Skip to content

Commit

Permalink
convertToAuxCert directly - without the intermediate plain cert list
Browse files Browse the repository at this point in the history
  • Loading branch information
@kares
kares committed Dec 2, 2016
1 parent 989ca42 commit ecfaf4a
Showing 1 changed file with 27 additions and 13 deletions.
40 changes: 27 additions & 13 deletions src/main/java/org/jruby/ext/openssl/SSLContext.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -344,9 +344,7 @@ public IRubyObject setup(final ThreadContext context) {
final List<X509AuxCertificate> clientCert;
if ( value != null && ! value.isNil() ) {
if ( value.respondsTo("each") ) {
final List<X509Cert> cCerts = convertToX509Certs(context, value);
clientCert = new ArrayList<X509AuxCertificate>(cCerts.size());
for ( X509Cert x : cCerts ) clientCert.add( x.getAuxCert() );
clientCert = convertToAuxCerts(context, value);
} else {
if ( ! ( value instanceof X509Cert ) ) {
throw runtime.newTypeError("OpenSSL::X509::Certificate expected but got @client_ca = " + value.inspect());
Expand All @@ -359,9 +357,7 @@ public IRubyObject setup(final ThreadContext context) {
value = getInstanceVariable("@extra_chain_cert");
final List<X509AuxCertificate> extraChainCert;
if ( value != null && ! value.isNil() ) {
final List<X509Cert> eCerts = convertToX509Certs(context, value);
extraChainCert = new ArrayList<X509AuxCertificate>(eCerts.size());
for ( X509Cert x : eCerts ) extraChainCert.add( x.getAuxCert() );
extraChainCert = convertToAuxCerts(context, value);
}
else {
extraChainCert = null;
Expand Down Expand Up @@ -794,19 +790,30 @@ private long getOptions() {
return 0;
}

private List<X509Cert> convertToX509Certs(final ThreadContext context, IRubyObject value) {
final ArrayList<X509Cert> result = new ArrayList<X509Cert>();
private static List<X509AuxCertificate> convertToAuxCerts(final ThreadContext context, IRubyObject value) {
final RubyModule SSLContext = _SSLContext(context.runtime);
final RubyModule Certificate = _Certificate(context.runtime);
if ( value instanceof RubyArray ) {
final RubyArray val = (RubyArray) value;
final int size = val.size();
final ArrayList<X509AuxCertificate> result = new ArrayList<X509AuxCertificate>(size);
for ( int i=0; i<size; i++ ) result.add( assureCertificate(context, Certificate, val.eltInternal(i)).getAuxCert() );
return result;
}
if ( value instanceof List ) {
final List<X509Cert> val = (List) value;
final int size = val.size();
final ArrayList<X509AuxCertificate> result = new ArrayList<X509AuxCertificate>(size);
for ( int i=0; i<size; i++ ) result.add( assureCertificate(context, Certificate, val.get(i)).getAuxCert() );
return result;
}
// else :
final ArrayList<X509AuxCertificate> result = new ArrayList<X509AuxCertificate>();
Utils.invoke(context, value, "each",
CallBlock.newCallClosure(value, SSLContext, Arity.NO_ARGUMENTS, new BlockCallback() {

public IRubyObject call(ThreadContext context, IRubyObject[] args, Block block) {
final IRubyObject cert = args[0];
if ( ! ( Certificate.isInstance(cert) ) ) {
throw context.runtime.newTypeError("wrong argument : " + cert.inspect() + " is not a " + Certificate.getName());
}
result.add( (X509Cert) cert );
result.add( assureCertificate(context, Certificate, args[0]).getAuxCert() );
return context.nil;
}

Expand All @@ -815,6 +822,13 @@ public IRubyObject call(ThreadContext context, IRubyObject[] args, Block block)
return result;
}

private static X509Cert assureCertificate(final ThreadContext context, final RubyModule Certificate, final IRubyObject cert) {
if ( ! ( Certificate.isInstance(cert) ) ) {
throw context.runtime.newTypeError("wrong argument : " + cert.inspect() + " is not a " + Certificate.getName());
}
return (X509Cert) cert;
}

static RubyClass _SSLContext(final Ruby runtime) {
return (RubyClass) _SSL(runtime).getConstantAt("SSLContext");
}
Expand Down

0 comments on commit ecfaf4a

Please sign in to comment.