diff options
| author | Kazuki Yamaguchi <[email protected]> | 2020-05-13 14:33:06 +0900 |
|---|---|---|
| committer | Kazuki Yamaguchi <[email protected]> | 2020-05-13 15:47:51 +0900 |
| commit | cc26638cae385a497a3e6b6ad667292819cda938 (patch) | |
| tree | 3744fb50abf8eb2066a17178bdd6130f0c906cf3 /ext/openssl/ossl_ssl.c | |
| parent | 6f008c9d2fec52f2c2d39c04ad83e87c7975105c (diff) | |
[ruby/openssl] ssl: temporarily remove SSLContext#add_certificate_chain_file
Let's revert the changes for now, as it cannot be included in the 2.2.0
release.
My comment on #257:
> A blocker is OpenSSL::SSL::SSLContext#add_certificate_chain_file. It
> has a pending change and I don't want to include it in an incomplete
> state.
>
> The initial implementation in commit 46e4bdba40c5 was not really
> useful. The issue is described in #305. #309 extended it
> to take the corresponding private key together. However, the new
> implementation was incompatible on Windows and was reverted by #320 to
> the initial one.
>
> (The prerequisite to implement it in) an alternative way is #288, and
> it's still cooking.
This effectively reverts the following commits:
- dacd08937ccd ("ssl: suppress test failure with SSLContext#add_certificate_chain_file", 2020-03-09)
- 46e4bdba40c5 ("Add support for SSL_CTX_use_certificate_chain_file. Fixes #254.", 2019-06-13)
https://github.com/ruby/openssl/commit/ea925619a9
Diffstat (limited to 'ext/openssl/ossl_ssl.c')
| -rw-r--r-- | ext/openssl/ossl_ssl.c | 16 |
1 files changed, 0 insertions, 16 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index 337ce5d64d..fe2e85b866 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -1329,21 +1329,6 @@ ossl_sslctx_add_certificate(int argc, VALUE *argv, VALUE self) return self; } -static VALUE -ossl_sslctx_add_certificate_chain_file(VALUE self, VALUE path) -{ - SSL_CTX *ctx; - int ret; - - GetSSLCTX(self, ctx); - StringValueCStr(path); - ret = SSL_CTX_use_certificate_chain_file(ctx, RSTRING_PTR(path)); - if (ret != 1) - ossl_raise(eSSLError, "SSL_CTX_use_certificate_chain_file"); - - return Qtrue; -} - /* * call-seq: * ctx.session_add(session) -> true | false @@ -2795,7 +2780,6 @@ Init_ossl_ssl(void) rb_define_method(cSSLContext, "enable_fallback_scsv", ossl_sslctx_enable_fallback_scsv, 0); #endif rb_define_method(cSSLContext, "add_certificate", ossl_sslctx_add_certificate, -1); - rb_define_method(cSSLContext, "add_certificate_chain_file", ossl_sslctx_add_certificate_chain_file, 1); rb_define_method(cSSLContext, "setup", ossl_sslctx_setup, 0); rb_define_alias(cSSLContext, "freeze", "setup"); |