From 4c7bcf119431c1752b2f0c41e347b6cd18907fc3 Mon Sep 17 00:00:00 2001 From: Antoine Pitrou Date: Tue, 27 Apr 2010 22:03:37 +0000 Subject: Issue #8086: In :func:`ssl.DER_cert_to_PEM_cert()`, fix missing newline before the certificate footer. Patch by Kyle VanderBeek. --- Lib/ssl.py | 2 +- Lib/test/test_ssl.py | 4 ++++ Misc/ACKS | 1 + Misc/NEWS | 3 +++ 4 files changed, 9 insertions(+), 1 deletion(-) diff --git a/Lib/ssl.py b/Lib/ssl.py index bfeb559..96b6281 100644 --- a/Lib/ssl.py +++ b/Lib/ssl.py @@ -365,7 +365,7 @@ def DER_cert_to_PEM_cert(der_cert_bytes): # preferred because older API gets line-length wrong f = base64.standard_b64encode(der_cert_bytes) return (PEM_HEADER + '\n' + - textwrap.fill(f, 64) + + textwrap.fill(f, 64) + '\n' + PEM_FOOTER + '\n') else: return (PEM_HEADER + '\n' + diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py index 7c32c1b..feb6f50 100644 --- a/Lib/test/test_ssl.py +++ b/Lib/test/test_ssl.py @@ -113,6 +113,10 @@ class BasicTests(unittest.TestCase): p2 = ssl.DER_cert_to_PEM_cert(d1) d2 = ssl.PEM_cert_to_DER_cert(p2) self.assertEqual(d1, d2) + if not p2.startswith(ssl.PEM_HEADER + '\n'): + self.fail("DER-to-PEM didn't include correct header:\n%r\n" % p2) + if not p2.endswith('\n' + ssl.PEM_FOOTER + '\n'): + self.fail("DER-to-PEM didn't include correct footer:\n%r\n" % p2) def test_openssl_version(self): n = ssl.OPENSSL_VERSION_NUMBER diff --git a/Misc/ACKS b/Misc/ACKS index af56dd4..162bf9b 100644 --- a/Misc/ACKS +++ b/Misc/ACKS @@ -780,6 +780,7 @@ Michael Urman Hector Urtubia Andi Vajda Case Van Horsen +Kyle VanderBeek Atul Varma Dmitry Vasiliev Alexandre Vassalotti diff --git a/Misc/NEWS b/Misc/NEWS index 7ba33ba..929a246 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -27,6 +27,9 @@ Core and Builtins Library ------- +- Issue #8086: In :func:`ssl.DER_cert_to_PEM_cert()`, fix missing newline + before the certificate footer. Patch by Kyle VanderBeek. + - Issue #8546: Reject None given as the buffering argument to _pyio.open. - Issue #8549: Fix compiling the _ssl extension under AIX. Patch by -- cgit v0.12