Overview

File segfault.patch of Package python-M2Crypto

Index: m2crypto-0.46.2/tests/makecerts.py
===================================================================
--- m2crypto-0.46.2.orig/tests/makecerts.py
+++ m2crypto-0.46.2/tests/makecerts.py
@@ -101,10 +101,10 @@ def issue(request, ca, capk):
     ext = X509.new_extension("subjectKeyIdentifier", gen_identifier(cert))
     cert.add_ext(ext)
 
-    # auth = X509.load_cert('ca.pem')
-    # auth_id = auth.get_ext('subjectKeyIdentifier').get_value()
-    # ext = X509.new_extension('authorityKeyIdentifier', 'keyid:%s' % auth_id)
-    # # cert.add_ext(ext)
+    auth = X509.load_cert('ca.pem')
+    auth_id = auth.get_ext('subjectKeyIdentifier').get_value()
+    ext = X509.new_extension('authorityKeyIdentifier', 'keyid:%s' % auth_id)
+    cert.add_ext(ext)
 
     cert.sign(capk, "sha256")
 
@@ -142,8 +142,8 @@ def mk_ca():
     ext = X509.new_extension("subjectKeyIdentifier", ski)
     cert.add_ext(ext)
 
-    # ext = X509.new_extension('authorityKeyIdentifier', 'keyid:%s' % ski)
-    # cert.add_ext(ext)
+    ext = X509.new_extension('authorityKeyIdentifier', 'keyid:%s' % ski)
+    cert.add_ext(ext)
 
     cert.sign(pk, "sha256")
 
Index: m2crypto-0.46.2/src/M2Crypto/X509.py
===================================================================
--- m2crypto-0.46.2.orig/src/M2Crypto/X509.py
+++ m2crypto-0.46.2/src/M2Crypto/X509.py
@@ -153,6 +153,10 @@ def new_extension(
                  (`pkey`) is missing.
     """
     ctx = m2.x509v3_set_nconf()
+    if ctx is None:
+        raise X509Error(
+            "Cannot create an empty X509_Extension, ctx creation error."
+        )
 
     # This block enforces context availability for subjectKeyIdentifier:hash
     # to prevent a SIGSEGV in OpenSSL > 3.0 when ctx->subject_cert is NULL.
@@ -161,6 +165,11 @@ def new_extension(
         raise X509Error(
             "Cannot create 'subjectKeyIdentifier:hash' without a public key (pkey) context."
         )
+    # if name == "authorityKeyIdentifier" and value == "keyid" and pkey is None:
+    #     m2.x509v3_ctx_free(ctx)  # Clean up the context object before raising error
+    #     raise X509Error(
+    #         "Cannot create 'authorityKeyIdentifier:keyid' without a public key (pkey) context."
+    #     )
 
     if pkey is not None:
         m2.X509V3_CTX_set_nconf_pkey(ctx, pkey._ptr())
openSUSE Build Service is sponsored by
Places