diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2018-10-07 10:10:09 +0800 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2018-10-06 22:10:09 -0400 |
commit | 0c07580a216d4b75bfdca22254803cf48c602079 (patch) | |
tree | e308db30d277fab192a5b647037b12cb901c2129 /src/cryptography/hazmat/backends/openssl/backend.py | |
parent | ff7e3971d8d1106a4377f6c8d436c4005c883066 (diff) | |
download | cryptography-0c07580a216d4b75bfdca22254803cf48c602079.tar.gz cryptography-0c07580a216d4b75bfdca22254803cf48c602079.tar.bz2 cryptography-0c07580a216d4b75bfdca22254803cf48c602079.zip |
support extensions in the OCSP request builder (#4481)
* support extensions in the OCSP request builder
* cover a missed branch
* refactor to use new func
* review feedback
Diffstat (limited to 'src/cryptography/hazmat/backends/openssl/backend.py')
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/backend.py | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py index 8118cad0..5d0a4446 100644 --- a/src/cryptography/hazmat/backends/openssl/backend.py +++ b/src/cryptography/hazmat/backends/openssl/backend.py @@ -38,6 +38,7 @@ from cryptography.hazmat.backends.openssl.ec import ( from cryptography.hazmat.backends.openssl.encode_asn1 import ( _CRL_ENTRY_EXTENSION_ENCODE_HANDLERS, _CRL_EXTENSION_ENCODE_HANDLERS, _EXTENSION_ENCODE_HANDLERS, + _OCSP_REQUEST_EXTENSION_ENCODE_HANDLERS, _encode_asn1_int_gc, _encode_asn1_str_gc, _encode_name_gc, _txt2obj_gc, ) from cryptography.hazmat.backends.openssl.hashes import _HashContext @@ -1465,6 +1466,13 @@ class Backend(object): self.openssl_assert(certid != self._ffi.NULL) onereq = self._lib.OCSP_request_add0_id(ocsp_req, certid) self.openssl_assert(onereq != self._ffi.NULL) + self._create_x509_extensions( + extensions=builder._extensions, + handlers=_OCSP_REQUEST_EXTENSION_ENCODE_HANDLERS, + x509_obj=ocsp_req, + add_func=self._lib.OCSP_REQUEST_add_ext, + gc=True, + ) return _OCSPRequest(self, ocsp_req) def elliptic_curve_exchange_algorithm_supported(self, algorithm, curve): |