at least OpenSSL.debug potential env read failure on set_default_paths

kares · kares · commit 6701f8e443ae · 2016-11-04T09:58:46.000+01:00
diff --git a/src/main/java/org/jruby/ext/openssl/OpenSSL.java b/src/main/java/org/jruby/ext/openssl/OpenSSL.java
@@ -216,11 +216,11 @@ static void debugStackTrace(final Ruby runtime, final Throwable e) {
         if ( isDebug(runtime) ) e.printStackTrace(runtime.getOut());
     }
 
-    static void debug(final Ruby runtime, final String msg) {
+    public static void debug(final Ruby runtime, final String msg) {
         if ( isDebug(runtime) ) runtime.getOut().println(msg);
     }
 
-    static void debug(final Ruby runtime, final String msg, final Throwable e) {
+    public static void debug(final Ruby runtime, final String msg, final Throwable e) {
         if ( isDebug(runtime) ) runtime.getOut().println(msg + ' ' + e);
     }
 
diff --git a/src/main/java/org/jruby/ext/openssl/x509store/Lookup.java b/src/main/java/org/jruby/ext/openssl/x509store/Lookup.java
@@ -27,6 +27,7 @@
  ***** END LICENSE BLOCK *****/
 package org.jruby.ext.openssl.x509store;
 
+import org.jruby.ext.openssl.OpenSSL;
 import org.jruby.ext.openssl.util.Cache;
 import static org.jruby.ext.openssl.x509store.X509Utils.X509_CERT_DIR;
 import static org.jruby.ext.openssl.x509store.X509Utils.X509_FILETYPE_ASN1;
@@ -356,10 +357,10 @@ public int loadDefaultJavaCACertsFile(String certsFile) throws IOException, Gene
         final FileInputStream fin = new FileInputStream(certsFile);
         int count = 0;
         try {
-	    // hardcode the keystore type, as we expcet cacerts to be a java
-	    // keystore - especially needed for jdk9
+	        // hardcode the keystore type, as we expect cacerts to be a java
+	        // keystore - especially needed for jdk9
             KeyStore keystore = SecurityHelper.getKeyStore("jks");
-	    // we pass a null password, as the cacerts file isn't password protected
+	        // null password - as the cacerts file isn't password protected
             keystore.load(fin, null);
             PKIXParameters params = new PKIXParameters(keystore);
             for ( TrustAnchor trustAnchor : params.getTrustAnchors() ) {
@@ -515,9 +516,11 @@ public int call(final Lookup ctx, final Integer cmd, final String argp, final Nu
             case X509_L_FILE_LOAD:
                 if (arglInt == X509_FILETYPE_DEFAULT) {
                     try {
-                        file = ctx.envEntry( getDefaultCertificateFileEnvironment() );
+                        file = ctx.envEntry( getDefaultCertificateFileEnvironment() ); // ENV['SSL_CERT_FILE']
+                    }
+                    catch (RuntimeException e) {
+                        OpenSSL.debug(ctx.runtime, "failed to read SSL_CERT_FILE", e);
                     }
-                    catch (RuntimeException e) { }
                     if (file == null) {
                         file = X509Utils.X509_CERT_FILE.replace('/', File.separatorChar);
                     }
diff --git a/src/main/java/org/jruby/ext/openssl/x509store/LookupMethod.java b/src/main/java/org/jruby/ext/openssl/x509store/LookupMethod.java
@@ -37,15 +37,15 @@
 public class LookupMethod {
     public String name;
 
-    static interface NewItemFunction extends Function1<Lookup> {}
-    static interface FreeFunction extends Function1<Lookup> {}
-    static interface InitFunction extends Function1<Lookup> {}
-    static interface ShutdownFunction extends Function1<Lookup> {}
-    static interface ControlFunction extends Function5<Lookup, Integer, String, Number, String[]> {}
-    static interface BySubjectFunction extends Function4<Lookup, Integer, Name, X509Object[]> {}
-    static interface ByIssuerSerialNumberFunction extends Function5<Lookup, Integer, Name, BigInteger, X509Object[]> {}
-    static interface ByFingerprintFunction extends Function4<Lookup, Integer, String, X509Object[]> {}
-    static interface ByAliasFunction extends Function4<Lookup, Integer, String, X509Object[]> {}
+    interface NewItemFunction extends Function1<Lookup> {}
+    interface FreeFunction extends Function1<Lookup> {}
+    interface InitFunction extends Function1<Lookup> {}
+    interface ShutdownFunction extends Function1<Lookup> {}
+    interface ControlFunction extends Function5<Lookup, Integer, String, Number, String[]> {}
+    interface BySubjectFunction extends Function4<Lookup, Integer, Name, X509Object[]> {}
+    interface ByIssuerSerialNumberFunction extends Function5<Lookup, Integer, Name, BigInteger, X509Object[]> {}
+    interface ByFingerprintFunction extends Function4<Lookup, Integer, String, X509Object[]> {}
+    interface ByAliasFunction extends Function4<Lookup, Integer, String, X509Object[]> {}
 
     /**
      * c: new_item

Original file line number	Diff line number	Diff line change
`@@ -216,11 +216,11 @@ static void debugStackTrace(final Ruby runtime, final Throwable e) {`
`216`	`216`	`if ( isDebug(runtime) ) e.printStackTrace(runtime.getOut());`
`217`	`217`	`}`
`218`	`218`
`219`		`- static void debug(final Ruby runtime, final String msg) {`
	`219`	`+ public static void debug(final Ruby runtime, final String msg) {`
`220`	`220`	`if ( isDebug(runtime) ) runtime.getOut().println(msg);`
`221`	`221`	`}`
`222`	`222`
`223`		`- static void debug(final Ruby runtime, final String msg, final Throwable e) {`
	`223`	`+ public static void debug(final Ruby runtime, final String msg, final Throwable e) {`
`224`	`224`	`if ( isDebug(runtime) ) runtime.getOut().println(msg + ' ' + e);`
`225`	`225`	`}`
`226`	`226`