Skip Menu |

This queue is for tickets about the Net-SSLeay CPAN distribution.

Report information
The Basics
Id: 96368
Status: rejected
Priority: 0/
Queue: Net-SSLeay
People
Owner: MIKEM [...] cpan.org
Requestors: dej [...] open.ch
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)
Attachments
example_cert.crt.pem
netssleay_bug_report.pl

History Show all quoted text
  Wed Jun 11 02:46:00 2014 dej [...] open.ch - Ticket created
Subject: Bug Report: IP Addresses in Subject Alternative Names
Date: Wed, 11 Jun 2014 08:45:42 +0200
To: bug-Net-SSLeay [...] rt.cpan.org
From: Demian Jäger <dej [...] open.ch>
Dear Net::SSLeay team I think I found a bug in the Net::SSLeay::X509_get_subjectAltNames function. Subject alternative names of type 7 (IP addresses) do have an empty value. Distribution name and version: Net::SSLeay 1.63 Perl Version: This is perl 5, version 16, subversion 2 (v5.16.2) built for darwin-thread-multi-2level Operating System: Mac OS X 10.9.3, Darwin Kernel Version 13.2.0 OpenSSL: OpenSSL 0.9.8y 5 Feb 2013 The example code and the certificate which I used are attached to this email. Cheers and thanks Demian -- demian jäger junior engineer open systems ag raeffelstrasse 29 ch-8045 zurich t: +41 58 100 10 10 f: +41 58 100 10 11 dej@open.ch http://www.open.ch
Dear Net::SSLeay team

I think I found a bug in the Net::SSLeay::X509_get_subjectAltNames function.
Subject alternative names of type 7 (IP addresses) do have an empty value.

Distribution name and version: Net::SSLeay 1.63
Perl Version: This is perl 5, version 16, subversion 2 (v5.16.2) built for darwin-thread-multi-2level
Operating System: Mac OS X 10.9.3, Darwin Kernel Version 13.2.0
OpenSSL: OpenSSL 0.9.8y 5 Feb 2013

The example code and the certificate which I used are attached to this email.

Cheers and thanks

Demian

-- 
demian jäger
junior engineer

open systems ag
raeffelstrasse 29
ch-8045 zurich
t: +41 58 100 10 10
f: +41 58 100 10 11


Download example_cert.crt.pem
application/x-x509-ca-cert 1.5k

Message body not shown because it is not plain text.

Message body is not shown because sender requested not to inline it.

  Wed Jun 11 03:27:50 2014 mikem [...] airspayce.com - Correspondence added
Subject: Re: [rt.cpan.org #96368] Bug Report: IP Addresses in Subject Alternative Names
Date: Wed, 11 Jun 2014 17:27:38 +1000
To: bug-Net-SSLeay [...] rt.cpan.org
From: Mike McCauley <mikem [...] airspayce.com>
Hello, Actually, IP addresses are returned as packed binary. If you add this to your test code: my $x = unpack('H*', $subjAltNames[5]); print "unpacked: $x\n"; you will see mikem@zulu:/tmp$ perl netssleay_bug_report.pl $VAR1 = 2; $VAR2 = 'myFirstDomain.ch'; $VAR3 = 2; $VAR4 = 'mySecondDomain.ch'; $VAR5 = 7; $VAR6 = ''; $VAR7 = 1; $VAR8 = 'dej@open.ch'; unpacked: 7f000001 So, although this may not be what you expect, I dont think it is a bug. I have updated the doc for the next release to make this more obvious. Cheers. On Wednesday, June 11, 2014 02:46:02 AM you wrote: Show quoted text
> Wed Jun 11 02:46:00 2014: Request 96368 was acted upon. > Transaction: Ticket created by dej@open.ch > Queue: Net-SSLeay > Subject: Bug Report: IP Addresses in Subject Alternative Names > Broken in: (no value) > Severity: (no value) > Owner: Nobody > Requestors: dej@open.ch > Status: new > Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=96368 > > > > Dear Net::SSLeay team > > I think I found a bug in the Net::SSLeay::X509_get_subjectAltNames function. > Subject alternative names of type 7 (IP addresses) do have an empty value. > > Distribution name and version: Net::SSLeay 1.63 > Perl Version: This is perl 5, version 16, subversion 2 (v5.16.2) built for > darwin-thread-multi-2level Operating System: Mac OS X 10.9.3, Darwin Kernel > Version 13.2.0 > OpenSSL: OpenSSL 0.9.8y 5 Feb 2013 > > The example code and the certificate which I used are attached to this > email. > > Cheers and thanks > > Demian
-- Mike McCauley VK4AMM mikem@airspayce.com Airspayce Pty Ltd 9 Bulbul Place Currumbin Waters QLD 4223 Australia http://www.airspayce.com Phone +61 7 5598-7474 Fax +61 7 5598-7070
  Wed Jun 11 03:27:51 2014 The RT System itself - Status changed from 'new' to 'open'
  Wed Jun 11 03:41:39 2014 dej [...] open.ch - Correspondence added
Subject: Re: [rt.cpan.org #96368] Bug Report: IP Addresses in Subject Alternative Names
Date: Wed, 11 Jun 2014 09:41:29 +0200
To: bug-Net-SSLeay [...] rt.cpan.org
From: Demian Jäger <dej [...] open.ch>
Oh, sorry, didn’t expect that, but makes sense. Thanks. On 11.06.2014, at 09:27, Mike McCauley via RT <bug-Net-SSLeay@rt.cpan.org> wrote: Show quoted text
> <URL: https://rt.cpan.org/Ticket/Display.html?id=96368 > > > Hello, > > Actually, IP addresses are returned as packed binary. > If you add this to your test code: > > my $x = unpack('H*', $subjAltNames[5]); > print "unpacked: $x\n"; > > you will see > > mikem@zulu:/tmp$ perl netssleay_bug_report.pl > $VAR1 = 2; > $VAR2 = 'myFirstDomain.ch'; > $VAR3 = 2; > $VAR4 = 'mySecondDomain.ch'; > $VAR5 = 7; > $VAR6 = ''; > $VAR7 = 1; > $VAR8 = 'dej@open.ch'; > unpacked: 7f000001 > > So, although this may not be what you expect, I dont think it is a bug. I have > updated the doc for the next release to make this more obvious. > > Cheers. > > On Wednesday, June 11, 2014 02:46:02 AM you wrote:
>> Wed Jun 11 02:46:00 2014: Request 96368 was acted upon. >> Transaction: Ticket created by dej@open.ch >> Queue: Net-SSLeay >> Subject: Bug Report: IP Addresses in Subject Alternative Names >> Broken in: (no value) >> Severity: (no value) >> Owner: Nobody >> Requestors: dej@open.ch >> Status: new >> Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=96368 > >> >> >> Dear Net::SSLeay team >> >> I think I found a bug in the Net::SSLeay::X509_get_subjectAltNames function. >> Subject alternative names of type 7 (IP addresses) do have an empty value. >> >> Distribution name and version: Net::SSLeay 1.63 >> Perl Version: This is perl 5, version 16, subversion 2 (v5.16.2) built for >> darwin-thread-multi-2level Operating System: Mac OS X 10.9.3, Darwin Kernel >> Version 13.2.0 >> OpenSSL: OpenSSL 0.9.8y 5 Feb 2013 >> >> The example code and the certificate which I used are attached to this >> email. >> >> Cheers and thanks >> >> Demian
> > -- > Mike McCauley VK4AMM mikem@airspayce.com > Airspayce Pty Ltd 9 Bulbul Place Currumbin Waters QLD 4223 Australia > http://www.airspayce.com > Phone +61 7 5598-7474 Fax +61 7 5598-7070 > >
  Wed Aug 27 19:36:38 2014 MIKEM [...] cpan.org - Status changed from 'open' to 'rejected'
  Wed Aug 27 19:36:38 2014 MIKEM [...] cpan.org - Taken