ruby-changes:65596
From: Kazuki <ko1@a...>
Date: Tue, 16 Mar 2021 20:39:04 +0900 (JST)
Subject: [ruby-changes:65596] e35d3623de (master): [ruby/openssl] sample: avoid "include OpenSSL"
https://git.ruby-lang.org/ruby.git/commit/?id=e35d3623de From e35d3623de47b1a8d699f431460fbcba36de84f2 Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi <k@r...> Date: Thu, 25 Feb 2021 16:49:11 +0900 Subject: [ruby/openssl] sample: avoid "include OpenSSL" It is not a common practice and should not be done since it causes name clash: for example, Digest and Random are provided by other standard libraries of Ruby. Fixes: https://github.com/ruby/openssl/issues/419 https://github.com/ruby/openssl/commit/6a6444984b --- sample/openssl/cert2text.rb | 7 +++++-- sample/openssl/certstore.rb | 7 ++----- sample/openssl/gen_csr.rb | 10 ++++------ sample/openssl/smime_read.rb | 11 +++++------ sample/openssl/smime_write.rb | 15 +++++++-------- 5 files changed, 23 insertions(+), 27 deletions(-) diff --git a/sample/openssl/cert2text.rb b/sample/openssl/cert2text.rb index 50da224..fe14e51 100644 --- a/sample/openssl/cert2text.rb +++ b/sample/openssl/cert2text.rb @@ -1,10 +1,13 @@ https://github.com/ruby/ruby/blob/trunk/sample/openssl/cert2text.rb#L1 #!/usr/bin/env ruby require 'openssl' -include OpenSSL::X509 def cert2text(cert_str) - [Certificate, CRL, Request].each do |klass| + [ + OpenSSL::X509::Certificate, + OpenSSL::X509::CRL, + OpenSSL::X509::Request, + ].each do |klass| begin puts klass.new(cert_str).to_text return diff --git a/sample/openssl/certstore.rb b/sample/openssl/certstore.rb index c6e8f81..72e59f6 100644 --- a/sample/openssl/certstore.rb +++ b/sample/openssl/certstore.rb @@ -3,9 +3,6 @@ require 'crlstore' https://github.com/ruby/ruby/blob/trunk/sample/openssl/certstore.rb#L3 class CertStore - include OpenSSL - include X509 - attr_reader :self_signed_ca attr_reader :other_ca attr_reader :ee @@ -17,11 +14,11 @@ class CertStore https://github.com/ruby/ruby/blob/trunk/sample/openssl/certstore.rb#L14 @c_store = CHashDir.new(@certs_dir) @c_store.hash_dir(true) @crl_store = CrlStore.new(@c_store) - @x509store = Store.new + @x509store = OpenSSL::X509::Store.new @self_signed_ca = @other_ca = @ee = @crl = nil # Uncomment this line to let OpenSSL to check CRL for each certs. - # @x509store.flags = V_FLAG_CRL_CHECK | V_FLAG_CRL_CHECK_ALL + # @x509store.flags = OpenSSL::X509::V_FLAG_CRL_CHECK | OpenSSL::X509::V_FLAG_CRL_CHECK_ALL add_path scan_certs diff --git a/sample/openssl/gen_csr.rb b/sample/openssl/gen_csr.rb index 2602b68..baac990 100644 --- a/sample/openssl/gen_csr.rb +++ b/sample/openssl/gen_csr.rb @@ -3,8 +3,6 @@ https://github.com/ruby/ruby/blob/trunk/sample/openssl/gen_csr.rb#L3 require 'optparse' require 'openssl' -include OpenSSL - def usage myname = File::basename($0) $stderr.puts <<EOS @@ -21,13 +19,13 @@ keyout = options["keyout"] || "keypair.pem" https://github.com/ruby/ruby/blob/trunk/sample/openssl/gen_csr.rb#L19 $stdout.sync = true name_str = ARGV.shift or usage() -name = X509::Name.parse(name_str) +name = OpenSSL::X509::Name.parse(name_str) keypair = nil if keypair_file - keypair = PKey.read(File.read(keypair_file)) + keypair = OpenSSL::PKey.read(File.read(keypair_file)) else - keypair = PKey::RSA.new(1024) { putc "." } + keypair = OpenSSL::PKey::RSA.new(1024) { putc "." } puts puts "Writing #{keyout}..." File.open(keyout, "w", 0400) do |f| @@ -37,7 +35,7 @@ end https://github.com/ruby/ruby/blob/trunk/sample/openssl/gen_csr.rb#L35 puts "Generating CSR for #{name_str}" -req = X509::Request.new +req = OpenSSL::X509::Request.new req.version = 0 req.subject = name req.public_key = keypair.public_key diff --git a/sample/openssl/smime_read.rb b/sample/openssl/smime_read.rb index a70105f..b617c6e 100644 --- a/sample/openssl/smime_read.rb +++ b/sample/openssl/smime_read.rb @@ -1,6 +1,5 @@ https://github.com/ruby/ruby/blob/trunk/sample/openssl/smime_read.rb#L1 require 'optparse' require 'openssl' -include OpenSSL options = ARGV.getopts("c:k:C:") @@ -10,14 +9,14 @@ ca_path = options["C"] https://github.com/ruby/ruby/blob/trunk/sample/openssl/smime_read.rb#L9 data = $stdin.read -cert = X509::Certificate.new(File::read(cert_file)) -key = PKey::read(File::read(key_file)) -p7enc = PKCS7::read_smime(data) +cert = OpenSSL::X509::Certificate.new(File::read(cert_file)) +key = OpenSSL::PKey::read(File::read(key_file)) +p7enc = OpenSSL::PKCS7::read_smime(data) data = p7enc.decrypt(key, cert) -store = X509::Store.new +store = OpenSSL::X509::Store.new store.add_path(ca_path) -p7sig = PKCS7::read_smime(data) +p7sig = OpenSSL::PKCS7::read_smime(data) if p7sig.verify([], store) puts p7sig.data end diff --git a/sample/openssl/smime_write.rb b/sample/openssl/smime_write.rb index 20c933b..e1254d8 100644 --- a/sample/openssl/smime_write.rb +++ b/sample/openssl/smime_write.rb @@ -1,6 +1,5 @@ https://github.com/ruby/ruby/blob/trunk/sample/openssl/smime_write.rb#L1 require 'openssl' require 'optparse' -include OpenSSL options = ARGV.getopts("c:k:r:") @@ -8,16 +7,16 @@ cert_file = options["c"] https://github.com/ruby/ruby/blob/trunk/sample/openssl/smime_write.rb#L7 key_file = options["k"] rcpt_file = options["r"] -cert = X509::Certificate.new(File::read(cert_file)) -key = PKey::read(File::read(key_file)) +cert = OpenSSL::X509::Certificate.new(File::read(cert_file)) +key = OpenSSL::PKey::read(File::read(key_file)) data = "Content-Type: text/plain\r\n" data << "\r\n" data << "This is a clear-signed message.\r\n" -p7sig = PKCS7::sign(cert, key, data, [], PKCS7::DETACHED) -smime0 = PKCS7::write_smime(p7sig) +p7sig = OpenSSL::PKCS7::sign(cert, key, data, [], OpenSSL::PKCS7::DETACHED) +smime0 = OpenSSL::PKCS7::write_smime(p7sig) -rcpt = X509::Certificate.new(File::read(rcpt_file)) -p7enc = PKCS7::encrypt([rcpt], smime0) -print PKCS7::write_smime(p7enc) +rcpt = OpenSSL::X509::Certificate.new(File::read(rcpt_file)) +p7enc = OpenSSL::PKCS7::encrypt([rcpt], smime0) +print OpenSSL::PKCS7::write_smime(p7enc) -- cgit v1.1 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/