Skip to content

Commit

Permalink
Merge pull request #648 from rhenium/ky/error-additional-data
Browse files Browse the repository at this point in the history
Include "additional data" message in OpenSSL errors
  • Loading branch information
rhenium authored Aug 16, 2023
2 parents 283958a + 1c5bbdd commit 3f45150
Show file tree
Hide file tree
Showing 3 changed files with 33 additions and 20 deletions.
29 changes: 17 additions & 12 deletions ext/openssl/ossl.c
Original file line number Diff line number Diff line change
Expand Up @@ -272,23 +272,28 @@ VALUE
ossl_make_error(VALUE exc, VALUE str)
{
unsigned long e;
const char *data;
int flags;

e = ERR_peek_last_error();
if (NIL_P(str))
str = rb_str_new(NULL, 0);

#ifdef HAVE_ERR_GET_ERROR_ALL
e = ERR_peek_last_error_all(NULL, NULL, NULL, &data, &flags);
#else
e = ERR_peek_last_error_line_data(NULL, NULL, &data, &flags);
#endif
if (e) {
const char *msg = ERR_reason_error_string(e);
const char *msg = ERR_reason_error_string(e);

if (NIL_P(str)) {
if (msg) str = rb_str_new_cstr(msg);
}
else {
if (RSTRING_LEN(str)) rb_str_cat2(str, ": ");
rb_str_cat2(str, msg ? msg : "(null)");
}
ossl_clear_error();
if (RSTRING_LEN(str)) rb_str_cat_cstr(str, ": ");
rb_str_cat_cstr(str, msg ? msg : "(null)");
if (flags & ERR_TXT_STRING && data)
rb_str_catf(str, " (%s)", data);
ossl_clear_error();
}

if (NIL_P(str)) str = rb_str_new(0, 0);
return rb_exc_new3(exc, str);
return rb_exc_new_str(exc, str);
}

void
Expand Down
12 changes: 4 additions & 8 deletions test/openssl/test_config.rb
Original file line number Diff line number Diff line change
Expand Up @@ -91,22 +91,19 @@ def test_s_parse_format
assert_equal('123baz456bar798', c['dollar']['qux'])
assert_equal('123baz456bar798.123baz456bar798', c['dollar']['quxx'])

excn = assert_raise(OpenSSL::ConfigError) do
assert_raise_with_message(OpenSSL::ConfigError, /error in line 1: variable has no value/) do
OpenSSL::Config.parse("foo = $bar")
end
assert_equal("error in line 1: variable has no value", excn.message)

excn = assert_raise(OpenSSL::ConfigError) do
assert_raise_with_message(OpenSSL::ConfigError, /error in line 1: no close brace/) do
OpenSSL::Config.parse("foo = $(bar")
end
assert_equal("error in line 1: no close brace", excn.message)

excn = assert_raise(OpenSSL::ConfigError) do
assert_raise_with_message(OpenSSL::ConfigError, /error in line 1: missing equal sign/) do
OpenSSL::Config.parse("f o =b ar # no space in key")
end
assert_equal("error in line 1: missing equal sign", excn.message)

excn = assert_raise(OpenSSL::ConfigError) do
assert_raise_with_message(OpenSSL::ConfigError, /error in line 7: missing close square bracket/) do
OpenSSL::Config.parse(<<__EOC__)
# comment 1 # comments
Expand All @@ -117,7 +114,6 @@ def test_s_parse_format
[third # section not terminated
__EOC__
end
assert_equal("error in line 7: missing close square bracket", excn.message)
end

def test_s_parse_include
Expand Down
12 changes: 12 additions & 0 deletions test/openssl/test_ossl.rb
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,18 @@ def test_memcmp_timing
assert_operator(a_b_time, :<, a_c_time * 10, "fixed_length_secure_compare timing test failed")
assert_operator(a_c_time, :<, a_b_time * 10, "fixed_length_secure_compare timing test failed")
end

def test_error_data
# X509V3_EXT_nconf_nid() called from OpenSSL::X509::ExtensionFactory#create_ext is a function
# that uses ERR_raise_data() to append additional information about the error.
#
# The generated message should look like:
# "subjectAltName = IP:not.a.valid.ip.address: bad ip address (value=not.a.valid.ip.address)"
ef = OpenSSL::X509::ExtensionFactory.new
assert_raise_with_message(OpenSSL::X509::ExtensionError, /\(value=not.a.valid.ip.address\)/) {
ef.create_ext("subjectAltName", "IP:not.a.valid.ip.address")
}
end
end

end

0 comments on commit 3f45150

Please sign in to comment.