diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2016-12-15 14:50:23 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2017-07-23 13:32:35 +0900 |
commit | af895bc5596b1521e13a3c6ab65aacdb6913e128 (patch) | |
tree | 7ae2f707f66fd0c69caf66ed1b072efbffd16510 /test/test_asn1.rb | |
parent | f61af664ecf4fd74ef0adc1138bc09455e89199f (diff) | |
download | ruby-openssl-af895bc5596b1521e13a3c6ab65aacdb6913e128.tar.gz |
asn1: avoid truncating OID in OpenSSL::ASN1::ObjectId#oid
OpenSSL::ASN1::ObjectId#oid, which returns the dotted representation of
the OID, is silently truncating the result if it overflows the 128-bytes
buffer. Although it normally won't be more than 127-characters, it'd be
better to avoid. This can be done by checking the return value of
OBJ_obj2txt().
Previous releases of LibreSSL (< 2.5.1) have a bug in OBJ_obj2txt() and
it does not work if the resulting string would be larger than the
buffer. A workaround is added to the test. It should be removed when we
deprecate support for LibreSSL 2.4.
Diffstat (limited to 'test/test_asn1.rb')
-rw-r--r-- | test/test_asn1.rb | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/test/test_asn1.rb b/test/test_asn1.rb index e98b9202..61863d02 100644 --- a/test/test_asn1.rb +++ b/test/test_asn1.rb @@ -321,6 +321,15 @@ class OpenSSL::TestASN1 < OpenSSL::TestCase } assert_raise(OpenSSL::ASN1::ASN1Error) { OpenSSL::ASN1::ObjectId.new("3.0".b).to_der } assert_raise(OpenSSL::ASN1::ASN1Error) { OpenSSL::ASN1::ObjectId.new("0.40".b).to_der } + + begin + oid = (0...100).to_a.join(".").b + obj = OpenSSL::ASN1::ObjectId.new(oid) + assert_equal oid, obj.oid + rescue OpenSSL::ASN1::ASN1Error + pend "OBJ_obj2txt() not working (LibreSSL?)" if $!.message =~ /OBJ_obj2txt/ + raise + end end def test_sequence |