[issue13034] Python does not read Alternative Subject Names from SSL certificates larger than 1024 bits
Antoine Pitrou
report at bugs.python.org
Fri Sep 23 18:23:12 CEST 2011
Antoine Pitrou <pitrou at free.fr> added the comment:
Thanks for reporting. This trivial patch seems to fix it (still needs a test):
diff -r 1b4fae183da3 Modules/_ssl.c
--- a/Modules/_ssl.c Tue Aug 09 18:48:02 2011 -0500
+++ b/Modules/_ssl.c Fri Sep 23 18:16:04 2011 +0200
@@ -590,7 +590,7 @@ _get_peer_alt_names (X509 *certificate)
/* get a memory buffer */
biobuf = BIO_new(BIO_s_mem());
- i = 0;
+ i = -1;
while ((i = X509_get_ext_by_NID(
certificate, NID_subject_alt_name, i)) >= 0) {
Yay for undocumented OpenSSL APIs with weird semantics.
----------
assignee: -> pitrou
versions: +Python 3.2, Python 3.3
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue13034>
_______________________________________
More information about the Python-bugs-list
mailing list