diff --git a/ext/openssl/ossl_pkcs7.c b/ext/openssl/ossl_pkcs7.c index 88f06c8831c188..6e51fd42b90fac 100644 --- a/ext/openssl/ossl_pkcs7.c +++ b/ext/openssl/ossl_pkcs7.c @@ -390,10 +390,10 @@ ossl_pkcs7_initialize(int argc, VALUE *argv, VALUE self) } BIO_free(in); if (!p7) - ossl_raise(rb_eArgError, "Could not parse the PKCS7"); + ossl_raise(ePKCS7Error, "Could not parse the PKCS7"); if (!p7->d.ptr) { PKCS7_free(p7); - ossl_raise(rb_eArgError, "No content in PKCS7"); + ossl_raise(ePKCS7Error, "No content in PKCS7"); } RTYPEDDATA_DATA(self) = p7; diff --git a/ext/openssl/ossl_x509cert.c b/ext/openssl/ossl_x509cert.c index 4d69008fdd9a81..95679c7d24ea72 100644 --- a/ext/openssl/ossl_x509cert.c +++ b/ext/openssl/ossl_x509cert.c @@ -671,6 +671,12 @@ ossl_x509_add_extension(VALUE self, VALUE extension) * * Compares the two certificates. Note that this takes into account all fields, * not just the issuer name and the serial number. + * + * This method uses X509_cmp() from OpenSSL, which compares certificates based + * on their cached DER encodings. The comparison can be unreliable if a + * certificate is incomplete. + * + * See also the man page X509_cmp(3). */ static VALUE ossl_x509_eq(VALUE self, VALUE other) diff --git a/parse.y b/parse.y index 496dc21b11baec..4754435fab0d21 100644 --- a/parse.y +++ b/parse.y @@ -4569,10 +4569,10 @@ primary : inline_primary m->nd_plen = 1; m->nd_next = $for_var; break; - case NODE_MASGN: /* e.each {|*internal_var| a, b, c = (internal_var.length == 1 && Array === (tmp = internal_var[0]) ? tmp : internal_var); ... } */ + case NODE_MASGN: /* e.each {|*internal_var| a, b, c = (internal_var.length == 1 && Array === (tmp = internal_var[0]) ? tmp : internal_var); ... } */ m->nd_next = node_assign(p, $for_var, NEW_FOR_MASGN(internal_var, &@for_var), NO_LEX_CTXT, &@for_var); break; - default: /* e.each {|*internal_var| @a, B, c[1], d.attr = internal_val; ... } */ + default: /* e.each {|*internal_var| @a, B, c[1], d.attr = internal_val; ... } */ m->nd_next = node_assign(p, (NODE *)NEW_MASGN(NEW_LIST($for_var, &@for_var), 0, &@for_var), internal_var, NO_LEX_CTXT, &@for_var); } /* {|*internal_id| = internal_id; ... } */ @@ -4692,7 +4692,7 @@ primary : inline_primary if (!p->ctxt.in_defined) { switch (p->ctxt.in_rescue) { case before_rescue: yyerror1(&@1, "Invalid retry without rescue"); break; - case after_rescue: /* ok */ break; + case after_rescue: /* ok */ break; case after_else: yyerror1(&@1, "Invalid retry after else"); break; case after_ensure: yyerror1(&@1, "Invalid retry after ensure"); break; } @@ -5122,10 +5122,10 @@ numparam : { ; it_id : { - $$ = p->it_id; - p->it_id = 0; - } - ; + $$ = p->it_id; + p->it_id = 0; + } + ; lambda : tLAMBDA[lpar] { @@ -5441,7 +5441,7 @@ p_top_expr : p_top_expr_body } ; -p_top_expr_body : p_expr +p_top_expr_body : p_expr | p_expr ',' { $$ = new_array_pattern_tail(p, 0, 1, 0, 0, &@$); @@ -5794,7 +5794,7 @@ p_value : p_primitive | p_const ; -p_primitive : inline_primary +p_primitive : inline_primary | keyword_variable { if (!($$ = gettable(p, $1, &@$))) $$ = NEW_ERROR(&@$); @@ -6058,7 +6058,7 @@ xstring_contents: /* none */ } ; -regexp_contents: /* none */ +regexp_contents : /* none */ { $$ = 0; /*% ripper: regexp_new! %*/ @@ -6205,14 +6205,14 @@ user_variable : ident_or_const | nonlocal_var ; -keyword_variable : keyword_nil {$$ = KWD2EID(nil, $1);} - | keyword_self {$$ = KWD2EID(self, $1);} - | keyword_true {$$ = KWD2EID(true, $1);} - | keyword_false {$$ = KWD2EID(false, $1);} - | keyword__FILE__ {$$ = KWD2EID(_FILE__, $1);} - | keyword__LINE__ {$$ = KWD2EID(_LINE__, $1);} - | keyword__ENCODING__ {$$ = KWD2EID(_ENCODING__, $1);} - ; +keyword_variable: keyword_nil {$$ = KWD2EID(nil, $1);} + | keyword_self {$$ = KWD2EID(self, $1);} + | keyword_true {$$ = KWD2EID(true, $1);} + | keyword_false {$$ = KWD2EID(false, $1);} + | keyword__FILE__ {$$ = KWD2EID(_FILE__, $1);} + | keyword__LINE__ {$$ = KWD2EID(_LINE__, $1);} + | keyword__ENCODING__ {$$ = KWD2EID(_ENCODING__, $1);} + ; var_ref : user_variable { diff --git a/test/openssl/test_pkcs7.rb b/test/openssl/test_pkcs7.rb index 85ee68c6d18fde..b3129c0cdfe610 100644 --- a/test/openssl/test_pkcs7.rb +++ b/test/openssl/test_pkcs7.rb @@ -304,7 +304,7 @@ def test_data def test_empty_signed_data_ruby_bug_19974 data = "-----BEGIN PKCS7-----\nMAsGCSqGSIb3DQEHAg==\n-----END PKCS7-----\n" - assert_raise(ArgumentError) { OpenSSL::PKCS7.new(data) } + assert_raise(OpenSSL::PKCS7::PKCS7Error) { OpenSSL::PKCS7.new(data) } data = <