when building a CSR adding > 1 extension would trigger a bug

We were checking sk_X509_EXTENSION_push for a value == 1, but in reality it returns the number of extensions on the stack. We now assert >= 1 and added a test.
author: Paul Kehrer <paul.l.kehrer@gmail.com> 2015-07-23 19:10:28 +0100
committer: Paul Kehrer <paul.l.kehrer@gmail.com> 2015-07-23 19:10:28 +0100
commit: 8bfbacef9cb973115c0cf0f4185c8f47812c37bc (patch)
tree: b55cce2d6132a82a8aac9308d493cdcdda9ef8d1 /src
parent: 32a92b6afaf0086f2b0e6b9cf7235576b06503b0 (diff)
download: cryptography-8bfbacef9cb973115c0cf0f4185c8f47812c37bc.tar.gz
cryptography-8bfbacef9cb973115c0cf0f4185c8f47812c37bc.tar.bz2
cryptography-8bfbacef9cb973115c0cf0f4185c8f47812c37bc.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 7ccb39a4..9cfe73c1 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -976,7 +976,7 @@ class Backend(object):
             )
             assert extension != self._ffi.NULL
             res = self._lib.sk_X509_EXTENSION_push(extensions, extension)
-            assert res == 1
+            assert res >= 1
         res = self._lib.X509_REQ_add_extensions(x509_req, extensions)
         assert res == 1
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2015-07-23 19:10:28 +0100
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	2015-07-23 19:10:28 +0100
commit	8bfbacef9cb973115c0cf0f4185c8f47812c37bc (patch)
tree	b55cce2d6132a82a8aac9308d493cdcdda9ef8d1 /src
parent	32a92b6afaf0086f2b0e6b9cf7235576b06503b0 (diff)
download	cryptography-8bfbacef9cb973115c0cf0f4185c8f47812c37bc.tar.gz cryptography-8bfbacef9cb973115c0cf0f4185c8f47812c37bc.tar.bz2 cryptography-8bfbacef9cb973115c0cf0f4185c8f47812c37bc.zip