Merge pull request #413 from ruby/backport-ruby-core

Backport ruby core repo

Author: hsbt

ext/openssl/ossl_ssl.c

@@ -2412,8 +2412,6 @@ ossl_ssl_tmp_key(VALUE self)
 # endif /* defined(HAVE_SSL_GET_SERVER_TMP_KEY) */
 #endif /* !defined(OPENSSL_NO_SOCK) */
 
-#undef rb_intern
-#define rb_intern(s) rb_intern_const(s)
 void
 Init_ossl_ssl(void)
 {
@@ -2424,8 +2422,8 @@ Init_ossl_ssl(void)
     rb_mWaitWritable = rb_define_module_under(rb_cIO, "WaitWritable");
 #endif
 
-    id_call = rb_intern("call");
-    ID_callback_state = rb_intern("callback_state");
+    id_call = rb_intern_const("call");
+    ID_callback_state = rb_intern_const("callback_state");
 
     ossl_ssl_ex_vcb_idx = SSL_get_ex_new_index(0, (void *)"ossl_ssl_ex_vcb_idx", 0, 0, 0);
     if (ossl_ssl_ex_vcb_idx < 0)
@@ -2492,37 +2490,37 @@ Init_ossl_ssl(void)
      * The _cert_, _key_, and _extra_chain_cert_ attributes are deprecated.
      * It is recommended to use #add_certificate instead.
      */
-    rb_attr(cSSLContext, rb_intern("cert"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("cert"), 1, 1, Qfalse);
 
     /*
      * Context private key
      *
      * The _cert_, _key_, and _extra_chain_cert_ attributes are deprecated.
      * It is recommended to use #add_certificate instead.
      */
-    rb_attr(cSSLContext, rb_intern("key"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("key"), 1, 1, Qfalse);
 
     /*
      * A certificate or Array of certificates that will be sent to the client.
      */
-    rb_attr(cSSLContext, rb_intern("client_ca"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("client_ca"), 1, 1, Qfalse);
 
     /*
      * The path to a file containing a PEM-format CA certificate
      */
-    rb_attr(cSSLContext, rb_intern("ca_file"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("ca_file"), 1, 1, Qfalse);
 
     /*
      * The path to a directory containing CA certificates in PEM format.
      *
      * Files are looked up by subject's X509 name's hash value.
      */
-    rb_attr(cSSLContext, rb_intern("ca_path"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("ca_path"), 1, 1, Qfalse);
 
     /*
      * Maximum session lifetime in seconds.
      */
-    rb_attr(cSSLContext, rb_intern("timeout"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("timeout"), 1, 1, Qfalse);
 
     /*
      * Session verification mode.
@@ -2535,12 +2533,12 @@ Init_ossl_ssl(void)
      *
      * See SSL_CTX_set_verify(3) for details.
      */
-    rb_attr(cSSLContext, rb_intern("verify_mode"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("verify_mode"), 1, 1, Qfalse);
 
     /*
      * Number of CA certificates to walk when verifying a certificate chain.
      */
-    rb_attr(cSSLContext, rb_intern("verify_depth"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("verify_depth"), 1, 1, Qfalse);
 
     /*
      * A callback for additional certificate verification.  The callback is
@@ -2554,20 +2552,20 @@ Init_ossl_ssl(void)
      * If the callback returns +false+, the chain verification is immediately
      * stopped and a bad_certificate alert is then sent.
      */
-    rb_attr(cSSLContext, rb_intern("verify_callback"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("verify_callback"), 1, 1, Qfalse);
 
     /*
      * Whether to check the server certificate is valid for the hostname.
      *
      * In order to make this work, verify_mode must be set to VERIFY_PEER and
      * the server hostname must be given by OpenSSL::SSL::SSLSocket#hostname=.
      */
-    rb_attr(cSSLContext, rb_intern("verify_hostname"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("verify_hostname"), 1, 1, Qfalse);
 
     /*
      * An OpenSSL::X509::Store used for certificate verification.
      */
-    rb_attr(cSSLContext, rb_intern("cert_store"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("cert_store"), 1, 1, Qfalse);
 
     /*
      * An Array of extra X509 certificates to be added to the certificate
@@ -2576,7 +2574,7 @@ Init_ossl_ssl(void)
      * The _cert_, _key_, and _extra_chain_cert_ attributes are deprecated.
      * It is recommended to use #add_certificate instead.
      */
-    rb_attr(cSSLContext, rb_intern("extra_chain_cert"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("extra_chain_cert"), 1, 1, Qfalse);
 
     /*
      * A callback invoked when a client certificate is requested by a server
@@ -2586,14 +2584,14 @@ Init_ossl_ssl(void)
      * containing an OpenSSL::X509::Certificate and an OpenSSL::PKey.  If any
      * other value is returned the handshake is suspended.
      */
-    rb_attr(cSSLContext, rb_intern("client_cert_cb"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("client_cert_cb"), 1, 1, Qfalse);
 
     /*
      * Sets the context in which a session can be reused.  This allows
      * sessions for multiple applications to be distinguished, for example, by
      * name.
      */
-    rb_attr(cSSLContext, rb_intern("session_id_context"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("session_id_context"), 1, 1, Qfalse);
 
     /*
      * A callback invoked on a server when a session is proposed by the client
@@ -2602,15 +2600,15 @@ Init_ossl_ssl(void)
      * The callback is invoked with the SSLSocket and session id.  The
      * callback may return a Session from an external cache.
      */
-    rb_attr(cSSLContext, rb_intern("session_get_cb"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("session_get_cb"), 1, 1, Qfalse);
 
     /*
      * A callback invoked when a new session was negotiated.
      *
      * The callback is invoked with an SSLSocket.  If +false+ is returned the
      * session will be removed from the internal cache.
      */
-    rb_attr(cSSLContext, rb_intern("session_new_cb"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("session_new_cb"), 1, 1, Qfalse);
 
     /*
      * A callback invoked when a session is removed from the internal cache.
@@ -2621,7 +2619,7 @@ Init_ossl_ssl(void)
      * multi-threaded application. The callback is called inside a global lock
      * and it can randomly cause deadlock on Ruby thread switching.
      */
-    rb_attr(cSSLContext, rb_intern("session_remove_cb"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("session_remove_cb"), 1, 1, Qfalse);
 
     rb_define_const(mSSLExtConfig, "HAVE_TLSEXT_HOST_NAME", Qtrue);
 
@@ -2644,7 +2642,7 @@ Init_ossl_ssl(void)
      *     raise RuntimeError, "Client renegotiation disabled"
      *   end
      */
-    rb_attr(cSSLContext, rb_intern("renegotiation_cb"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("renegotiation_cb"), 1, 1, Qfalse);
 #ifndef OPENSSL_NO_NEXTPROTONEG
     /*
      * An Enumerable of Strings. Each String represents a protocol to be
@@ -2657,7 +2655,7 @@ Init_ossl_ssl(void)
      *
      *   ctx.npn_protocols = ["http/1.1", "spdy/2"]
      */
-    rb_attr(cSSLContext, rb_intern("npn_protocols"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("npn_protocols"), 1, 1, Qfalse);
     /*
      * A callback invoked on the client side when the client needs to select
      * a protocol from the list sent by the server. Supported in OpenSSL 1.0.1
@@ -2674,7 +2672,7 @@ Init_ossl_ssl(void)
      *     protocols.first
      *   end
      */
-    rb_attr(cSSLContext, rb_intern("npn_select_cb"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("npn_select_cb"), 1, 1, Qfalse);
 #endif
 
 #ifdef HAVE_SSL_CTX_SET_ALPN_SELECT_CB
@@ -2689,7 +2687,7 @@ Init_ossl_ssl(void)
      *
      *   ctx.alpn_protocols = ["http/1.1", "spdy/2", "h2"]
      */
-    rb_attr(cSSLContext, rb_intern("alpn_protocols"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("alpn_protocols"), 1, 1, Qfalse);
     /*
      * A callback invoked on the server side when the server needs to select
      * a protocol from the list sent by the client. Supported in OpenSSL 1.0.2
@@ -2706,7 +2704,7 @@ Init_ossl_ssl(void)
      *     protocols.first
      *   end
      */
-    rb_attr(cSSLContext, rb_intern("alpn_select_cb"), 1, 1, Qfalse);
+    rb_attr(cSSLContext, rb_intern_const("alpn_select_cb"), 1, 1, Qfalse);
 #endif
 
     rb_define_alias(cSSLContext, "ssl_timeout", "timeout");
@@ -2934,15 +2932,15 @@ Init_ossl_ssl(void)
 #endif
 
 
-    sym_exception = ID2SYM(rb_intern("exception"));
-    sym_wait_readable = ID2SYM(rb_intern("wait_readable"));
-    sym_wait_writable = ID2SYM(rb_intern("wait_writable"));
+    sym_exception = ID2SYM(rb_intern_const("exception"));
+    sym_wait_readable = ID2SYM(rb_intern_const("wait_readable"));
+    sym_wait_writable = ID2SYM(rb_intern_const("wait_writable"));
 
-    id_tmp_dh_callback = rb_intern("tmp_dh_callback");
-    id_npn_protocols_encoded = rb_intern("npn_protocols_encoded");
+    id_tmp_dh_callback = rb_intern_const("tmp_dh_callback");
+    id_npn_protocols_encoded = rb_intern_const("npn_protocols_encoded");
 
 #define DefIVarID(name) do \
-    id_i_##name = rb_intern("@"#name); while (0)
+    id_i_##name = rb_intern_const("@"#name); while (0)
 
     DefIVarID(cert_store);
     DefIVarID(ca_file);

ext/openssl/ossl_ts.c

@@ -1247,24 +1247,24 @@ Init_ossl_ts(void)
      * timestamp server rejects the message imprint algorithm used in the
      * +Request+
      */
-    sBAD_ALG = rb_intern("BAD_ALG");
+    sBAD_ALG = rb_intern_const("BAD_ALG");
 
     /*
      * Possible return value for +Response#failure_info+. Indicates that the
      * timestamp server was not able to process the +Request+ properly.
      */
-    sBAD_REQUEST = rb_intern("BAD_REQUEST");
+    sBAD_REQUEST = rb_intern_const("BAD_REQUEST");
     /*
      * Possible return value for +Response#failure_info+. Indicates that the
      * timestamp server was not able to parse certain data in the +Request+.
      */
-    sBAD_DATA_FORMAT = rb_intern("BAD_DATA_FORMAT");
+    sBAD_DATA_FORMAT = rb_intern_const("BAD_DATA_FORMAT");
 
-    sTIME_NOT_AVAILABLE = rb_intern("TIME_NOT_AVAILABLE");
-    sUNACCEPTED_POLICY = rb_intern("UNACCEPTED_POLICY");
-    sUNACCEPTED_EXTENSION = rb_intern("UNACCEPTED_EXTENSION");
-    sADD_INFO_NOT_AVAILABLE = rb_intern("ADD_INFO_NOT_AVAILABLE");
-    sSYSTEM_FAILURE = rb_intern("SYSTEM_FAILURE");
+    sTIME_NOT_AVAILABLE = rb_intern_const("TIME_NOT_AVAILABLE");
+    sUNACCEPTED_POLICY = rb_intern_const("UNACCEPTED_POLICY");
+    sUNACCEPTED_EXTENSION = rb_intern_const("UNACCEPTED_EXTENSION");
+    sADD_INFO_NOT_AVAILABLE = rb_intern_const("ADD_INFO_NOT_AVAILABLE");
+    sSYSTEM_FAILURE = rb_intern_const("SYSTEM_FAILURE");
 
     /* Document-class: OpenSSL::Timestamp
      * Provides classes and methods to request, create and validate
@@ -1503,11 +1503,11 @@ Init_ossl_ts(void)
      *
      */
     cTimestampFactory = rb_define_class_under(mTimestamp, "Factory", rb_cObject);
-    rb_attr(cTimestampFactory, rb_intern("allowed_digests"), 1, 1, 0);
-    rb_attr(cTimestampFactory, rb_intern("default_policy_id"), 1, 1, 0);
-    rb_attr(cTimestampFactory, rb_intern("serial_number"), 1, 1, 0);
-    rb_attr(cTimestampFactory, rb_intern("gen_time"), 1, 1, 0);
-    rb_attr(cTimestampFactory, rb_intern("additional_certs"), 1, 1, 0);
+    rb_attr(cTimestampFactory, rb_intern_const("allowed_digests"), 1, 1, 0);
+    rb_attr(cTimestampFactory, rb_intern_const("default_policy_id"), 1, 1, 0);
+    rb_attr(cTimestampFactory, rb_intern_const("serial_number"), 1, 1, 0);
+    rb_attr(cTimestampFactory, rb_intern_const("gen_time"), 1, 1, 0);
+    rb_attr(cTimestampFactory, rb_intern_const("additional_certs"), 1, 1, 0);
     rb_define_method(cTimestampFactory, "create_timestamp", ossl_tsfac_create_ts, 3);
 }
 

lib/openssl/buffering.rb

@@ -31,7 +31,7 @@ def initialize
 
       force_encoding(BINARY)
     end
-    
+
     def << string
       if string.encoding == BINARY
         super(string)

lib/openssl/ssl.rb

@@ -238,7 +238,7 @@ module SocketForwarder
       def fileno
         to_io.fileno
       end
-      
+
       def addr
         to_io.addr
       end