Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
X509::Store.set_default_paths ignores FileNotFound errors like MRI does
Browse files Browse the repository at this point in the history
fixes #68

Sponsored by Lookout Inc.
mkristian committed Sep 11, 2015
1 parent 742b9e6 commit af83d3a
Showing 2 changed files with 14 additions and 0 deletions.
7 changes: 7 additions & 0 deletions src/main/java/org/jruby/ext/openssl/x509store/Store.java
Original file line number Diff line number Diff line change
@@ -40,6 +40,7 @@
import javax.net.ssl.X509TrustManager;

import org.jruby.Ruby;
import org.jruby.util.ResourceException;

This comment has been minimized.

Copy link
@kares

kares Sep 11, 2015

Member

could we do this backwards compatibly - seems like no biggie ... won't exists on 1.7.4 ?

This comment has been minimized.

Copy link
@mkristian

mkristian Sep 12, 2015

Author Member

sure, will do


/**
* c: X509_STORE
@@ -372,6 +373,9 @@ public int setDefaultPaths(Ruby runtime) throws Exception {
catch (FileNotFoundException e) {
// set_default_paths ignores FileNotFound
}
catch (ResourceException e) {
// set_default_paths ignores FileNotFound
}

lookup = addLookup(runtime, Lookup.hashDirLookup());
//if ( lookup == null ) return 0;
@@ -382,6 +386,9 @@ public int setDefaultPaths(Ruby runtime) throws Exception {
catch (FileNotFoundException e) {
// set_default_paths ignores FileNotFound
}
catch (ResourceException e) {
// set_default_paths ignores FileNotFound
}

X509Error.clearErrors();
return 1;
7 changes: 7 additions & 0 deletions src/test/ruby/x509/test_x509store.rb
Original file line number Diff line number Diff line change
@@ -55,6 +55,13 @@ def test_add_file_to_store_with_custom_cert_file
assert store.verify( OpenSSL::X509::Certificate.new(File.read(@pem)))
end

def test_use_non_existing_cert_file
ENV['SSL_CERT_FILE'] = 'non-existing-file.crt'
store = OpenSSL::X509::Store.new
store.set_default_paths
assert !store.verify(@cert)
end

def test_verfy_with_wrong_argument
store = OpenSSL::X509::Store.new
assert_raise(TypeError) { store.verify( 'not an cert object' ) }

0 comments on commit af83d3a

Please sign in to comment.