Certificates: fixed in name attributes processing.
The idea is to put SAN after CN, but the previous version of the code incorrectly assumed that CN was always present, which caused writes outside the allocated object if there were no standard name attributes.
This commit is contained in:
Valentin Bartenev
@@ -44,6 +44,13 @@ certificate with a non-DNS SAN entry.
|
||||
</para>
|
||||
</change>
|
||||
|
||||
<change type="bugfix">
|
||||
<para>
|
||||
the controller process could crash on manipulations with a certificate
|
||||
containing a SAN and no standart name attributes in subject or issuer.
|
||||
</para>
|
||||
</change>
|
||||
|
||||
<change type="bugfix">
|
||||
<para>
|
||||
the Ruby module didn't respect user locale for defaults in the Encoding class.
|
||||
|
||||
@@ -689,38 +689,6 @@ nxt_cert_name_details(nxt_mp_t *mp, X509 *x509, nxt_bool_t issuer)
|
||||
: NID_subject_alt_name,
|
||||
NULL, NULL);
|
||||
|
||||
if (alt_names != NULL) {
|
||||
count++;
|
||||
}
|
||||
|
||||
object = nxt_conf_create_object(mp, count);
|
||||
if (nxt_slow_path(object == NULL)) {
|
||||
goto fail;
|
||||
}
|
||||
|
||||
for (n = 0, i = 0; n != nxt_nitems(nids) && i != count; n++) {
|
||||
|
||||
len = X509_NAME_get_text_by_NID(x509_name, nids[n].nid,
|
||||
(char *) buf, sizeof(buf));
|
||||
|
||||
if (len < 0) {
|
||||
continue;
|
||||
}
|
||||
|
||||
if (i == 1 && alt_names != NULL) {
|
||||
i++;
|
||||
}
|
||||
|
||||
str.length = len;
|
||||
str.start = buf;
|
||||
|
||||
ret = nxt_conf_set_member_string_dup(object, mp, &nids[n].name,
|
||||
&str, i++);
|
||||
if (nxt_slow_path(ret != NXT_OK)) {
|
||||
goto fail;
|
||||
}
|
||||
}
|
||||
|
||||
if (alt_names != NULL) {
|
||||
names = nxt_cert_alt_names_details(mp, alt_names);
|
||||
|
||||
@@ -730,18 +698,41 @@ nxt_cert_name_details(nxt_mp_t *mp, X509 *x509, nxt_bool_t issuer)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
nxt_conf_set_member(object, &alt_names_str, names, 1);
|
||||
count++;
|
||||
|
||||
} else {
|
||||
names = NULL;
|
||||
}
|
||||
|
||||
object = nxt_conf_create_object(mp, count);
|
||||
if (nxt_slow_path(object == NULL)) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
for (n = 0, i = 0; n != nxt_nitems(nids) && i != count; n++) {
|
||||
|
||||
len = X509_NAME_get_text_by_NID(x509_name, nids[n].nid,
|
||||
(char *) buf, sizeof(buf));
|
||||
|
||||
if (n == 1 && names != NULL) {
|
||||
nxt_conf_set_member(object, &alt_names_str, names, i++);
|
||||
}
|
||||
|
||||
if (len < 0) {
|
||||
continue;
|
||||
}
|
||||
|
||||
str.length = len;
|
||||
str.start = buf;
|
||||
|
||||
ret = nxt_conf_set_member_string_dup(object, mp, &nids[n].name,
|
||||
&str, i++);
|
||||
if (nxt_slow_path(ret != NXT_OK)) {
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
return object;
|
||||
|
||||
fail:
|
||||
|
||||
if (alt_names != NULL) {
|
||||
sk_GENERAL_NAME_pop_free(alt_names, GENERAL_NAME_free);
|
||||
}
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user