[Git][gajim/gajim][master] fix: CertificateBox: Catch exception if cert does not offer extension

Sat, 10 Jun 2023 01:19:17 -0700 


Daniel Brötzmann pushed to branch master at gajim / gajim


Commits:
fcc5504f by wurstsalat at 2023-06-10T10:18:16+02:00
fix: CertificateBox: Catch exception if cert does not offer extension

Fixes #11560

- - - - -


1 changed file:

- gajim/gtk/certificate_dialog.py


Changes:

=====================================
gajim/gtk/certificate_dialog.py
=====================================
@@ -14,6 +14,8 @@
 
 from typing import cast
 
+import logging
+
 from cryptography.hazmat.primitives import hashes
 from cryptography.hazmat.primitives.asymmetric.dsa import DSAPublicKey
 from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePublicKey
@@ -21,6 +23,7 @@
 from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PublicKey
 from cryptography.hazmat.primitives.asymmetric.rsa import RSAPublicKey
 from cryptography.x509 import DNSName
+from cryptography.x509 import ExtensionNotFound
 from cryptography.x509.oid import ExtensionOID
 from gi.repository import Gdk
 from gi.repository import Gio
@@ -33,6 +36,8 @@
 
 from gajim.gtk.builder import get_builder
 
+log = logging.getLogger('gajim.gtk.certificate_dialog')
+
 
 class CertificateDialog(Gtk.ApplicationWindow):
     def __init__(self,
@@ -83,13 +88,18 @@ def __init__(self, account: str, certificate: 
Gio.TlsCertificate) -> None:
                 self._it_organization = str(attribute.value)
 
         # Get the subjectAltName extension from the certificate
-        subject_ext = cert.extensions.get_extension_for_oid(
-            ExtensionOID.SUBJECT_ALTERNATIVE_NAME)
-        # Get the DNSName entries from the SAN extension
-        alt_names = cast(
-            list[str],
-            subject_ext.value.get_values_for_type(DNSName))  # pyright: ignore
-        self._it_subject_alt_names = '\n'.join(alt_names)
+        try:
+            subject_ext = cert.extensions.get_extension_for_oid(
+                ExtensionOID.SUBJECT_ALTERNATIVE_NAME)
+            # Get the DNSName entries from the SAN extension
+            alt_names = cast(
+                list[str],
+                subject_ext.value.get_values_for_type(  # pyright: ignore
+                    DNSName))
+            self._it_subject_alt_names = '\n'.join(alt_names)
+        except ExtensionNotFound as err:
+            log.info('Certificate does not have extension: %s', err)
+            self._it_subject_alt_names = ''
 
         serial_str = f'{cert.serial_number:02X}'
         serial_str_foratted = ':'.join(



View it on GitLab: 
https://dev.gajim.org/gajim/gajim/-/commit/fcc5504f23f742c6222c830bad1ec08424129f2c

-- 
View it on GitLab: 
https://dev.gajim.org/gajim/gajim/-/commit/fcc5504f23f742c6222c830bad1ec08424129f2c
You're receiving this email because of your account on dev.gajim.org.



_______________________________________________
Commits mailing list
[email protected]
https://lists.gajim.org/cgi-bin/listinfo/commits

Reply via email to