Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: jruby/jruby-openssl
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 4b22d38205a2
Choose a base ref
...
head repository: jruby/jruby-openssl
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 6d3eba1d3c4e
Choose a head ref
  • 3 commits
  • 2 files changed
  • 1 contributor

Commits on Aug 27, 2015

  1. make sure we hold a buffered reader so that the loop continues readin… 

    …g PEMs

internally readPEM makes the reader buffered but its not the same!

change introduced in 0.9.8 at e25518f

causing #67
    @kares
    kares committed Aug 27, 2015
    Copy the full SHA
    fca2e71 View commit details

  2. always use buffered-reader esp. when reading in loop (closing #67) 

    fixes incompatibility introduced at e25518f
    @kares
    kares committed Aug 27, 2015
    Copy the full SHA
    a4cc46d View commit details

  3. X.509 addError 13 makes no sense and is never actually executed

    @kares
    kares committed Aug 27, 2015
    Copy the full SHA
    6d3eba1 View commit details
Showing with 61 additions and 29 deletions.
  1. +21 −21 src/main/java/org/jruby/ext/openssl/x509store/Lookup.java
  2. +40 −8 src/main/java/org/jruby/ext/openssl/x509store/PEMInputOutput.java
42 changes: 21 additions & 21 deletions src/main/java/org/jruby/ext/openssl/x509store/Lookup.java
View file
Original file line number Diff line number Diff line change
@@ -184,30 +184,35 @@ public int loadCertificateFile(final String file, final int type) throws IOExcep

final Object[] cached = certCache.get(file);

Reader reader = null;
BufferedReader reader = null;
try {
X509AuxCertificate auxCert;
if ( type == X509_FILETYPE_PEM ) {
int count = 0;
if ( cached != null ) {
for ( int c = 0; c < cached.length; c++ ) {
boolean storeError = false; for ( int c = 0; c < cached.length; c++ ) {
auxCert = buildAuxFromCached((X509Certificate) cached[c]);
final int i = store.addCertificate(auxCert);
if ( i != 0 ) count++;

if ( ! storeError ) {
if ( store.addCertificate(auxCert) != 0 ) count++;
else { storeError = true; count = 0; } // return 0
}
}
}
else {
reader = new InputStreamReader(wrapJRubyNormalizedInputStream(file));
reader = new BufferedReader(new InputStreamReader(wrapJRubyNormalizedInputStream(file)));
final ArrayList<Object> cacheEntry = new ArrayList<Object>(8);

for (;;) {
boolean storeError = false; for (;;) {
auxCert = PEMInputOutput.readX509Aux(reader, null);
if ( auxCert == null ) break;

cacheEntry.add( auxCert.cloneForCache() ); // make sure we cache aux

final int i = store.addCertificate(auxCert);
if ( i != 0 ) count++;
if ( ! storeError ) {
if ( store.addCertificate(auxCert) != 0 ) count++;
else { storeError = true; count = 0; } // return 0
}
}

certCache.put(file, cacheEntry.toArray( new Object[ cacheEntry.size() ] ));
@@ -228,7 +233,6 @@ else if ( type == X509_FILETYPE_ASN1 ) {
auxCert = new X509AuxCertificate(cert);
certCache.put(file, new Object[] { auxCert.cloneForCache() });
}

//if ( auxCert == null ) {
// X509Error.addError(13); return 0;
//}
@@ -258,7 +262,7 @@ private static X509AuxCertificate buildAuxFromCached(final X509Certificate cache
public int loadCRLFile(final String file, final int type) throws Exception {
if ( file == null ) return 1;

Reader reader = null;
BufferedReader reader = null;
try {
InputStream in = wrapJRubyNormalizedInputStream(file);
CRL crl;
@@ -267,17 +271,16 @@ public int loadCRLFile(final String file, final int type) throws Exception {
int count = 0; for (;;) {
crl = PEMInputOutput.readX509CRL(reader, null);
if ( crl == null ) break;
final int i = store.addCRL(crl);
if ( i == 0 ) return 0; count++;
if ( store.addCRL(crl) == 0 ) return 0;
count++;
}
return count;
}
else if ( type == X509_FILETYPE_ASN1 ) {
crl = SecurityHelper.getCertificateFactory("X.509").generateCRL(in);
if ( crl == null ) {
X509Error.addError(13);
return 0;
}
//if ( crl == null ) {
// X509Error.addError(13); return 0;
//}
return store.addCRL(crl);
}
else {
@@ -292,8 +295,6 @@ else if ( type == X509_FILETYPE_ASN1 ) {
}
}



/**
* c: X509_LOOKUP_load_cert_crl_file
*/
@@ -302,9 +303,8 @@ public int loadCertificateOrCRLFile(final String file, final int type) throws IO

final Object[] cached = certCache.get(file);

Reader reader = null;
BufferedReader reader = null;
try {

int count = 0;
if ( cached != null ) {
for ( int c = 0; c < cached.length; c++ ) {
@@ -320,7 +320,7 @@ else if ( cert instanceof CRL ) {
}
}
else {
reader = new InputStreamReader(wrapJRubyNormalizedInputStream(file));
reader = new BufferedReader(new InputStreamReader(wrapJRubyNormalizedInputStream(file)));
final ArrayList<Object> cacheEntry = new ArrayList<Object>(8);
for (;;) {
Object cert = PEMInputOutput.readPEM(reader, null);
48 changes: 40 additions & 8 deletions src/main/java/org/jruby/ext/openssl/x509store/PEMInputOutput.java
View file
Original file line number Diff line number Diff line change
@@ -189,10 +189,18 @@ private static BufferedWriter makeBuffered(Writer out) {
}

/**
* c: PEM_X509_INFO_read_bio
* @deprecated Prefer passing in a buffered-reader esp. in loops as the
* method might return a X.509 object before reading the full PEM file !
*/
public static Object readPEM(final Reader in, final char[] passwd) throws IOException {
final BufferedReader reader = makeBuffered(in); String line;
return readPEM(makeBuffered(in), passwd);
}

/**
* c: PEM_X509_INFO_read_bio
*/
public static Object readPEM(final BufferedReader reader, final char[] passwd) throws IOException {
String line;
while ( ( line = reader.readLine() ) != null ) {
if ( line.indexOf(BEG_STRING_PUBLIC) != -1 ) {
try {
@@ -573,9 +581,17 @@ public static CMSSignedData readPKCS7(Reader in, char[] f) throws IOException {
return null;
}

public static X509AuxCertificate readX509Certificate(final Reader in, final char[] passwd)
/**
* @deprecated Prefer passing in a buffered-reader esp. in loops as the
* method might return a X.509 object before reading the full PEM file !
*/
public static X509AuxCertificate readX509Certificate(final Reader in, final char[] passwd) throws IOException {
return readX509Certificate(makeBuffered(in), passwd);
}

public static X509AuxCertificate readX509Certificate(final BufferedReader reader, final char[] passwd)
throws IOException {
final BufferedReader reader = makeBuffered(in); String line;
String line;
while ( ( line = reader.readLine() ) != null ) {
if ( line.indexOf(BEG_STRING_X509_OLD) != -1 ) {
try {
@@ -605,9 +621,17 @@ else if ( line.indexOf(BEG_STRING_X509_TRUSTED) != -1 ) {
return null;
}

public static X509AuxCertificate readX509Aux(final Reader in, final char[] passwd)
/**
* @deprecated Prefer passing in a buffered-reader esp. in loops as the
* method might return a X.509 object before reading the full PEM file !
*/
public static X509AuxCertificate readX509Aux(final Reader in, final char[] passwd) throws IOException {
return readX509Aux(makeBuffered(in), passwd);
}

public static X509AuxCertificate readX509Aux(final BufferedReader reader, final char[] passwd)
throws IOException {
final BufferedReader reader = makeBuffered(in); String line;
String line;
while ( ( line = reader.readLine() ) != null ) {
if ( line.indexOf(BEG_STRING_X509_OLD) != -1 ) {
try {
@@ -637,8 +661,16 @@ else if ( line.indexOf(BEG_STRING_X509_TRUSTED) != -1 ) {
return null;
}

public static X509CRL readX509CRL(final Reader in, final char[] passwd) throws IOException {
final BufferedReader reader = makeBuffered(in); String line;
/**
* @deprecated Prefer passing in a buffered-reader esp. in loops as the
* method might return a X.509 object before reading the full PEM file !
*/
public static X509CRL readX509CRL(final Reader reader, final char[] passwd) throws IOException {
return readX509CRL(makeBuffered(reader), passwd);
}

public static X509CRL readX509CRL(final BufferedReader reader, final char[] passwd) throws IOException {
String line;
while ( ( line = reader.readLine() ) != null ) {
if ( line.indexOf(BEG_STRING_X509_CRL) != -1 ) {
try {