handle some errors from extension creation
diff --git a/src/crypto/x509ext.c b/src/crypto/x509ext.c
index 259615e..1d412da 100644
--- a/src/crypto/x509ext.c
+++ b/src/crypto/x509ext.c
@@ -64,6 +64,8 @@
return NULL;
}
+ self->dealloc = 0;
+
/* There are other OpenSSL APIs which would let us pass in critical
* separately, but they're harder to use, and since value is already a pile
* of crappy junk smuggling a ton of utterly important structured data,
@@ -81,10 +83,16 @@
self->x509_extension = X509V3_EXT_nconf(
NULL, NULL, type_name, value_with_critical);
- self->dealloc = 1;
free(value_with_critical);
+ if (!self->x509_extension) {
+ PyObject_Free(self);
+ exception_from_error_queue();
+ return NULL;
+ }
+
+ self->dealloc = 1;
return self;
}
diff --git a/test/test_crypto.py b/test/test_crypto.py
index 96dbcc1..d4c4b68 100644
--- a/test/test_crypto.py
+++ b/test/test_crypto.py
@@ -83,6 +83,7 @@
return self.failIf(*a, **kw)
+
class X509ExtTests(TestCase, _Python23TestCaseHelper):
def test_construction(self):
"""
@@ -102,6 +103,17 @@
comment, type(comment), X509ExtensionType))
+ def test_invalid_extension(self):
+ """
+ L{X509Extension} raises something if it is passed a bad extension
+ name or value.
+ """
+ self.assertRaises(
+ Error, X509Extension, 'thisIsMadeUp', False, 'hi')
+ self.assertRaises(
+ Error, X509Extension, 'basicConstraints', False, 'blah blah')
+
+
def test_get_critical(self):
"""
L{X509ExtensionType.get_critical} returns the value of the
@@ -113,6 +125,7 @@
self.assertFalse(ext.get_critical())
+
class PKeyTests(TestCase, _Python23TestCaseHelper):
"""
Unit tests for L{OpenSSL.crypto.PKey}.