[3.6] bpo-30502: Fix handling of long oids in ssl. (GH-2909) (#3321) · python/cpython@f201e88 (original) (raw)

`@@ -763,49 +763,64 @@ _ssl__SSLSocket_do_handshake_impl(PySSLSocket *self)

763

764

765

`static PyObject *

766

_create_tuple_for_attribute (ASN1_OBJECT *name, ASN1_STRING *value) {

767

-

768

char namebuf[X509_NAME_MAXLEN];

766

_asn1obj2py(const ASN1_OBJECT *name, int no_name)

767

{

768

char buf[X509_NAME_MAXLEN];

769

char *namebuf = buf;

769

770

`int buflen;

770

PyObject *name_obj;

771

PyObject *value_obj;

772

PyObject *attr;

773

unsigned char *valuebuf = NULL;

771

PyObject *name_obj = NULL;

774

772

775

buflen = OBJ_obj2txt(namebuf, sizeof(namebuf), name, 0);

773

buflen = OBJ_obj2txt(namebuf, X509_NAME_MAXLEN, name, no_name);

776

774

`if (buflen < 0) {

777

775

`_setSSLError(NULL, 0, FILE, LINE);

778

goto fail;

776

return NULL;

779

777

` }

780

name_obj = PyUnicode_FromStringAndSize(namebuf, buflen);

781

if (name_obj == NULL)

782

goto fail;

778

/* initial buffer is too small for oid + terminating null byte */

779

if (buflen > X509_NAME_MAXLEN - 1) {

780

/* make OBJ_obj2txt() calculate the required buflen */

781

buflen = OBJ_obj2txt(NULL, 0, name, no_name);

782

/* allocate len + 1 for terminating NULL byte */

783

namebuf = PyMem_Malloc(buflen + 1);

784

if (namebuf == NULL) {

785

PyErr_NoMemory();

786

return NULL;

787

}

788

buflen = OBJ_obj2txt(namebuf, buflen + 1, name, no_name);

789

if (buflen < 0) {

790

_setSSLError(NULL, 0, FILE, LINE);

791

goto done;

792

}

793

}

794

if (!buflen && no_name) {

795

Py_INCREF(Py_None);

796

name_obj = Py_None;

797

}

798

else {

799

name_obj = PyUnicode_FromStringAndSize(namebuf, buflen);

800

}

801

+

802

done:

803

if (buf != namebuf) {

804

PyMem_Free(namebuf);

805

}

806

return name_obj;

807

}

808

+

809

static PyObject *

810

_create_tuple_for_attribute(ASN1_OBJECT *name, ASN1_STRING *value)

811

{

812

Py_ssize_t buflen;

813

unsigned char *valuebuf = NULL;

814

PyObject *attr;

783

815

784

816

`buflen = ASN1_STRING_to_UTF8(&valuebuf, value);

785

817

`if (buflen < 0) {

786

818

`_setSSLError(NULL, 0, FILE, LINE);

787

Py_DECREF(name_obj);

788

goto fail;

819

return NULL;

789

820

` }

790

value_obj = PyUnicode_DecodeUTF8((char *) valuebuf,

791

buflen, "strict");

821

attr = Py_BuildValue("Ns#", _asn1obj2py(name, 0), valuebuf, buflen);

792

822

`OPENSSL_free(valuebuf);

793

if (value_obj == NULL) {

794

Py_DECREF(name_obj);

795

goto fail;

796

}

797

attr = PyTuple_New(2);

798

if (attr == NULL) {

799

Py_DECREF(name_obj);

800

Py_DECREF(value_obj);

801

goto fail;

802

}

803

PyTuple_SET_ITEM(attr, 0, name_obj);

804

PyTuple_SET_ITEM(attr, 1, value_obj);

805

823

`return attr;

806

-

807

fail:

808

return NULL;

809

824

810

825

811

826

`static PyObject *

`@@ -4669,8 +4684,6 @@ asn1obj2py(ASN1_OBJECT *obj)

4669

4684

4670

4685

`int nid;

4671

4686

`const char *ln, *sn;

4672

char buf[100];

4673

Py_ssize_t buflen;

4674

4687

4675

4688

`nid = OBJ_obj2nid(obj);

4676

4689

`if (nid == NID_undef) {

`@@ -4679,16 +4692,7 @@ asn1obj2py(ASN1_OBJECT *obj)

4679

4692

` }

4680

4693

`sn = OBJ_nid2sn(nid);

4681

4694

`ln = OBJ_nid2ln(nid);

4682

buflen = OBJ_obj2txt(buf, sizeof(buf), obj, 1);

4683

if (buflen < 0) {

4684

_setSSLError(NULL, 0, FILE, LINE);

4685

return NULL;

4686

}

4687

if (buflen) {

4688

return Py_BuildValue("isss#", nid, sn, ln, buf, buflen);

4689

} else {

4690

return Py_BuildValue("issO", nid, sn, ln, Py_None);

4691

}

4695

return Py_BuildValue("issN", nid, sn, ln, _asn1obj2py(obj, 1));

4692

4696

4693

4697

4694

4698

`/*[clinic input]