ruby-changes:42976
From: rhe <ko1@a...>
Date: Wed, 18 May 2016 13:07:50 +0900 (JST)
Subject: [ruby-changes:42976] rhe:r55050 (trunk): openssl: report errors in OpenSSL error queue when clear it
rhe 2016-05-18 13:07:45 +0900 (Wed, 18 May 2016) New Revision: 55050 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=55050 Log: openssl: report errors in OpenSSL error queue when clear it * ext/openssl/ossl.c (ossl_clear_error): Extracted from ossl_make_error(). This prints errors in the OpenSSL error queue if OpenSSL.debug is true, and clears the queue. (ossl_make_error): use ossl_clear_error(). * ext/openssl/ossl.h: add prototype declaration of ossl_make_error(). (OSSL_BIO_reset) use ossl_clear_error() to clear the queue. Clearing silently makes debugging difficult. * ext/openssl/ossl_engine.c (ossl_engine_s_by_id): ditto. * ext/openssl/ossl_ns_spki.c (ossl_spki_initialize): ditto. * ext/openssl/ossl_pkcs7.c (ossl_pkcs7_verify): ditto. * ext/openssl/ossl_pkey_dsa.c (ossl_dsa_initialize): ditto. * ext/openssl/ossl_pkey_ec.c (ossl_ec_key_initialize): ditto. (ossl_ec_group_initialize): ditto. * ext/openssl/ossl_ssl.c (ossl_ssl_shutdown): ditto. Modified files: trunk/ChangeLog trunk/ext/openssl/ossl.c trunk/ext/openssl/ossl.h trunk/ext/openssl/ossl_engine.c trunk/ext/openssl/ossl_ns_spki.c trunk/ext/openssl/ossl_pkcs7.c trunk/ext/openssl/ossl_pkey_dsa.c trunk/ext/openssl/ossl_pkey_ec.c trunk/ext/openssl/ossl_ssl.c Index: ext/openssl/ossl_pkey_dsa.c =================================================================== --- ext/openssl/ossl_pkey_dsa.c (revision 55049) +++ ext/openssl/ossl_pkey_dsa.c (revision 55050) @@ -244,7 +244,7 @@ ossl_dsa_initialize(int argc, VALUE *arg https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_dsa.c#L244 } BIO_free(in); if (!dsa) { - ERR_clear_error(); + ossl_clear_error(); ossl_raise(eDSAError, "Neither PUB key nor PRIV key"); } } Index: ext/openssl/ossl_engine.c =================================================================== --- ext/openssl/ossl_engine.c (revision 55049) +++ ext/openssl/ossl_engine.c (revision 55050) @@ -224,7 +224,7 @@ ossl_engine_s_by_id(VALUE klass, VALUE i https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_engine.c#L224 ossl_raise(eEngineError, NULL); ENGINE_ctrl(e, ENGINE_CTRL_SET_PASSWORD_CALLBACK, 0, NULL, (void(*)(void))ossl_pem_passwd_cb); - ERR_clear_error(); + ossl_clear_error(); return obj; } Index: ext/openssl/ossl_ns_spki.c =================================================================== --- ext/openssl/ossl_ns_spki.c (revision 55049) +++ ext/openssl/ossl_ns_spki.c (revision 55050) @@ -94,7 +94,7 @@ ossl_spki_initialize(int argc, VALUE *ar https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_ns_spki.c#L94 } NETSCAPE_SPKI_free(DATA_PTR(self)); DATA_PTR(self) = spki; - ERR_clear_error(); + ossl_clear_error(); return self; } Index: ext/openssl/ossl_pkcs7.c =================================================================== --- ext/openssl/ossl_pkcs7.c (revision 55049) +++ ext/openssl/ossl_pkcs7.c (revision 55050) @@ -779,7 +779,7 @@ ossl_pkcs7_verify(int argc, VALUE *argv, https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkcs7.c#L779 if (ok < 0) ossl_raise(ePKCS7Error, NULL); msg = ERR_reason_error_string(ERR_get_error()); ossl_pkcs7_set_err_string(self, msg ? rb_str_new2(msg) : Qnil); - ERR_clear_error(); + ossl_clear_error(); data = ossl_membio2str(out); ossl_pkcs7_set_data(self, data); sk_X509_pop_free(x509s, X509_free); Index: ext/openssl/ossl_ssl.c =================================================================== --- ext/openssl/ossl_ssl.c (revision 55049) +++ ext/openssl/ossl_ssl.c (revision 55050) @@ -1161,7 +1161,7 @@ ossl_ssl_shutdown(SSL *ssl) https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_ssl.c#L1161 break; } SSL_clear(ssl); - ERR_clear_error(); + ossl_clear_error(); } } Index: ext/openssl/ossl_pkey_ec.c =================================================================== --- ext/openssl/ossl_pkey_ec.c (revision 55049) +++ ext/openssl/ossl_pkey_ec.c (revision 55050) @@ -213,7 +213,7 @@ static VALUE ossl_ec_key_initialize(int https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_ec.c#L213 const char *name = StringValueCStr(arg); int nid = OBJ_sn2nid(name); - (void)ERR_get_error(); + ossl_clear_error(); /* ignore errors in the previous d2i_EC_PUBKEY_bio() */ if (nid == NID_undef) ossl_raise(eECError, "unknown curve name (%s)\n", name); @@ -808,7 +808,7 @@ static VALUE ossl_ec_group_initialize(in https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_ec.c#L808 const char *name = StringValueCStr(arg1); int nid = OBJ_sn2nid(name); - (void)ERR_get_error(); + ossl_clear_error(); /* ignore errors in d2i_ECPKParameters_bio() */ if (nid == NID_undef) ossl_raise(eEC_GROUP, "unknown curve name (%s)", name); Index: ext/openssl/ossl.c =================================================================== --- ext/openssl/ossl.c (revision 55049) +++ ext/openssl/ossl.c (revision 55050) @@ -318,12 +318,7 @@ ossl_make_error(VALUE exc, const char *f https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl.c#L318 rb_str_cat2(str, msg ? msg : "(null)"); } } - if (dOSSL == Qtrue){ /* show all errors on the stack */ - while ((e = ERR_get_error()) != 0){ - rb_warn("error on stack: %s", ERR_error_string(e, NULL)); - } - } - ERR_clear_error(); + ossl_clear_error(); if (NIL_P(str)) str = rb_str_new(0, 0); return rb_exc_new3(exc, str); @@ -351,6 +346,18 @@ ossl_exc_new(VALUE exc, const char *fmt, https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl.c#L346 return err; } +void +ossl_clear_error(void) +{ + if (dOSSL == Qtrue) { + long e; + while ((e = ERR_get_error())) { + rb_warn("error on stack: %s", ERR_error_string(e, NULL)); + } + } + ERR_clear_error(); +} + /* * call-seq: * OpenSSL.errors -> [String...] Index: ext/openssl/ossl.h =================================================================== --- ext/openssl/ossl.h (revision 55049) +++ ext/openssl/ossl.h (revision 55050) @@ -154,8 +154,10 @@ int ossl_pem_passwd_cb(char *, int, int, https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl.h#L154 * Clear BIO* with this in PEM/DER fallback scenarios to avoid decoding * errors piling up in OpenSSL::Errors */ -#define OSSL_BIO_reset(bio) (void)BIO_reset((bio)); \ - ERR_clear_error(); +#define OSSL_BIO_reset(bio) do { \ + (void)BIO_reset((bio)); \ + ossl_clear_error(); \ +} while (0) /* * ERRor messages @@ -163,6 +165,8 @@ int ossl_pem_passwd_cb(char *, int, int, https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl.h#L165 #define OSSL_ErrMsg() ERR_reason_error_string(ERR_get_error()) NORETURN(void ossl_raise(VALUE, const char *, ...)); VALUE ossl_exc_new(VALUE, const char *, ...); +/* Clear OpenSSL error queue. If dOSSL is set, rb_warn() them. */ +void ossl_clear_error(void); /* * Verify callback Index: ChangeLog =================================================================== --- ChangeLog (revision 55049) +++ ChangeLog (revision 55050) @@ -1,3 +1,27 @@ https://github.com/ruby/ruby/blob/trunk/ChangeLog#L1 +Wed May 18 12:07:42 2016 Kazuki Yamaguchi <k@r...> + + * ext/openssl/ossl.c (ossl_clear_error): Extracted from + ossl_make_error(). This prints errors in the OpenSSL error queue if + OpenSSL.debug is true, and clears the queue. + (ossl_make_error): use ossl_clear_error(). + + * ext/openssl/ossl.h: add prototype declaration of ossl_make_error(). + (OSSL_BIO_reset) use ossl_clear_error() to clear the queue. Clearing + silently makes debugging difficult. + + * ext/openssl/ossl_engine.c (ossl_engine_s_by_id): ditto. + + * ext/openssl/ossl_ns_spki.c (ossl_spki_initialize): ditto. + + * ext/openssl/ossl_pkcs7.c (ossl_pkcs7_verify): ditto. + + * ext/openssl/ossl_pkey_dsa.c (ossl_dsa_initialize): ditto. + + * ext/openssl/ossl_pkey_ec.c (ossl_ec_key_initialize): ditto. + (ossl_ec_group_initialize): ditto. + + * ext/openssl/ossl_ssl.c (ossl_ssl_shutdown): ditto. + Wed May 18 11:53:49 2016 Kazuki Yamaguchi <k@r...> * ext/openssl/ossl_pkey_ec.c (ossl_ec_point_mul): Validate the -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/