Project

General

Profile

Actions
Copy link

Bug #12704

closed

Fix typo in ossl_ocspreq_sign

Added by Eregon (Benoit Daloze) over 7 years ago. Updated over 7 years ago.

Status:
Closed
Assignee:
rhenium (Kazuki Yamaguchi)
Target version:
-
ruby -v:
ruby 2.4.0dev (2016-08-21 trunk 55976) [x86_64-linux]
Backport:
2.1: WONTFIX, 2.2: WONTFIX, 2.3: WONTFIX
[ruby-core:77061]

Description

The code of ossl_ocspreq_sign reads:

static VALUE
ossl_ocspreq_sign(int argc, VALUE *argv, VALUE self)
{
    VALUE signer_cert, signer_key, certs, flags, digest;
    OCSP_REQUEST *req;
    X509 *signer;
    EVP_PKEY *key;
    STACK_OF(X509) *x509s = NULL;
    unsigned long flg = 0;
    const EVP_MD *md;
    int ret;

    ...
    if (NIL_P(certs))
	flags |= OCSP_NOCERTS;

The last line is wrong since it uses "flags" instead of "flg".

The fix seems to be:

diff --git a/ext/openssl/ossl_ocsp.c b/ext/openssl/ossl_ocsp.c
index c0f2dfe..baea202 100644
--- a/ext/openssl/ossl_ocsp.c
+++ b/ext/openssl/ossl_ocsp.c
@@ -399,7 +399,7 @@ ossl_ocspreq_sign(int argc, VALUE *argv, VALUE self)
     else
 	md = GetDigestPtr(digest);
     if (NIL_P(certs))
-	flags |= OCSP_NOCERTS;
+	flg |= OCSP_NOCERTS;
     else
 	x509s = ossl_x509_ary2sk(certs);

Which is also what ossl_ocspbres_sign does.

Actions
Copy link
 #1 [ruby-core:77071]

Updated by hsbt (Hiroshi SHIBATA) over 7 years ago

  • Status changed from Open to Assigned
  • Assignee set to rhenium (Kazuki Yamaguchi)
Actions
Copy link
 #2 [ruby-core:77072]

Updated by rhenium (Kazuki Yamaguchi) over 7 years ago

  • Status changed from Assigned to Closed
  • Backport changed from 2.1: UNKNOWN, 2.2: UNKNOWN, 2.3: UNKNOWN to 2.1: WONTFIX, 2.2: WONTFIX, 2.3: WONTFIX

Thanks. It was fixed at upstream: https://github.com/ruby/openssl/commit/b692681c849d6cd9d54b8ce63bc567e6c8e3e21a

Since the correct behavior was undocumented in Ruby <= 2.3, I think it is safer not to backport.

Actions
Copy link

Also available in: Atom PDF

Like0
Like0Like0