From 711d14992e89aa922f10f62431dda6420a038979 Mon Sep 17 00:00:00 2001 From: Nobuyoshi Nakada Date: Sun, 14 Dec 2025 16:11:02 +0900 Subject: [PATCH 1/3] Adjust indents [ci skip] --- parse.y | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/parse.y b/parse.y index 496dc21b11baec..4754435fab0d21 100644 --- a/parse.y +++ b/parse.y @@ -4569,10 +4569,10 @@ primary : inline_primary m->nd_plen = 1; m->nd_next = $for_var; break; - case NODE_MASGN: /* e.each {|*internal_var| a, b, c = (internal_var.length == 1 && Array === (tmp = internal_var[0]) ? tmp : internal_var); ... } */ + case NODE_MASGN: /* e.each {|*internal_var| a, b, c = (internal_var.length == 1 && Array === (tmp = internal_var[0]) ? tmp : internal_var); ... } */ m->nd_next = node_assign(p, $for_var, NEW_FOR_MASGN(internal_var, &@for_var), NO_LEX_CTXT, &@for_var); break; - default: /* e.each {|*internal_var| @a, B, c[1], d.attr = internal_val; ... } */ + default: /* e.each {|*internal_var| @a, B, c[1], d.attr = internal_val; ... } */ m->nd_next = node_assign(p, (NODE *)NEW_MASGN(NEW_LIST($for_var, &@for_var), 0, &@for_var), internal_var, NO_LEX_CTXT, &@for_var); } /* {|*internal_id| = internal_id; ... } */ @@ -4692,7 +4692,7 @@ primary : inline_primary if (!p->ctxt.in_defined) { switch (p->ctxt.in_rescue) { case before_rescue: yyerror1(&@1, "Invalid retry without rescue"); break; - case after_rescue: /* ok */ break; + case after_rescue: /* ok */ break; case after_else: yyerror1(&@1, "Invalid retry after else"); break; case after_ensure: yyerror1(&@1, "Invalid retry after ensure"); break; } @@ -5122,10 +5122,10 @@ numparam : { ; it_id : { - $$ = p->it_id; - p->it_id = 0; - } - ; + $$ = p->it_id; + p->it_id = 0; + } + ; lambda : tLAMBDA[lpar] { @@ -5441,7 +5441,7 @@ p_top_expr : p_top_expr_body } ; -p_top_expr_body : p_expr +p_top_expr_body : p_expr | p_expr ',' { $$ = new_array_pattern_tail(p, 0, 1, 0, 0, &@$); @@ -5794,7 +5794,7 @@ p_value : p_primitive | p_const ; -p_primitive : inline_primary +p_primitive : inline_primary | keyword_variable { if (!($$ = gettable(p, $1, &@$))) $$ = NEW_ERROR(&@$); @@ -6058,7 +6058,7 @@ xstring_contents: /* none */ } ; -regexp_contents: /* none */ +regexp_contents : /* none */ { $$ = 0; /*% ripper: regexp_new! %*/ @@ -6205,14 +6205,14 @@ user_variable : ident_or_const | nonlocal_var ; -keyword_variable : keyword_nil {$$ = KWD2EID(nil, $1);} - | keyword_self {$$ = KWD2EID(self, $1);} - | keyword_true {$$ = KWD2EID(true, $1);} - | keyword_false {$$ = KWD2EID(false, $1);} - | keyword__FILE__ {$$ = KWD2EID(_FILE__, $1);} - | keyword__LINE__ {$$ = KWD2EID(_LINE__, $1);} - | keyword__ENCODING__ {$$ = KWD2EID(_ENCODING__, $1);} - ; +keyword_variable: keyword_nil {$$ = KWD2EID(nil, $1);} + | keyword_self {$$ = KWD2EID(self, $1);} + | keyword_true {$$ = KWD2EID(true, $1);} + | keyword_false {$$ = KWD2EID(false, $1);} + | keyword__FILE__ {$$ = KWD2EID(_FILE__, $1);} + | keyword__LINE__ {$$ = KWD2EID(_LINE__, $1);} + | keyword__ENCODING__ {$$ = KWD2EID(_ENCODING__, $1);} + ; var_ref : user_variable { From 7969b654181af13f547afb88834f017694881353 Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi Date: Thu, 30 Jan 2025 02:47:18 +0900 Subject: [PATCH 2/3] [ruby/openssl] x509cert: update doc for OpenSSL::X509::Certificate#== Mention the underlying OpenSSL function. Add a note about the unreliable comparison when called on an incomplete object. Fixes https://github.com/ruby/openssl/issues/844 https://github.com/ruby/openssl/commit/736af5b3c7 --- ext/openssl/ossl_x509cert.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/ext/openssl/ossl_x509cert.c b/ext/openssl/ossl_x509cert.c index 4d69008fdd9a81..95679c7d24ea72 100644 --- a/ext/openssl/ossl_x509cert.c +++ b/ext/openssl/ossl_x509cert.c @@ -671,6 +671,12 @@ ossl_x509_add_extension(VALUE self, VALUE extension) * * Compares the two certificates. Note that this takes into account all fields, * not just the issuer name and the serial number. + * + * This method uses X509_cmp() from OpenSSL, which compares certificates based + * on their cached DER encodings. The comparison can be unreliable if a + * certificate is incomplete. + * + * See also the man page X509_cmp(3). */ static VALUE ossl_x509_eq(VALUE self, VALUE other) From 674c3d73e0f92d730bd2e544be344585a638ab37 Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi Date: Sun, 14 Dec 2025 19:33:16 +0900 Subject: [PATCH 3/3] [ruby/openssl] pkcs7: raise OpenSSL::PKCS7::PKCS7Error in #initialize When d2i_PKCS7_bio() and PEM_read_bio_PKCS7() fail to decode the input, OpenSSL::PKCS7.new currently raises ArgumentError. The usual practice in ruby/openssl where an error originates from the underlying OpenSSL library is to raise OpenSSL::OpenSSLError. Raise OpenSSL::PKCS7::PKCS7Error instead for consistency with OpenSSL::PKCS7.read_smime and all other existing #initialize methods that handle DER/PEM-encoded inputs. https://github.com/ruby/openssl/commit/67a608ce53 --- ext/openssl/ossl_pkcs7.c | 4 ++-- test/openssl/test_pkcs7.rb | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ext/openssl/ossl_pkcs7.c b/ext/openssl/ossl_pkcs7.c index 88f06c8831c188..6e51fd42b90fac 100644 --- a/ext/openssl/ossl_pkcs7.c +++ b/ext/openssl/ossl_pkcs7.c @@ -390,10 +390,10 @@ ossl_pkcs7_initialize(int argc, VALUE *argv, VALUE self) } BIO_free(in); if (!p7) - ossl_raise(rb_eArgError, "Could not parse the PKCS7"); + ossl_raise(ePKCS7Error, "Could not parse the PKCS7"); if (!p7->d.ptr) { PKCS7_free(p7); - ossl_raise(rb_eArgError, "No content in PKCS7"); + ossl_raise(ePKCS7Error, "No content in PKCS7"); } RTYPEDDATA_DATA(self) = p7; diff --git a/test/openssl/test_pkcs7.rb b/test/openssl/test_pkcs7.rb index 85ee68c6d18fde..b3129c0cdfe610 100644 --- a/test/openssl/test_pkcs7.rb +++ b/test/openssl/test_pkcs7.rb @@ -304,7 +304,7 @@ def test_data def test_empty_signed_data_ruby_bug_19974 data = "-----BEGIN PKCS7-----\nMAsGCSqGSIb3DQEHAg==\n-----END PKCS7-----\n" - assert_raise(ArgumentError) { OpenSSL::PKCS7.new(data) } + assert_raise(OpenSSL::PKCS7::PKCS7Error) { OpenSSL::PKCS7.new(data) } data = <