diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-04-21 08:44:17 -0500 |
---|---|---|
committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-04-21 08:44:17 -0500 |
commit | d04b39b253916223e9dd99831586822a4f9a2fc1 (patch) | |
tree | cf057817a98a2f2df5bffcb8c66d0214272a51d5 | |
parent | bd11e028dcf763171097f5366f87f95ad0371a03 (diff) | |
download | cryptography-d04b39b253916223e9dd99831586822a4f9a2fc1.tar.gz cryptography-d04b39b253916223e9dd99831586822a4f9a2fc1.tar.bz2 cryptography-d04b39b253916223e9dd99831586822a4f9a2fc1.zip |
add a check to require that the list passed to SAN is all general names
-rw-r--r-- | src/cryptography/x509.py | 6 | ||||
-rw-r--r-- | tests/test_x509_ext.py | 6 |
2 files changed, 12 insertions, 0 deletions
diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py index cdc0e430..898ab6c7 100644 --- a/src/cryptography/x509.py +++ b/src/cryptography/x509.py @@ -542,6 +542,12 @@ class IPAddress(object): class SubjectAlternativeName(object): def __init__(self, general_names): + if not all(isinstance(x, GeneralName) for x in general_names): + raise TypeError( + "Every item in the general_names list must be an " + "object conforming to the GeneralName interface" + ) + self._general_names = general_names def __iter__(self): diff --git a/tests/test_x509_ext.py b/tests/test_x509_ext.py index 8516a339..45d309db 100644 --- a/tests/test_x509_ext.py +++ b/tests/test_x509_ext.py @@ -721,6 +721,12 @@ class TestSubjectAlternativeName(object): x509.DNSName(six.u("crypto.local")), ] + def test_invalid_general_names(self): + with pytest.raises(TypeError): + x509.SubjectAlternativeName( + [x509.DNSName(six.u("cryptography.io")), "invalid"] + ) + def test_repr(self): san = x509.SubjectAlternativeName( [ |