCTX(self, ctx);
81 82
 @@ -761,19 +762,39 @@ ossl_sslctx_setup(VALUE self)
82 83
      }
83
- 
84
+
84 85
      /* private key may be bundled in certificate file. */
85 86
 -    val = ossl_sslctx_get_cert(self);
86 87
 -    cert = NIL_P(val) ? NULL : GetX509CertPtr(val); /* NO DUP NEEDED */
@@ -131,20 +132,20 @@ index 9f7ee0b..9437793 100644
131 132
          }
132 133
 @@ -2128,14 +2149,14 @@ Init_ossl_ssl(void)
133 134
      rb_define_alloc_func(cSSLContext, ossl_sslctx_s_alloc);
134
- 
135
+
135 136
      /*
136 137
 -     * Context certificate
137 138
 +     * Context certificates
138 139
       */
139 140
 -    rb_attr(cSSLContext, rb_intern("cert"), 1, 1, Qfalse);
140 141
 +    rb_attr(cSSLContext, rb_intern("certs"), 1, 1, Qfalse);
141
- 
142
+
142 143
      /*
143 144
 -     * Context private key
144 145
 +     * Context private keys
145 146
       */
146 147
 -    rb_attr(cSSLContext, rb_intern("key"), 1, 1, Qfalse);
147 148
 +    rb_attr(cSSLContext, rb_intern("keys"), 1, 1, Qfalse);
148
- 
149
+
149 150
      /*
150 151
       * A certificate or Array of certificates that will be sent to the client.

Laden…
Annuleren
Opslaan