diff options
author | Romuald Brunet <romuald@chivil.com> | 2019-01-21 19:38:33 +0100 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2019-01-21 12:38:33 -0600 |
commit | 4183beb4bc3f72d656dd9f18acb0ddcabca5ca79 (patch) | |
tree | a1bebfdc1db26a115c03e8fa3b2abe3d90128932 /src | |
parent | 7d5a3bfd55c7c9de71af877e773dce4554cf455b (diff) | |
download | pyopenssl-git-4183beb4bc3f72d656dd9f18acb0ddcabca5ca79.tar.gz |
Handle NULL bytes in get_components() values (#804)
* Handle NULL bytes in get_components() values
Some old software may generate "bogus" CN with each character preceded
by a NULL.
This is already handled in commonName, but wasn't in get_components()
* review fixes (fix py3 test & avoid unpack/cast)
Diffstat (limited to 'src')
-rw-r--r-- | src/OpenSSL/crypto.py | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/src/OpenSSL/crypto.py b/src/OpenSSL/crypto.py index d555083..715e1ae 100644 --- a/src/OpenSSL/crypto.py +++ b/src/OpenSSL/crypto.py @@ -695,11 +695,11 @@ class X509Name(object): nid = _lib.OBJ_obj2nid(fname) name = _lib.OBJ_nid2sn(nid) - result.append(( - _ffi.string(name), - _ffi.string( - _lib.ASN1_STRING_data(fval), - _lib.ASN1_STRING_length(fval)))) + # ffi.string does not handle strings containing NULL bytes + # (which may have been generated by old, broken software) + value = _ffi.buffer(_lib.ASN1_STRING_data(fval), + _lib.ASN1_STRING_length(fval))[:] + result.append((_ffi.string(name), value)) return result |