diff options
| author | rhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2017-06-14 09:49:09 +0000 |
|---|---|---|
| committer | rhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2017-06-14 09:49:09 +0000 |
| commit | 9eb92007b6c2ab2b1fe031c3681144e51e2bcc14 (patch) | |
| tree | 30f9be0741e8ce45db7639cd700031e7d24dbd4d /ext/openssl/ossl_x509store.c | |
| parent | dbf67bf02db7afcca46b58e5b48fc7d805818e48 (diff) | |
openssl: import v2.0.4
Import Ruby/OpenSSL 2.0.4. Only bug (and typo) fixes. The full commit
history since v2.0.3 (imported at r57482) can be found at:
https://github.com/ruby/openssl/compare/v2.0.3...v2.0.4
This contains the fix for [Bug #11033].
----------------------------------------------------------------
Jun Aruga (1):
Update .travis.yml and Dockerfile
Kazuki Yamaguchi (9):
test/test_pkey_ec: do not use dummy 0 order
test/test_ssl: fix typo in test_sysread_and_syswrite
ssl: check return value of SSL_set_fd()
Fix typos
test/test_x509store: skip OpenSSL::TestX509Store#test_set_errors
tool/sync-with-trunk: 'LASY' -> 'LAST'
x509store: clear error queue after calling X509_LOOKUP_load_file()
extconf.rb: simplify searching libraries logic
Ruby/OpenSSL 2.0.4
SHIBATA Hiroshi (1):
Fix typos
Vladimir Rybas (1):
Fix documentation for OpenSSL::Cipher#final
nobu (2):
openssl: fix broken openssl check
openssl: fix broken openssl check
usa (1):
Search SSL libraries by testing various filename patterns
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59081 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext/openssl/ossl_x509store.c')
| -rw-r--r-- | ext/openssl/ossl_x509store.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/ext/openssl/ossl_x509store.c b/ext/openssl/ossl_x509store.c index eb81e0d473..4becc8e3cd 100644 --- a/ext/openssl/ossl_x509store.c +++ b/ext/openssl/ossl_x509store.c @@ -342,6 +342,15 @@ ossl_x509store_add_file(VALUE self, VALUE file) if(X509_LOOKUP_load_file(lookup, path, X509_FILETYPE_PEM) != 1){ ossl_raise(eX509StoreError, NULL); } +#if OPENSSL_VERSION_NUMBER < 0x10101000 || defined(LIBRESSL_VERSION_NUMBER) + /* + * X509_load_cert_crl_file() which is called from X509_LOOKUP_load_file() + * did not check the return value of X509_STORE_add_{cert,crl}(), leaking + * "cert already in hash table" errors on the error queue, if duplicate + * certificates are found. This will be fixed by OpenSSL 1.1.1. + */ + ossl_clear_error(); +#endif return self; } |