diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-07-23 19:10:28 +0100 |
---|---|---|
committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-07-23 19:10:28 +0100 |
commit | 8bfbacef9cb973115c0cf0f4185c8f47812c37bc (patch) | |
tree | b55cce2d6132a82a8aac9308d493cdcdda9ef8d1 /src | |
parent | 32a92b6afaf0086f2b0e6b9cf7235576b06503b0 (diff) | |
download | cryptography-8bfbacef9cb973115c0cf0f4185c8f47812c37bc.tar.gz cryptography-8bfbacef9cb973115c0cf0f4185c8f47812c37bc.tar.bz2 cryptography-8bfbacef9cb973115c0cf0f4185c8f47812c37bc.zip |
when building a CSR adding > 1 extension would trigger a bug
We were checking sk_X509_EXTENSION_push for a value == 1, but
in reality it returns the number of extensions on the stack. We
now assert >= 1 and added a test.
Diffstat (limited to 'src')
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/backend.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py index 7ccb39a4..9cfe73c1 100644 --- a/src/cryptography/hazmat/backends/openssl/backend.py +++ b/src/cryptography/hazmat/backends/openssl/backend.py @@ -976,7 +976,7 @@ class Backend(object): ) assert extension != self._ffi.NULL res = self._lib.sk_X509_EXTENSION_push(extensions, extension) - assert res == 1 + assert res >= 1 res = self._lib.X509_REQ_add_extensions(x509_req, extensions) assert res == 1 |