diff options
Diffstat (limited to 'Modules/_ssl.c')
| -rw-r--r-- | Modules/_ssl.c | 49 |
1 files changed, 48 insertions, 1 deletions
diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 6f1f9c8..43b236c 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -1410,6 +1410,54 @@ _get_peer_alt_names (X509 *certificate) { PyTuple_SET_ITEM(t, 1, v); break; + case GEN_IPADD: + /* OpenSSL < 3.0.0 adds a trailing \n to IPv6. 3.0.0 removed + * the trailing newline. Remove it in all versions + */ + t = PyTuple_New(2); + if (t == NULL) + goto fail; + + v = PyUnicode_FromString("IP Address"); + if (v == NULL) { + Py_DECREF(t); + goto fail; + } + PyTuple_SET_ITEM(t, 0, v); + + if (name->d.ip->length == 4) { + unsigned char *p = name->d.ip->data; + v = PyUnicode_FromFormat( + "%d.%d.%d.%d", + p[0], p[1], p[2], p[3] + ); + } else if (name->d.ip->length == 16) { + /* PyUnicode_FromFormat() does not support %X */ + unsigned char *p = name->d.ip->data; + len = sprintf( + buf, + "%X:%X:%X:%X:%X:%X:%X:%X", + p[0] << 8 | p[1], + p[2] << 8 | p[3], + p[4] << 8 | p[5], + p[6] << 8 | p[7], + p[8] << 8 | p[9], + p[10] << 8 | p[11], + p[12] << 8 | p[13], + p[14] << 8 | p[15] + ); + v = PyUnicode_FromStringAndSize(buf, len); + } else { + v = PyUnicode_FromString("<invalid>"); + } + + if (v == NULL) { + Py_DECREF(t); + goto fail; + } + PyTuple_SET_ITEM(t, 1, v); + break; + default: /* for everything else, we use the OpenSSL print form */ switch (gntype) { @@ -1417,7 +1465,6 @@ _get_peer_alt_names (X509 *certificate) { case GEN_OTHERNAME: case GEN_X400: case GEN_EDIPARTY: - case GEN_IPADD: case GEN_RID: break; default: |