diff --git a/CHANGELOG.rst b/CHANGELOG.rst index e66ace131..000b4b5e4 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -25,6 +25,9 @@ Deprecations: Changes: ^^^^^^^^ +- Fix X509Extension __str__() method for unknown extension types + `#1239 `_. + 23.2.0 (2023-05-30) ------------------- diff --git a/src/OpenSSL/crypto.py b/src/OpenSSL/crypto.py index 5fddc4c30..26a09532e 100644 --- a/src/OpenSSL/crypto.py +++ b/src/OpenSSL/crypto.py @@ -108,6 +108,8 @@ TYPE_DH: int = _lib.EVP_PKEY_DH TYPE_EC: int = _lib.EVP_PKEY_EC +X509V3_EXT_ERROR_UNKNOWN = 1 << 16 + class Error(Exception): """ @@ -890,7 +892,9 @@ def __str__(self) -> str: return self._subjectAltNameString() bio = _new_mem_buf() - print_result = _lib.X509V3_EXT_print(bio, self._extension, 0, 0) + print_result = _lib.X509V3_EXT_print( + bio, self._extension, X509V3_EXT_ERROR_UNKNOWN, 0 + ) _openssl_assert(print_result != 0) return _bio_to_string(bio).decode("utf-8") diff --git a/tests/test_crypto.py b/tests/test_crypto.py index 7a5d36e82..9d45f7e5a 100644 --- a/tests/test_crypto.py +++ b/tests/test_crypto.py @@ -1632,6 +1632,10 @@ def test_undef_oid(self): ).get_short_name() == b"UNDEF" ) + assert ( + str(X509Extension(b"1.2.3.4.5.6.7", False, b"DER:05:00")) + == "" + ) def test_add_extensions_wrong_args(self): """