Skip to content

Commit

Permalink
port changelog (#1205)
Browse files Browse the repository at this point in the history
* port changelog

* forward port the nid2sn workaround
  • Loading branch information
reaperhulk authored Mar 28, 2023
1 parent 983aa31 commit da18a74
Show file tree
Hide file tree
Showing 3 changed files with 32 additions and 2 deletions.
17 changes: 16 additions & 1 deletion CHANGELOG.rst
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,21 @@ Deprecations:
Changes:
^^^^^^^^

23.1.1 (2023-03-28)
-------------------

Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Deprecations:
^^^^^^^^^^^^^

Changes:
^^^^^^^^

- Worked around an issue in OpenSSL 3.1.0 which caused `X509Extension.get_short_name` to raise an exception when no short name was known to OpenSSL.
`#1204 <https://github.com/pyca/pyopenssl/pull/1204>`_.

23.1.0 (2023-03-24)
-------------------

Expand Down Expand Up @@ -56,7 +71,7 @@ Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

- Remove support for SSLv2 and SSLv3.
- The minimum ``cryptography`` version is now 38.0.x (and we now pin releases
- The minimum ``cryptography`` version is now 38.0.x (and we now pin releases
against ``cryptography`` major versions to prevent future breakage)
- The ``OpenSSL.crypto.X509StoreContextError`` exception has been refactored,
changing its internal attributes.
Expand Down
9 changes: 8 additions & 1 deletion src/OpenSSL/crypto.py
Original file line number Diff line number Diff line change
Expand Up @@ -904,7 +904,14 @@ def get_short_name(self) -> bytes:
"""
obj = _lib.X509_EXTENSION_get_object(self._extension)
nid = _lib.OBJ_obj2nid(obj)
return _ffi.string(_lib.OBJ_nid2sn(nid))
# OpenSSL 3.1.0 has a bug where nid2sn returns NULL for NIDs that
# previously returned UNDEF. This is a workaround for that issue.
# https://github.com/openssl/openssl/commit/908ba3ed9adbb3df90f76
buf = _lib.OBJ_nid2sn(nid)
if buf != _ffi.NULL:
return _ffi.string(buf)
else:
return b"UNDEF"

def get_data(self) -> bytes:
"""
Expand Down
8 changes: 8 additions & 0 deletions tests/test_crypto.py
Original file line number Diff line number Diff line change
Expand Up @@ -1681,6 +1681,14 @@ def test_get_extensions(self):
exts = request.get_extensions()
assert len(exts) == 2

def test_undef_oid(self):
assert (
X509Extension(
b"1.2.3.4.5.6.7", False, b"DER:05:00"
).get_short_name()
== b"UNDEF"
)

def test_add_extensions_wrong_args(self):
"""
`X509Req.add_extensions` raises `TypeError` if called with a
Expand Down

0 comments on commit da18a74

Please sign in to comment.