Skip to content

Commit 3fe1135

Browse files
HoneyryderChuckHoneyryderChuck
committed
make cert/crl/name/attr/revoked/ext/extfactory shareable when frozen
1 parent 9092c27 commit 3fe1135

6 files changed

+42
-7
lines changed

ext/openssl/ossl_x509attr.c

+5-1
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@ static const rb_data_type_t ossl_x509attr_type = {
4141
{
4242
0, ossl_x509attr_free,
4343
},
44-
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
44+
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED | RUBY_TYPED_FROZEN_SHAREABLE,
4545
};
4646

4747
/*
@@ -105,6 +105,7 @@ ossl_x509attr_initialize(int argc, VALUE *argv, VALUE self)
105105
X509_ATTRIBUTE *attr, *x;
106106
const unsigned char *p;
107107

108+
rb_check_frozen(self);
108109
GetX509Attr(self, attr);
109110
if(rb_scan_args(argc, argv, "11", &oid, &value) == 1){
110111
oid = ossl_to_der_if_possible(oid);
@@ -153,6 +154,7 @@ ossl_x509attr_set_oid(VALUE self, VALUE oid)
153154
ASN1_OBJECT *obj;
154155
char *s;
155156

157+
rb_check_frozen(self);
156158
GetX509Attr(self, attr);
157159
s = StringValueCStr(oid);
158160
obj = OBJ_txt2obj(s, 0);
@@ -201,6 +203,8 @@ static VALUE
201203
ossl_x509attr_set_value(VALUE self, VALUE value)
202204
{
203205
X509_ATTRIBUTE *attr;
206+
207+
rb_check_frozen(self);
204208
GetX509Attr(self, attr);
205209

206210
OSSL_Check_Kind(value, cASN1Data);

ext/openssl/ossl_x509cert.c

+10-1
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@ static const rb_data_type_t ossl_x509_type = {
4141
{
4242
0, ossl_x509_free,
4343
},
44-
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
44+
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED | RUBY_TYPED_FROZEN_SHAREABLE,
4545
};
4646

4747
/*
@@ -279,6 +279,7 @@ ossl_x509_set_version(VALUE self, VALUE version)
279279
X509 *x509;
280280
long ver;
281281

282+
rb_check_frozen(self);
282283
if ((ver = NUM2LONG(version)) < 0) {
283284
ossl_raise(eX509CertError, "version must be >= 0!");
284285
}
@@ -313,6 +314,7 @@ ossl_x509_set_serial(VALUE self, VALUE num)
313314
{
314315
X509 *x509;
315316

317+
rb_check_frozen(self);
316318
GetX509(self, x509);
317319
X509_set_serialNumber(x509, num_to_asn1integer(num, X509_get_serialNumber(x509)));
318320

@@ -370,6 +372,7 @@ ossl_x509_set_subject(VALUE self, VALUE subject)
370372
{
371373
X509 *x509;
372374

375+
rb_check_frozen(self);
373376
GetX509(self, x509);
374377
if (!X509_set_subject_name(x509, GetX509NamePtr(subject))) { /* DUPs name */
375378
ossl_raise(eX509CertError, NULL);
@@ -405,6 +408,7 @@ ossl_x509_set_issuer(VALUE self, VALUE issuer)
405408
{
406409
X509 *x509;
407410

411+
rb_check_frozen(self);
408412
GetX509(self, x509);
409413
if (!X509_set_issuer_name(x509, GetX509NamePtr(issuer))) { /* DUPs name */
410414
ossl_raise(eX509CertError, NULL);
@@ -441,6 +445,7 @@ ossl_x509_set_not_before(VALUE self, VALUE time)
441445
X509 *x509;
442446
ASN1_TIME *asn1time;
443447

448+
rb_check_frozen(self);
444449
GetX509(self, x509);
445450
asn1time = ossl_x509_time_adjust(NULL, time);
446451
if (!X509_set1_notBefore(x509, asn1time)) {
@@ -480,6 +485,7 @@ ossl_x509_set_not_after(VALUE self, VALUE time)
480485
X509 *x509;
481486
ASN1_TIME *asn1time;
482487

488+
rb_check_frozen(self);
483489
GetX509(self, x509);
484490
asn1time = ossl_x509_time_adjust(NULL, time);
485491
if (!X509_set1_notAfter(x509, asn1time)) {
@@ -519,6 +525,7 @@ ossl_x509_set_public_key(VALUE self, VALUE key)
519525
X509 *x509;
520526
EVP_PKEY *pkey;
521527

528+
rb_check_frozen(self);
522529
GetX509(self, x509);
523530
pkey = GetPKeyPtr(key);
524531
ossl_pkey_check_public_key(pkey);
@@ -641,6 +648,7 @@ ossl_x509_set_extensions(VALUE self, VALUE ary)
641648
long i;
642649

643650
Check_Type(ary, T_ARRAY);
651+
rb_check_frozen(self);
644652
/* All ary's members should be X509Extension */
645653
for (i=0; i<RARRAY_LEN(ary); i++) {
646654
OSSL_Check_Kind(RARRAY_AREF(ary, i), cX509Ext);
@@ -668,6 +676,7 @@ ossl_x509_add_extension(VALUE self, VALUE extension)
668676
X509 *x509;
669677
X509_EXTENSION *ext;
670678

679+
rb_check_frozen(self);
671680
GetX509(self, x509);
672681
ext = GetX509ExtPtr(extension);
673682
if (!X509_add_ext(x509, ext, -1)) { /* DUPs ext - FREE it */

ext/openssl/ossl_x509crl.c

+8-1
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@ static const rb_data_type_t ossl_x509crl_type = {
4141
{
4242
0, ossl_x509crl_free,
4343
},
44-
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
44+
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED | RUBY_TYPED_FROZEN_SHAREABLE,
4545
};
4646

4747
/*
@@ -153,6 +153,7 @@ ossl_x509crl_set_version(VALUE self, VALUE version)
153153
X509_CRL *crl;
154154
long ver;
155155

156+
rb_check_frozen(self);
156157
if ((ver = NUM2LONG(version)) < 0) {
157158
ossl_raise(eX509CRLError, "version must be >= 0!");
158159
}
@@ -199,6 +200,7 @@ ossl_x509crl_set_issuer(VALUE self, VALUE issuer)
199200
{
200201
X509_CRL *crl;
201202

203+
rb_check_frozen(self);
202204
GetX509CRL(self, crl);
203205

204206
if (!X509_CRL_set_issuer_name(crl, GetX509NamePtr(issuer))) { /* DUPs name */
@@ -227,6 +229,7 @@ ossl_x509crl_set_last_update(VALUE self, VALUE time)
227229
X509_CRL *crl;
228230
ASN1_TIME *asn1time;
229231

232+
rb_check_frozen(self);
230233
GetX509CRL(self, crl);
231234
asn1time = ossl_x509_time_adjust(NULL, time);
232235
if (!X509_CRL_set1_lastUpdate(crl, asn1time)) {
@@ -302,6 +305,7 @@ ossl_x509crl_set_revoked(VALUE self, VALUE ary)
302305
STACK_OF(X509_REVOKED) *sk;
303306
long i;
304307

308+
rb_check_frozen(self);
305309
Check_Type(ary, T_ARRAY);
306310
/* All ary members should be X509 Revoked */
307311
for (i=0; i<RARRAY_LEN(ary); i++) {
@@ -330,6 +334,7 @@ ossl_x509crl_add_revoked(VALUE self, VALUE revoked)
330334
X509_CRL *crl;
331335
X509_REVOKED *rev;
332336

337+
rb_check_frozen(self);
333338
GetX509CRL(self, crl);
334339
rev = DupX509RevokedPtr(revoked);
335340
if (!X509_CRL_add0_revoked(crl, rev)) { /* NO DUP - don't free! */
@@ -469,6 +474,7 @@ ossl_x509crl_set_extensions(VALUE self, VALUE ary)
469474
long i;
470475

471476
Check_Type(ary, T_ARRAY);
477+
rb_check_frozen(self);
472478
/* All ary members should be X509 Extensions */
473479
for (i=0; i<RARRAY_LEN(ary); i++) {
474480
OSSL_Check_Kind(RARRAY_AREF(ary, i), cX509Ext);
@@ -492,6 +498,7 @@ ossl_x509crl_add_extension(VALUE self, VALUE extension)
492498
X509_CRL *crl;
493499
X509_EXTENSION *ext;
494500

501+
rb_check_frozen(self);
495502
GetX509CRL(self, crl);
496503
ext = GetX509ExtPtr(extension);
497504
if (!X509_CRL_add_ext(crl, ext, -1)) {

ext/openssl/ossl_x509ext.c

+11-2
Original file line numberDiff line numberDiff line change
@@ -55,7 +55,7 @@ static const rb_data_type_t ossl_x509ext_type = {
5555
{
5656
0, ossl_x509ext_free,
5757
},
58-
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
58+
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED | RUBY_TYPED_FROZEN_SHAREABLE,
5959
};
6060

6161
/*
@@ -108,7 +108,7 @@ static const rb_data_type_t ossl_x509extfactory_type = {
108108
{
109109
0, ossl_x509extfactory_free,
110110
},
111-
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
111+
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED | RUBY_TYPED_FROZEN_SHAREABLE,
112112
};
113113

114114
static VALUE
@@ -128,6 +128,7 @@ ossl_x509extfactory_set_issuer_cert(VALUE self, VALUE cert)
128128
{
129129
X509V3_CTX *ctx;
130130

131+
rb_check_frozen(self);
131132
GetX509ExtFactory(self, ctx);
132133
rb_iv_set(self, "@issuer_certificate", cert);
133134
ctx->issuer_cert = GetX509CertPtr(cert); /* NO DUP NEEDED */
@@ -140,6 +141,7 @@ ossl_x509extfactory_set_subject_cert(VALUE self, VALUE cert)
140141
{
141142
X509V3_CTX *ctx;
142143

144+
rb_check_frozen(self);
143145
GetX509ExtFactory(self, ctx);
144146
rb_iv_set(self, "@subject_certificate", cert);
145147
ctx->subject_cert = GetX509CertPtr(cert); /* NO DUP NEEDED */
@@ -152,6 +154,7 @@ ossl_x509extfactory_set_subject_req(VALUE self, VALUE req)
152154
{
153155
X509V3_CTX *ctx;
154156

157+
rb_check_frozen(self);
155158
GetX509ExtFactory(self, ctx);
156159
rb_iv_set(self, "@subject_request", req);
157160
ctx->subject_req = GetX509ReqPtr(req); /* NO DUP NEEDED */
@@ -164,6 +167,7 @@ ossl_x509extfactory_set_crl(VALUE self, VALUE crl)
164167
{
165168
X509V3_CTX *ctx;
166169

170+
rb_check_frozen(self);
167171
GetX509ExtFactory(self, ctx);
168172
rb_iv_set(self, "@crl", crl);
169173
ctx->crl = GetX509CRLPtr(crl); /* NO DUP NEEDED */
@@ -181,6 +185,7 @@ ossl_x509extfactory_initialize(int argc, VALUE *argv, VALUE self)
181185

182186
rb_scan_args(argc, argv, "04",
183187
&issuer_cert, &subject_cert, &subject_req, &crl);
188+
rb_check_frozen(self);
184189
if (!NIL_P(issuer_cert))
185190
ossl_x509extfactory_set_issuer_cert(self, issuer_cert);
186191
if (!NIL_P(subject_cert))
@@ -281,6 +286,7 @@ ossl_x509ext_initialize(int argc, VALUE *argv, VALUE self)
281286
const unsigned char *p;
282287
X509_EXTENSION *ext, *x;
283288

289+
rb_check_frozen(self);
284290
GetX509Ext(self, ext);
285291
if(rb_scan_args(argc, argv, "12", &oid, &value, &critical) == 1){
286292
oid = ossl_to_der_if_possible(oid);
@@ -324,6 +330,7 @@ ossl_x509ext_set_oid(VALUE self, VALUE oid)
324330
X509_EXTENSION *ext;
325331
ASN1_OBJECT *obj;
326332

333+
rb_check_frozen(self);
327334
GetX509Ext(self, ext);
328335
obj = OBJ_txt2obj(StringValueCStr(oid), 0);
329336
if (!obj)
@@ -343,6 +350,7 @@ ossl_x509ext_set_value(VALUE self, VALUE data)
343350
X509_EXTENSION *ext;
344351
ASN1_OCTET_STRING *asn1s;
345352

353+
rb_check_frozen(self);
346354
GetX509Ext(self, ext);
347355
data = ossl_to_der_if_possible(data);
348356
StringValue(data);
@@ -361,6 +369,7 @@ ossl_x509ext_set_critical(VALUE self, VALUE flag)
361369
{
362370
X509_EXTENSION *ext;
363371

372+
rb_check_frozen(self);
364373
GetX509Ext(self, ext);
365374
X509_EXTENSION_set_critical(ext, RTEST(flag) ? 1 : 0);
366375

ext/openssl/ossl_x509name.c

+3-1
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ static const rb_data_type_t ossl_x509name_type = {
4646
{
4747
0, ossl_x509name_free,
4848
},
49-
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
49+
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED | RUBY_TYPED_FROZEN_SHAREABLE
5050
};
5151

5252
/*
@@ -148,6 +148,7 @@ ossl_x509name_initialize(int argc, VALUE *argv, VALUE self)
148148
X509_NAME *name;
149149
VALUE arg, template;
150150

151+
rb_check_frozen(self);
151152
GetX509Name(self, name);
152153
if (rb_scan_args(argc, argv, "02", &arg, &template) == 0) {
153154
return self;
@@ -229,6 +230,7 @@ VALUE ossl_x509name_add_entry(int argc, VALUE *argv, VALUE self)
229230
kwargs_ids[1] = rb_intern_const("set");
230231
}
231232
rb_scan_args(argc, argv, "21:", &oid, &value, &type, &opts);
233+
rb_check_frozen(self);
232234
rb_get_kwargs(opts, kwargs_ids, 0, 2, kwargs);
233235
oid_name = StringValueCStr(oid);
234236
StringValue(value);

ext/openssl/ossl_x509revoked.c

+5-1
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@ static const rb_data_type_t ossl_x509rev_type = {
4141
{
4242
0, ossl_x509rev_free,
4343
},
44-
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
44+
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED | RUBY_TYPED_FROZEN_SHAREABLE,
4545
};
4646

4747
/*
@@ -140,6 +140,7 @@ ossl_x509revoked_set_serial(VALUE self, VALUE num)
140140
X509_REVOKED *rev;
141141
ASN1_INTEGER *asn1int;
142142

143+
rb_check_frozen(self);
143144
GetX509Rev(self, rev);
144145
asn1int = num_to_asn1integer(num, NULL);
145146
if (!X509_REVOKED_set_serialNumber(rev, asn1int)) {
@@ -171,6 +172,7 @@ ossl_x509revoked_set_time(VALUE self, VALUE time)
171172
X509_REVOKED *rev;
172173
ASN1_TIME *asn1time;
173174

175+
rb_check_frozen(self);
174176
GetX509Rev(self, rev);
175177
asn1time = ossl_x509_time_adjust(NULL, time);
176178
if (!X509_REVOKED_set_revocationDate(rev, asn1time)) {
@@ -219,6 +221,7 @@ ossl_x509revoked_set_extensions(VALUE self, VALUE ary)
219221
VALUE item;
220222

221223
Check_Type(ary, T_ARRAY);
224+
rb_check_frozen(self);
222225
for (i=0; i<RARRAY_LEN(ary); i++) {
223226
OSSL_Check_Kind(RARRAY_AREF(ary, i), cX509Ext);
224227
}
@@ -241,6 +244,7 @@ ossl_x509revoked_add_extension(VALUE self, VALUE ext)
241244
{
242245
X509_REVOKED *rev;
243246

247+
rb_check_frozen(self);
244248
GetX509Rev(self, rev);
245249
if (!X509_REVOKED_add_ext(rev, GetX509ExtPtr(ext), -1)) {
246250
ossl_raise(eX509RevError, NULL);

0 commit comments

Comments
 (0)