ruby-changes:14131
From: yugui <ko1@a...>
Date: Fri, 27 Nov 2009 11:55:02 +0900 (JST)
Subject: [ruby-changes:14131] Ruby:r25945 (ruby_1_9_1): merges r25017 from trunk into ruby_1_9_1 and a test for it.
yugui 2009-11-27 11:54:46 +0900 (Fri, 27 Nov 2009) New Revision: 25945 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=25945 Log: merges r25017 from trunk into ruby_1_9_1 and a test for it. -- * ossl_config.c (ossl_config_add_value_m, ossl_config_set_section): Check if frozen (or untrusted for $SECURE >= 4) [ruby-core:18377] -- * test/openssl/test_config.rb (OpenSSL::TestConfig): new test case. Added files: branches/ruby_1_9_1/test/openssl/test_config.rb Modified files: branches/ruby_1_9_1/ChangeLog branches/ruby_1_9_1/ext/openssl/ossl_config.c branches/ruby_1_9_1/version.h Index: ruby_1_9_1/ChangeLog =================================================================== --- ruby_1_9_1/ChangeLog (revision 25944) +++ ruby_1_9_1/ChangeLog (revision 25945) @@ -1,3 +1,8 @@ +Tue Sep 22 01:10:02 2009 Marc-Andre Lafortune <ruby-core@m...> + + * ossl_config.c (ossl_config_add_value_m, ossl_config_set_section): + Check if frozen (or untrusted for $SECURE >= 4) [ruby-core:18377] + Sun Sep 20 11:11:34 2009 Marc-Andre Lafortune <ruby-core@m...> * struct.c (rb_struct_equal, rb_struct_eql): Handle comparison of Index: ruby_1_9_1/ext/openssl/ossl_config.c =================================================================== --- ruby_1_9_1/ext/openssl/ossl_config.c (revision 25944) +++ ruby_1_9_1/ext/openssl/ossl_config.c (revision 25945) @@ -192,6 +192,14 @@ #endif } +static void +rb_ossl_config_modify_check(VALUE config) +{ + if (OBJ_FROZEN(config)) rb_error_frozen("OpenSSL::Config"); + if (!OBJ_UNTRUSTED(config) && rb_safe_level() >= 4) + rb_raise(rb_eSecurityError, "Insecure: can't modify OpenSSL config"); +} + static VALUE ossl_config_get_value(VALUE self, VALUE section, VALUE name) { @@ -247,6 +255,7 @@ { VALUE arg[2]; + rb_ossl_config_modify_check(self); arg[0] = self; arg[1] = section; rb_block_call(hash, rb_intern("each"), 0, 0, set_conf_section_i, (VALUE)arg); Index: ruby_1_9_1/version.h =================================================================== --- ruby_1_9_1/version.h (revision 25944) +++ ruby_1_9_1/version.h (revision 25945) @@ -1,5 +1,5 @@ #define RUBY_VERSION "1.9.1" -#define RUBY_PATCHLEVEL 346 +#define RUBY_PATCHLEVEL 347 #define RUBY_VERSION_MAJOR 1 #define RUBY_VERSION_MINOR 9 #define RUBY_VERSION_TEENY 1 Index: ruby_1_9_1/test/openssl/test_config.rb =================================================================== --- ruby_1_9_1/test/openssl/test_config.rb (revision 0) +++ ruby_1_9_1/test/openssl/test_config.rb (revision 25945) @@ -0,0 +1,15 @@ +require 'openssl' +require "test/unit" + +class OpenSSL::TestConfig < Test::Unit::TestCase + def test_freeze + c = OpenSSL::Config.new + c['foo'] = [['key', 'value']] + c.freeze + + # [ruby-core:18377] + assert_raise(RuntimeError, /frozen/) do + c['foo'] = [['key', 'wrong']] + end + end +end -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/