diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-10-11 11:51:27 -0500 |
---|---|---|
committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-10-11 11:51:27 -0500 |
commit | 9c9910da3f6cef20289d928128f5a1cb71b5e9af (patch) | |
tree | 131e6c3c9e5729074d994a9c9afb4222ae37b8a1 /src | |
parent | 1ec38f6c1ca84014646d760754482ad7467f5b17 (diff) | |
parent | 66619382e640425c0547acee37b26376ce01e18a (diff) | |
download | cryptography-9c9910da3f6cef20289d928128f5a1cb71b5e9af.tar.gz cryptography-9c9910da3f6cef20289d928128f5a1cb71b5e9af.tar.bz2 cryptography-9c9910da3f6cef20289d928128f5a1cb71b5e9af.zip |
Merge pull request #2402 from ddcc/patch-1
minor fix to handle malformed certificates without hostname
Diffstat (limited to 'src')
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/x509.py | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py index cfde4a73..2de5a8c7 100644 --- a/src/cryptography/hazmat/backends/openssl/x509.py +++ b/src/cryptography/hazmat/backends/openssl/x509.py @@ -64,7 +64,9 @@ def _decode_general_names(backend, gns): def _decode_general_name(backend, gn): if gn.type == backend._lib.GEN_DNS: data = backend._asn1_string_to_bytes(gn.d.dNSName) - if data.startswith(b"*."): + if not data: + decoded = u"" + elif data.startswith(b"*."): # This is a wildcard name. We need to remove the leading wildcard, # IDNA decode, then re-add the wildcard. Wildcard characters should # always be left-most (RFC 2595 section 2.4). @@ -82,7 +84,10 @@ def _decode_general_name(backend, gn): elif gn.type == backend._lib.GEN_URI: data = backend._asn1_string_to_ascii(gn.d.uniformResourceIdentifier) parsed = urllib_parse.urlparse(data) - hostname = idna.decode(parsed.hostname) + if parsed.hostname: + hostname = idna.decode(parsed.hostname) + else: + hostname = "" if parsed.port: netloc = hostname + u":" + six.text_type(parsed.port) else: |