X509::Store.set_default_paths ignores FileNotFound errors like MRI does

fixes #68 Sponsored by Lookout Inc.
jruby · Sep 11, 2015 · af83d3a · kares · Sep 11, 2015 · mkristian
1 parent 742b9e6
commit af83d3a
Showing 2 changed files with 14 additions and 0 deletions.
diff --git a/src/main/java/org/jruby/ext/openssl/x509store/Store.java b/src/main/java/org/jruby/ext/openssl/x509store/Store.java
@@ -40,6 +40,7 @@
 import javax.net.ssl.X509TrustManager;
 
 import org.jruby.Ruby;
+import org.jruby.util.ResourceException;
 
 /**
  * c: X509_STORE
@@ -372,6 +373,9 @@ public int setDefaultPaths(Ruby runtime) throws Exception {
         catch (FileNotFoundException e) {
             // set_default_paths ignores FileNotFound
         }
+        catch (ResourceException e) {
+            // set_default_paths ignores FileNotFound
+        }
 
         lookup = addLookup(runtime, Lookup.hashDirLookup());
         //if ( lookup == null ) return 0;
@@ -382,6 +386,9 @@ public int setDefaultPaths(Ruby runtime) throws Exception {
         catch (FileNotFoundException e) {
             // set_default_paths ignores FileNotFound
         }
+        catch (ResourceException e) {
+            // set_default_paths ignores FileNotFound
+        }
 
         X509Error.clearErrors();
         return 1;

diff --git a/src/test/ruby/x509/test_x509store.rb b/src/test/ruby/x509/test_x509store.rb
@@ -55,6 +55,13 @@ def test_add_file_to_store_with_custom_cert_file
     assert store.verify( OpenSSL::X509::Certificate.new(File.read(@pem)))
   end
 
+  def test_use_non_existing_cert_file
+    ENV['SSL_CERT_FILE'] = 'non-existing-file.crt'
+    store = OpenSSL::X509::Store.new
+    store.set_default_paths
+    assert !store.verify(@cert)
+  end
+
   def test_verfy_with_wrong_argument
     store = OpenSSL::X509::Store.new
     assert_raise(TypeError) { store.verify( 'not an cert object' ) }