ruby-changes:20151
From: emboss <ko1@a...>
Date: Wed, 22 Jun 2011 17:41:23 +0900 (JST)
Subject: [ruby-changes:20151] emboss:r32199 (trunk): * ext/openssl/ossl.h: Introduced OSSL_BIO_reset macro for PEM/DER
emboss 2011-06-22 17:41:08 +0900 (Wed, 22 Jun 2011) New Revision: 32199 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=32199 Log: * ext/openssl/ossl.h: Introduced OSSL_BIO_reset macro for PEM/DER fallback scenarios. * ext/openssl/ossl_pkey_dsa.c * ext/openssl/ossl_x509req.c * ext/openssl/ossl_pkey_rsa.c * ext/openssl/ossl_pkey_ec.c * ext/openssl/ossl_ssl_session.c * ext/openssl/ossl_x509crl.c * ext/openssl/ossl_pkey.c * ext/openssl/ossl_pkey_dh.c * ext/openssl/ossl_x509cert.c * ext/openssl/ossl_pkcs7.c: Use OSSL_BIO_reset. * ext/openssl/ossl_ssl.c * ext/openssl/ossl_cipher.c * ext/openssl/ossl_pkey_ec.c * ext/openssl/ossl_pkcs12.c * ext/openssl/ossl_ssl_session.c: Replace rb_raise occurences by ossl_raise. This automatically flushes OpenSSL's error queue. * ext/openssl/ossl_pkcs7.c: Raise error if DER fallback for parsing fails. * test/openssl/test_pkey_ec.rb * test/openssl/test_pkey_dsa.rb * test/openssl/test_pkey_rsa.rb: Add assertions that OpenSSL.errors is empty. * test/openssl/test_pkey_rsa.rb: Remove initial OpenSSL.errors call in test_new. [ Ruby 1.9 - Bug #4885 ] [ruby-core:37134] Modified files: trunk/ChangeLog trunk/ext/openssl/ossl.h trunk/ext/openssl/ossl_cipher.c trunk/ext/openssl/ossl_pkcs12.c trunk/ext/openssl/ossl_pkcs7.c trunk/ext/openssl/ossl_pkey.c trunk/ext/openssl/ossl_pkey_dh.c trunk/ext/openssl/ossl_pkey_dsa.c trunk/ext/openssl/ossl_pkey_ec.c trunk/ext/openssl/ossl_pkey_rsa.c trunk/ext/openssl/ossl_ssl.c trunk/ext/openssl/ossl_ssl_session.c trunk/ext/openssl/ossl_x509cert.c trunk/ext/openssl/ossl_x509crl.c trunk/ext/openssl/ossl_x509req.c trunk/test/openssl/test_pkey_dsa.rb trunk/test/openssl/test_pkey_ec.rb trunk/test/openssl/test_pkey_rsa.rb Index: ChangeLog =================================================================== --- ChangeLog (revision 32198) +++ ChangeLog (revision 32199) @@ -1,3 +1,38 @@ +Wed Jun 22 17:37:49 2011 Martin Bosslet <Martin.Bosslet@g...> + + * ext/openssl/ossl.h: Introduced OSSL_BIO_reset macro for PEM/DER + fallback scenarios. + + * ext/openssl/ossl_pkey_dsa.c + * ext/openssl/ossl_x509req.c + * ext/openssl/ossl_pkey_rsa.c + * ext/openssl/ossl_pkey_ec.c + * ext/openssl/ossl_ssl_session.c + * ext/openssl/ossl_x509crl.c + * ext/openssl/ossl_pkey.c + * ext/openssl/ossl_pkey_dh.c + * ext/openssl/ossl_x509cert.c + * ext/openssl/ossl_pkcs7.c: Use OSSL_BIO_reset. + + * ext/openssl/ossl_ssl.c + * ext/openssl/ossl_cipher.c + * ext/openssl/ossl_pkey_ec.c + * ext/openssl/ossl_pkcs12.c + * ext/openssl/ossl_ssl_session.c: Replace rb_raise occurences by + ossl_raise. This automatically flushes OpenSSL's error queue. + + * ext/openssl/ossl_pkcs7.c: Raise error if DER fallback for parsing + fails. + + * test/openssl/test_pkey_ec.rb + * test/openssl/test_pkey_dsa.rb + * test/openssl/test_pkey_rsa.rb: Add assertions that OpenSSL.errors is + empty. + + * test/openssl/test_pkey_rsa.rb: Remove initial OpenSSL.errors call in + test_new. + [ Ruby 1.9 - Bug #4885 ] [ruby-core:37134] + Wed Jun 22 15:01:24 2011 Martin Bosslet <Martin.Bosslet@g...> * ext/openssl/ossl_ssl.c: Use SSL_MODE_RELEASE_BUFFERS if available. Index: ext/openssl/ossl_pkey_dsa.c =================================================================== --- ext/openssl/ossl_pkey_dsa.c (revision 32198) +++ ext/openssl/ossl_pkey_dsa.c (revision 32199) @@ -166,28 +166,24 @@ in = ossl_obj2bio(arg); dsa = PEM_read_bio_DSAPrivateKey(in, NULL, ossl_pem_passwd_cb, passwd); if (!dsa) { - (void)BIO_reset(in); - (void)ERR_get_error(); + OSSL_BIO_reset(in); dsa = PEM_read_bio_DSA_PUBKEY(in, NULL, NULL, NULL); } if (!dsa) { - (void)BIO_reset(in); - (void)ERR_get_error(); + OSSL_BIO_reset(in); dsa = d2i_DSAPrivateKey_bio(in, NULL); } if (!dsa) { - (void)BIO_reset(in); - (void)ERR_get_error(); + OSSL_BIO_reset(in); dsa = d2i_DSA_PUBKEY_bio(in, NULL); } if (!dsa) { - (void)BIO_reset(in); - (void)ERR_get_error(); + OSSL_BIO_reset(in); dsa = PEM_read_bio_DSAPublicKey(in, NULL, NULL, NULL); } BIO_free(in); if (!dsa) { - (void)ERR_get_error(); + ERR_clear_error(); ossl_raise(eDSAError, "Neither PUB key nor PRIV key:"); } } Index: ext/openssl/ossl_ssl.c =================================================================== --- ext/openssl/ossl_ssl.c (revision 32198) +++ ext/openssl/ossl_ssl.c (revision 32199) @@ -493,7 +493,7 @@ Data_Get_Struct(ret_obj, SSL_CTX, ctx2); SSL_set_SSL_CTX(ssl, ctx2); } else if (!NIL_P(ret_obj)) { - rb_raise(rb_eArgError, "servername_cb must return an OpenSSL::SSL::SSLContext object or nil"); + ossl_raise(rb_eArgError, "servername_cb must return an OpenSSL::SSL::SSLContext object or nil"); } return ret_obj; @@ -952,7 +952,7 @@ } else if (rb_obj_is_instance_of(arg1, rb_cTime)) { tm = NUM2LONG(rb_funcall(arg1, rb_intern("to_i"), 0)); } else { - rb_raise(rb_eArgError, "arg must be Time or nil"); + ossl_raise(rb_eArgError, "arg must be Time or nil"); } SSL_CTX_flush_sessions(ctx, (long)tm); Index: ext/openssl/ossl_cipher.c =================================================================== --- ext/openssl/ossl_cipher.c (revision 32198) +++ ext/openssl/ossl_cipher.c (revision 32199) @@ -293,7 +293,7 @@ if(!NIL_P(vsalt)){ StringValue(vsalt); if(RSTRING_LEN(vsalt) != PKCS5_SALT_LEN) - rb_raise(eCipherError, "salt must be an 8-octet string"); + ossl_raise(eCipherError, "salt must be an 8-octet string"); salt = (unsigned char *)RSTRING_PTR(vsalt); } iter = NIL_P(viter) ? 2048 : NUM2INT(viter); @@ -331,7 +331,7 @@ StringValue(data); in = (unsigned char *)RSTRING_PTR(data); if ((in_len = RSTRING_LENINT(data)) == 0) - rb_raise(rb_eArgError, "data must not be empty"); + ossl_raise(rb_eArgError, "data must not be empty"); GetCipher(self, ctx); out_len = in_len+EVP_CIPHER_CTX_block_size(ctx); Index: ext/openssl/ossl_pkey_rsa.c =================================================================== --- ext/openssl/ossl_pkey_rsa.c (revision 32198) +++ ext/openssl/ossl_pkey_rsa.c (revision 32199) @@ -157,33 +157,27 @@ in = ossl_obj2bio(arg); rsa = PEM_read_bio_RSAPrivateKey(in, NULL, ossl_pem_passwd_cb, passwd); if (!rsa) { - (void)BIO_reset(in); - (void)ERR_get_error(); + OSSL_BIO_reset(in); rsa = PEM_read_bio_RSA_PUBKEY(in, NULL, NULL, NULL); } if (!rsa) { - (void)BIO_reset(in); - (void)ERR_get_error(); + OSSL_BIO_reset(in); rsa = d2i_RSAPrivateKey_bio(in, NULL); } if (!rsa) { - (void)BIO_reset(in); - (void)ERR_get_error(); + OSSL_BIO_reset(in); rsa = d2i_RSA_PUBKEY_bio(in, NULL); } if (!rsa) { - (void)BIO_reset(in); - (void)ERR_get_error(); + OSSL_BIO_reset(in); rsa = PEM_read_bio_RSAPublicKey(in, NULL, NULL, NULL); } if (!rsa) { - (void)BIO_reset(in); - (void)ERR_get_error(); + OSSL_BIO_reset(in); rsa = d2i_RSAPublicKey_bio(in, NULL); } BIO_free(in); if (!rsa) { - (void)ERR_get_error(); ossl_raise(eRSAError, "Neither PUB key nor PRIV key:"); } } Index: ext/openssl/ossl_x509req.c =================================================================== --- ext/openssl/ossl_x509req.c (revision 32198) +++ ext/openssl/ossl_x509req.c (revision 32199) @@ -110,7 +110,7 @@ req = PEM_read_bio_X509_REQ(in, &x, NULL, NULL); DATA_PTR(self) = x; if (!req) { - (void)BIO_reset(in); + OSSL_BIO_reset(in); req = d2i_X509_REQ_bio(in, &x); DATA_PTR(self) = x; } Index: ext/openssl/ossl_pkey_ec.c =================================================================== --- ext/openssl/ossl_pkey_ec.c (revision 32198) +++ ext/openssl/ossl_pkey_ec.c (revision 32199) @@ -42,7 +42,7 @@ #define Require_EC_KEY(obj, key) do { \ Get_EC_KEY((obj), (key)); \ if ((key) == NULL) \ - rb_raise(eECError, "EC_KEY is not initialized"); \ + ossl_raise(eECError, "EC_KEY is not initialized"); \ } while(0) #define SafeRequire_EC_KEY(obj, key) do { \ @@ -54,14 +54,14 @@ ossl_ec_group *ec_group; \ Data_Get_Struct((obj), ossl_ec_group, ec_group); \ if (ec_group == NULL) \ - rb_raise(eEC_GROUP, "missing ossl_ec_group structure"); \ + ossl_raise(eEC_GROUP, "missing ossl_ec_group structure"); \ (g) = ec_group->group; \ } while(0) #define Require_EC_GROUP(obj, group) do { \ Get_EC_GROUP((obj), (group)); \ if ((group) == NULL) \ - rb_raise(eEC_GROUP, "EC_GROUP is not initialized"); \ + ossl_raise(eEC_GROUP, "EC_GROUP is not initialized"); \ } while(0) #define SafeRequire_EC_GROUP(obj, group) do { \ @@ -73,14 +73,14 @@ ossl_ec_point *ec_point; \ Data_Get_Struct((obj), ossl_ec_point, ec_point); \ if (ec_point == NULL) \ - rb_raise(eEC_POINT, "missing ossl_ec_point structure"); \ + ossl_raise(eEC_POINT, "missing ossl_ec_point structure"); \ (p) = ec_point->point; \ } while(0) #define Require_EC_POINT(obj, point) do { \ Get_EC_POINT((obj), (point)); \ if ((point) == NULL) \ - rb_raise(eEC_POINT, "EC_POINT is not initialized"); \ + ossl_raise(eEC_POINT, "EC_POINT is not initialized"); \ } while(0) #define SafeRequire_EC_POINT(obj, point) do { \ @@ -168,7 +168,7 @@ GetPKey(self, pkey); if (pkey->pkey.ec) - rb_raise(eECError, "EC_KEY already initialized"); + ossl_raise(eECError, "EC_KEY already initialized"); rb_scan_args(argc, argv, "02", &arg, &pass); @@ -191,18 +191,15 @@ } ec = PEM_read_bio_ECPrivateKey(in, NULL, ossl_pem_passwd_cb, passwd); if (!ec) { - (void)BIO_reset(in); - (void)ERR_get_error(); + OSSL_BIO_reset(in); ec = PEM_read_bio_EC_PUBKEY(in, NULL, ossl_pem_passwd_cb, passwd); } if (!ec) { - (void)BIO_reset(in); - (void)ERR_get_error(); + OSSL_BIO_reset(in); ec = d2i_ECPrivateKey_bio(in, NULL); } if (!ec) { - (void)BIO_reset(in); - (void)ERR_get_error(); + OSSL_BIO_reset(in); ec = d2i_EC_PUBKEY_bio(in, NULL); } @@ -478,7 +475,7 @@ Require_EC_KEY(self, ec); if (EC_KEY_get0_public_key(ec) == NULL) - rb_raise(eECError, "can't export - no public key set"); + ossl_raise(eECError, "can't export - no public key set"); if (EC_KEY_check_key(ec) != 1) ossl_raise(eECError, "can't export - EC_KEY_check_key failed"); @@ -518,7 +515,7 @@ break; default: BIO_free(out); - rb_raise(rb_eRuntimeError, "unknown format (internal error)"); + ossl_raise(rb_eRuntimeError, "unknown format (internal error)"); } if (i != 1) { @@ -746,7 +743,7 @@ Data_Get_Struct(self, ossl_ec_group, ec_group); if (ec_group->group != NULL) - rb_raise(rb_eRuntimeError, "EC_GROUP is already initialized"); + ossl_raise(rb_eRuntimeError, "EC_GROUP is already initialized"); switch (rb_scan_args(argc, argv, "13", &arg1, &arg2, &arg3, &arg4)) { case 1: @@ -768,7 +765,7 @@ if ((group = EC_GROUP_new(method)) == NULL) ossl_raise(eEC_GROUP, "EC_GROUP_new"); } else { - rb_raise(rb_eArgError, "unknown symbol, must be :GFp_simple, :GFp_mont, :GFp_nist or :GF2m_simple"); + ossl_raise(rb_eArgError, "unknown symbol, must be :GFp_simple, :GFp_mont, :GFp_nist or :GF2m_simple"); } } else if (rb_obj_is_kind_of(arg1, cEC_GROUP)) { const EC_GROUP *arg1_group; @@ -781,7 +778,7 @@ group = PEM_read_bio_ECPKParameters(in, NULL, NULL, NULL); if (!group) { - (void)BIO_reset(in); + OSSL_BIO_reset(in); group = d2i_ECPKParameters_bio(in, NULL); } @@ -791,6 +788,7 @@ const char *name = StringValueCStr(arg1); int nid = OBJ_sn2nid(name); + (void)ERR_get_error(); if (nid == NID_undef) ossl_raise(eEC_GROUP, "unknown curve name (%s)", name); @@ -817,18 +815,18 @@ } else if (id == s_GF2m) { new_curve = EC_GROUP_new_curve_GF2m; } else { - rb_raise(rb_eArgError, "unknown symbol, must be :GFp or :GF2m"); + ossl_raise(rb_eArgError, "unknown symbol, must be :GFp or :GF2m"); } if ((group = new_curve(p, a, b, ossl_bn_ctx)) == NULL) ossl_raise(eEC_GROUP, "EC_GROUP_new_by_GF*"); } else { - rb_raise(rb_eArgError, "unknown argument, must be :GFp or :GF2m"); + ossl_raise(rb_eArgError, "unknown argument, must be :GFp or :GF2m"); } break; default: - rb_raise(rb_eArgError, "wrong number of arguments"); + ossl_raise(rb_eArgError, "wrong number of arguments"); } if (group == NULL) @@ -1044,7 +1042,7 @@ case POINT_CONVERSION_UNCOMPRESSED: ret = ID_uncompressed; break; case POINT_CONVERSION_COMPRESSED: ret = ID_compressed; break; case POINT_CONVERSION_HYBRID: ret = ID_hybrid; break; - default: rb_raise(eEC_GROUP, "unsupported point conversion form: %d, this module should be updated", form); + default: ossl_raise(eEC_GROUP, "unsupported point conversion form: %d, this module should be updated", form); } return ID2SYM(ret); @@ -1070,7 +1068,7 @@ } else if (form_id == ID_hybrid) { form = POINT_CONVERSION_HYBRID; } else { - rb_raise(rb_eArgError, "form must be :compressed, :uncompressed, or :hybrid"); + ossl_raise(rb_eArgError, "form must be :compressed, :uncompressed, or :hybrid"); } EC_GROUP_set_point_conversion_form(group, form); @@ -1153,7 +1151,7 @@ break; default: BIO_free(out); - rb_raise(rb_eRuntimeError, "unknown format (internal error)"); + ossl_raise(rb_eRuntimeError, "unknown format (internal error)"); } if (i != 1) { @@ -1246,7 +1244,7 @@ Data_Get_Struct(self, ossl_ec_point, ec_point); if (ec_point->point) - rb_raise(eEC_POINT, "EC_POINT already initialized"); + ossl_raise(eEC_POINT, "EC_POINT already initialized"); switch (rb_scan_args(argc, argv, "11", &arg1, &arg2)) { case 1: @@ -1264,13 +1262,13 @@ point = EC_POINT_new(group); } else { - rb_raise(eEC_POINT, "wrong argument type: must be OpenSSL::PKey::EC::Point or OpenSSL::Pkey::EC::Group"); + ossl_raise(eEC_POINT, "wrong argument type: must be OpenSSL::PKey::EC::Point or OpenSSL::Pkey::EC::Group"); } break; case 2: if (!rb_obj_is_kind_of(arg1, cEC_GROUP)) - rb_raise(rb_eArgError, "1st argument must be OpenSSL::PKey::EC::Group"); + ossl_raise(rb_eArgError, "1st argument must be OpenSSL::PKey::EC::Group"); group_v = arg1; SafeRequire_EC_GROUP(group_v, group); @@ -1291,14 +1289,14 @@ } break; default: - rb_raise(rb_eArgError, "wrong number of arguments"); + ossl_raise(rb_eArgError, "wrong number of arguments"); } if (point == NULL) ossl_raise(eEC_POINT, NULL); if (NIL_P(group_v)) - rb_raise(rb_eRuntimeError, "missing group (internal error)"); + ossl_raise(rb_eRuntimeError, "missing group (internal error)"); ec_point->point = point; Index: ext/openssl/ossl.h =================================================================== --- ext/openssl/ossl.h (revision 32198) +++ ext/openssl/ossl.h (revision 32199) @@ -138,6 +138,13 @@ int ossl_pem_passwd_cb(char *, int, int, void *); /* + * Clear BIO* with this in PEM/DER fallback scenarios to avoid decoding + * errors piling up in OpenSSL::Errors + */ +#define OSSL_BIO_reset(bio) (void)BIO_reset((bio)); \ + ERR_clear_error(); + +/* * ERRor messages */ #define OSSL_ErrMsg() ERR_reason_error_string(ERR_get_error()) Index: ext/openssl/ossl_pkcs12.c =================================================================== --- ext/openssl/ossl_pkcs12.c (revision 32198) +++ ext/openssl/ossl_pkcs12.c (revision 32199) @@ -91,11 +91,11 @@ /* TODO: make a VALUE to nid function */ if (!NIL_P(key_nid)) { if ((nkey = OBJ_txt2nid(StringValuePtr(key_nid))) == NID_undef) - rb_raise(rb_eArgError, "Unknown PBE algorithm %s", StringValuePtr(key_nid)); + ossl_raise(rb_eArgError, "Unknown PBE algorithm %s", StringValuePtr(key_nid)); } if (!NIL_P(cert_nid)) { if ((ncert = OBJ_txt2nid(StringValuePtr(cert_nid))) == NID_undef) - rb_raise(rb_eArgError, "Unknown PBE algorithm %s", StringValuePtr(cert_nid)); + ossl_raise(rb_eArgError, "Unknown PBE algorithm %s", StringValuePtr(cert_nid)); } if (!NIL_P(key_iter)) kiter = NUM2INT(key_iter); Index: ext/openssl/ossl_ssl_session.c =================================================================== --- ext/openssl/ossl_ssl_session.c (revision 32198) +++ ext/openssl/ossl_ssl_session.c (revision 32199) @@ -53,7 +53,7 @@ ctx = PEM_read_bio_SSL_SESSION(in, NULL, NULL, NULL); if (!ctx) { - (void)BIO_reset(in); + OSSL_BIO_reset(in); ctx = d2i_SSL_SESSION_bio(in, NULL); } @@ -152,7 +152,7 @@ } else if (FIXNUM_P(time_v)) { \ ; \ } else { \ - rb_raise(rb_eArgError, "unknown type"); \ + ossl_raise(rb_eArgError, "unknown type"); \ } \ \ t = NUM2ULONG(time_v); \ Index: ext/openssl/ossl_x509crl.c =================================================================== --- ext/openssl/ossl_x509crl.c (revision 32198) +++ ext/openssl/ossl_x509crl.c (revision 32199) @@ -102,7 +102,7 @@ crl = PEM_read_bio_X509_CRL(in, &x, NULL, NULL); DATA_PTR(self) = x; if (!crl) { - (void)BIO_reset(in); + OSSL_BIO_reset(in); crl = d2i_X509_CRL_bio(in, &x); DATA_PTR(self) = x; } Index: ext/openssl/ossl_pkey.c =================================================================== --- ext/openssl/ossl_pkey.c (revision 32198) +++ ext/openssl/ossl_pkey.c (revision 32199) @@ -18,9 +18,6 @@ VALUE ePKeyError; ID id_private_q; -#define reset_bio(b) (void)BIO_reset((b)); \ - (void)ERR_get_error(); - /* * callback for generating keys */ @@ -114,14 +111,14 @@ bio = ossl_obj2bio(data); if (!(pkey = d2i_PrivateKey_bio(bio, NULL))) { - reset_bio(bio); + OSSL_BIO_reset(bio); if (!NIL_P(pass)) { passwd = StringValuePtr(pass); } if (!(pkey = PEM_read_bio_PrivateKey(bio, NULL, ossl_pem_passwd_cb, passwd))) { - reset_bio(bio); + OSSL_BIO_reset(bio); if (!(pkey = d2i_PUBKEY_bio(bio, NULL))) { - reset_bio(bio); + OSSL_BIO_reset(bio); if (!NIL_P(pass)) { passwd = StringValuePtr(pass); } Index: ext/openssl/ossl_pkey_dh.c =================================================================== --- ext/openssl/ossl_pkey_dh.c (revision 32198) +++ ext/openssl/ossl_pkey_dh.c (revision 32199) @@ -180,13 +180,11 @@ in = ossl_obj2bio(arg); dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL); if (!dh){ - (void)BIO_reset(in); - (void)ERR_get_error(); + OSSL_BIO_reset(in); dh = d2i_DHparams_bio(in, NULL); } BIO_free(in); if (!dh) { - (void)ERR_get_error(); ossl_raise(eDHError, NULL); } } Index: ext/openssl/ossl_x509cert.c =================================================================== --- ext/openssl/ossl_x509cert.c (revision 32198) +++ ext/openssl/ossl_x509cert.c (revision 32199) @@ -71,6 +71,7 @@ * prepare for DER... #if !defined(OPENSSL_NO_FP_API) if (!x509) { + (void)ERR_get_error(); rewind(fp); x509 = d2i_X509_fp(fp, NULL); @@ -146,7 +147,7 @@ x509 = PEM_read_bio_X509(in, &x, NULL, NULL); DATA_PTR(self) = x; if (!x509) { - (void)BIO_reset(in); + OSSL_BIO_reset(in); x509 = d2i_X509_bio(in, &x); DATA_PTR(self) = x; } Index: ext/openssl/ossl_pkcs7.c =================================================================== --- ext/openssl/ossl_pkcs7.c (revision 32198) +++ ext/openssl/ossl_pkcs7.c (revision 32199) @@ -320,8 +320,10 @@ p7 = PEM_read_bio_PKCS7(in, &pkcs, NULL, NULL); DATA_PTR(self) = pkcs; if (!p7) { - (void)BIO_reset(in); + OSSL_BIO_reset(in); p7 = d2i_PKCS7_bio(in, &pkcs); + if (!p7) + ossl_raise(rb_eArgError, "Could not parse the PKCS7"); DATA_PTR(self) = pkcs; } BIO_free(in); Index: test/openssl/test_pkey_ec.rb =================================================================== --- test/openssl/test_pkey_ec.rb (revision 32198) +++ test/openssl/test_pkey_ec.rb (revision 32199) @@ -126,6 +126,7 @@ ec2 = OpenSSL::PKey.read(der) assert(ec2.private_key?) assert_equal(der, ec2.to_der) + assert_equal([], OpenSSL.errors) end def test_read_private_key_pem @@ -134,6 +135,7 @@ ec2 = OpenSSL::PKey.read(pem) assert(ec2.private_key?) assert_equal(pem, ec2.to_pem) + assert_equal([], OpenSSL.errors) end def test_read_public_key_der @@ -144,6 +146,7 @@ ec3 = OpenSSL::PKey.read(der) assert(!ec3.private_key?) assert_equal(der, ec3.to_der) + assert_equal([], OpenSSL.errors) end def test_read_public_key_pem @@ -154,6 +157,7 @@ ec3 = OpenSSL::PKey.read(pem) assert(!ec3.private_key?) assert_equal(pem, ec3.to_pem) + assert_equal([], OpenSSL.errors) end def test_read_private_key_pem_pw @@ -168,6 (... truncated) -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/