diff --git a/CHANGELOG.rst b/CHANGELOG.rst index e66ace131..000b4b5e4 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -25,6 +25,9 @@ Deprecations: Changes: ^^^^^^^^ +- Fix X509Extension __str__() method for unknown extension types + `#1239 `_. + 23.2.0 (2023-05-30) ------------------- diff --git a/src/OpenSSL/crypto.py b/src/OpenSSL/crypto.py index 034ae8236..c4c5152a0 100644 --- a/src/OpenSSL/crypto.py +++ b/src/OpenSSL/crypto.py @@ -94,6 +94,8 @@ TYPE_DH: int = _lib.EVP_PKEY_DH TYPE_EC: int = _lib.EVP_PKEY_EC +X509V3_EXT_ERROR_UNKNOWN = 1 << 16 + class Error(Exception): """ @@ -875,7 +877,9 @@ def __str__(self) -> str: return self._subjectAltNameString() bio = _new_mem_buf() - print_result = _lib.X509V3_EXT_print(bio, self._extension, 0, 0) + print_result = _lib.X509V3_EXT_print( + bio, self._extension, X509V3_EXT_ERROR_UNKNOWN, 0 + ) _openssl_assert(print_result != 0) return _bio_to_string(bio).decode("utf-8") diff --git a/tests/test_crypto.py b/tests/test_crypto.py index cb2140c3d..dc1ea92bf 100644 --- a/tests/test_crypto.py +++ b/tests/test_crypto.py @@ -1633,6 +1633,10 @@ def test_undef_oid(self): ).get_short_name() == b"UNDEF" ) + assert ( + str(X509Extension(b"1.2.3.4.5.6.7", False, b"DER:05:00")) + == "" + ) def test_add_extensions_wrong_args(self): """