fixed ASN1::Boolean encoding issue for OpenSSL 1.0.0 compatibility

ASN1::Boolean.new(false).to_der wrongly generated "\1\1\377" which means 'true'. ASN1_TYPE_set of OpenSSL <= 0.9.8 treats value 0x100 as 'false' but OpenSSL >= 1.0.0 treats it as 'true'. ruby-ossl was using 0x100 for 'false' for backward compatibility. Just use 0x0 forthe case OpenSSL >= OpenSSL 0.9.7.
arrmac · Jul 11, 2012 · 9d68469 · 9d68469
1 parent 7da3aa4
commit 9d68469
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/ext/openssl/ossl_asn1.c b/ext/openssl/ossl_asn1.c
@@ -196,7 +196,11 @@ static ID sUNIVERSAL, sAPPLICATION, sCONTEXT_SPECIFIC, sPRIVATE;
 static ASN1_BOOLEAN
 obj_to_asn1bool(VALUE obj)
 {
+#if OPENSSL_VERSION_NUMBER < 0x00907000L
      return RTEST(obj) ? 0xff : 0x100;
+#else
+     return RTEST(obj) ? 0xff : 0x0;
+#endif
 }
 
 static ASN1_INTEGER*