Merge branch 'maint-3.3'

* maint-3.3:
  Ruby/OpenSSL 3.3.2
  Ruby/OpenSSL 3.2.3
  Ruby/OpenSSL 3.1.3
  Check NULL values for deprecated EVP_PKEY_get0() functions

Author: rhenium

History.md

@@ -1,3 +1,9 @@
+Version 3.3.2
+=============
+
+Merged changes in 3.1.3 and 3.2.3.
+
+
 Version 3.3.1
 =============
 
@@ -80,6 +86,12 @@ And various non-user-visible changes and bug fixes. Please see the commit
 history for more details.
 
 
+Version 3.2.3
+=============
+
+Merged changes in 3.1.3.
+
+
 Version 3.2.2
 =============
 
@@ -132,6 +144,16 @@ Notable changes
   [[GitHub #141]](https://github.com/ruby/openssl/pull/141)
 
 
+Version 3.1.3
+=============
+
+Bug fixes
+---------
+
+* Fix missing NULL check for `EVP_PKEY_get0()` functions with OpenSSL 3.x.
+  [[GitHub #957]](https://github.com/ruby/openssl/pull/957)
+
+
 Version 3.1.2
 =============
 

ext/openssl/ossl_pkey_dh.c

@@ -21,6 +21,8 @@
     EVP_PKEY *_pkey; \
     GetPKeyDH((obj), _pkey); \
     (dh) = EVP_PKEY_get0_DH(_pkey); \
+    if ((dh) == NULL) \
+        ossl_raise(eDHError, "failed to get DH from EVP_PKEY"); \
 } while (0)
 
 /*

ext/openssl/ossl_pkey_dsa.c

@@ -21,6 +21,8 @@
     EVP_PKEY *_pkey; \
     GetPKeyDSA((obj), _pkey); \
     (dsa) = EVP_PKEY_get0_DSA(_pkey); \
+    if ((dsa) == NULL) \
+        ossl_raise(eDSAError, "failed to get DSA from EVP_PKEY"); \
 } while (0)
 
 static inline int

ext/openssl/ossl_pkey_ec.c

@@ -22,6 +22,8 @@ static const rb_data_type_t ossl_ec_point_type;
     EVP_PKEY *_pkey; \
     GetPKeyEC(obj, _pkey); \
     (key) = EVP_PKEY_get0_EC_KEY(_pkey); \
+    if ((key) == NULL) \
+        ossl_raise(eECError, "failed to get EC_KEY from EVP_PKEY"); \
 } while (0)
 
 #define GetECGroup(obj, group) do { \

ext/openssl/ossl_pkey_rsa.c

@@ -21,6 +21,8 @@
     EVP_PKEY *_pkey; \
     GetPKeyRSA((obj), _pkey); \
     (rsa) = EVP_PKEY_get0_RSA(_pkey); \
+    if ((rsa) == NULL) \
+        ossl_raise(eRSAError, "failed to get RSA from EVP_PKEY"); \
 } while (0)
 
 static inline int