X509-Name-hash_old.diff

Hiroshi Nakamura, 05/31/2011 09:42 PM

Download (3.16 KB)

View differences:

ChangeLog (working copy)
1
Tue May 31 21:07:53 2011  Hiroshi Nakamura  <nahi@ruby-lang.org>
2

  
3
	* ext/openssl/ossl_x509name.c: added X509::Name#hash_old as a wrapper
4
	  for X509_NAME_hash_old in OpenSSL 1.0.0.
5

  
6
	* test/openssl/test_x509name.rb (test_hash): make test pass with
7
	  OpenSSL 1.0.0.
8

  
1 9
Tue May 31 17:03:24 2011  Hiroshi Nakamura  <nahi@ruby-lang.org>
2 10

  
3 11
	* lib/net/http.rb, lib/net/protocol.rb: Allow to configure to wait
ext/openssl/ossl_x509name.c (working copy)
317 317
    return ULONG2NUM(hash);
318 318
}
319 319

  
320
#ifdef HAVE_X509_NAME_HASH_OLD
320 321
/*
321 322
 * call-seq:
323
 *    name.hash_old => integer
324
 *
325
 * hash_old returns MD5 based hash used in OpenSSL 0.9.X.
326
 */
327
static VALUE
328
ossl_x509name_hash_old(VALUE self)
329
{
330
    X509_NAME *name;
331
    unsigned long hash;
332

  
333
    GetX509Name(self, name);
334

  
335
    hash = X509_NAME_hash_old(name);
336

  
337
    return ULONG2NUM(hash);
338
}
339
#endif
340

  
341
/*
342
 * call-seq:
322 343
 *    name.to_der => string
323 344
 */
324 345
static VALUE
......
364 385
    rb_define_alias(cX509Name, "<=>", "cmp");
365 386
    rb_define_method(cX509Name, "eql?", ossl_x509name_eql, 1);
366 387
    rb_define_method(cX509Name, "hash", ossl_x509name_hash, 0);
388
#ifdef HAVE_X509_NAME_HASH_OLD
389
    rb_define_method(cX509Name, "hash_old", ossl_x509name_hash_old, 0);
390
#endif
367 391
    rb_define_method(cX509Name, "to_der", ossl_x509name_to_der, 0);
368 392

  
369 393
    utf8str = INT2NUM(V_ASN1_UTF8STRING);
ext/openssl/extconf.rb (working copy)
94 94
have_func("X509_CRL_set_issuer_name")
95 95
have_func("X509_CRL_set_version")
96 96
have_func("X509_CRL_sort")
97
have_func("X509_NAME_hash_old")
97 98
have_func("X509_STORE_get_ex_data")
98 99
have_func("X509_STORE_set_ex_data")
99 100
have_func("OBJ_NAME_do_all_sorted")
test/openssl/test_x509name.rb (working copy)
271 271

  
272 272
    assert_equal -1, n1 <=> n2
273 273
  end
274

  
275
  def name_hash(name)
276
    # OpenSSL 1.0.0 uses SHA1 for canonical encoding (not just a der) of
277
    # X509Name for X509_NAME_hash.
278
    name.respond_to?(:hash_old) ? name.hash_old : name.hash
279
  end
280

  
281
  def test_hash
282
    dn = "/DC=org/DC=ruby-lang/CN=www.ruby-lang.org"
283
    name = OpenSSL::X509::Name.parse(dn)
284
    d = Digest::MD5.digest(name.to_der)
285
    expected = (d[0].ord & 0xff) | (d[1].ord & 0xff) << 8 | (d[2].ord & 0xff) << 16 | (d[3].ord & 0xff) << 24
286
    assert_equal(expected, name_hash(name))
287
    #
288
    dn = "/DC=org/DC=ruby-lang/CN=baz.ruby-lang.org"
289
    name = OpenSSL::X509::Name.parse(dn)
290
    d = Digest::MD5.digest(name.to_der)
291
    expected = (d[0].ord & 0xff) | (d[1].ord & 0xff) << 8 | (d[2].ord & 0xff) << 16 | (d[3].ord & 0xff) << 24
292
    assert_equal(expected, name_hash(name))
293
  end
274 294
end
275 295

  
276 296
end