Skip to content

Commit e65adc7

Browse files
fffonionfffonion
authored
fix(x509.crl) fix metamethods when revoked is empty (#79)
when revoked list is empty
1 parent 3293e30 commit e65adc7

File tree

3 files changed

+59
-11
lines changed

3 files changed

+59
-11
lines changed

lib/resty/openssl/x509/crl.lua

+8-2
Original file line numberDiff line numberDiff line change
@@ -209,10 +209,11 @@ end
209209

210210
local revoked_mt = stack_lib.mt_of("X509_REVOKED", revoked_decode, _M)
211211

212+
local function nil_iter() return nil end
212213
local function revoked_iter(self)
213214
local stack = accessors.get_revoked(self.ctx)
214215
if stack == nil then
215-
return
216+
return nil_iter
216217
end
217218

218219
return revoked_mt.__ipairs({ctx = stack})
@@ -221,12 +222,17 @@ end
221222
mt.__pairs = revoked_iter
222223
mt.__ipairs = revoked_iter
223224
mt.__index = function(self, k)
225+
local i = tonumber(k)
226+
if not i then
227+
return _M[k]
228+
end
229+
224230
local stack = accessors.get_revoked(self.ctx)
225231
if stack == nil then
226232
return nil
227233
end
228234

229-
return revoked_mt.__index({ctx = stack}, k)
235+
return revoked_mt.__index({ctx = stack}, i)
230236
end
231237
mt.__len = function(self)
232238
local stack = accessors.get_revoked(self.ctx)

t/fixtures/no_revoked.crl

+18
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
-----BEGIN X509 CRL-----
2+
MIICyTCBsgIBATANBgkqhkiG9w0BAQsFADBPMQswCQYDVQQGEwJVUzEpMCcGA1UE
3+
ChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElT
4+
UkcgUm9vdCBYMRcNMjIwNTE4MDAwMDAwWhcNMjMwNDE3MjM1OTU5WqAvMC0wHwYD
5+
VR0jBBgwFoAUebRZ5nu25eQBc4AIiMgaWPbpm24wCgYDVR0UBAMCAWYwDQYJKoZI
6+
hvcNAQELBQADggIBAC2us3ieEcU7NTFjPyXEi/5aOID7IlPBK7ugS7IJrasTyEdH
7+
fAMcuoEGHaLoyLqpIKc7U/KIfqysn6l4Mu32aWFB/Ck5qiVufHXFjXIuNo4/drlm
8+
kPUjhgX0YcMkrWdbLFbF/mi5R7fCTbCP1ihqiw2AKB2jFShTAcybJpVRY7velN/D
9+
EI8ITJsHnGNOx5XZV7HgO1SbXrba7YGMD0YA+NiXc8VaoDlZdoKh8q/gk8y5vnvL
10+
UmtsHpdF1zFwDxYdpFLCrV9z8OcPWjguX6bYMWtnN5JPHrlUQrupCIN55ur8ttoq
11+
+9mQ/3Y2OFl1qF6UtHxSDHAI5vA8dBlZxQWSWXKGFPGPssNdB7CUJlZeLWPICWU9
12+
yANMxG+5ANeXW65GfPexj2DujwDlC46Wdnlvbft+2Bc0SYR72By/1QB3tmgBB//j
13+
QuJtAIzvRluvdnoIGRHPGVse0Qk4FC2BK04q8HBRw3UbxV1MDYIFCN9hlC625Q1s
14+
VjrqzGMPAwXYXNa/9hFQkdjKycrdsGvIXZa08sqqx4hY4CpjEeUQoka0XkTUmp7Q
15+
GDSXFxe4qxQObnU+LAMQ0cEcVb0TNnTC0PCeoSV82n3jRL9QYMe6lvU4pgFMddXz
16+
jna557uivEENf58Oh0SH5jux5gSlre177jQvvsfn8FeFXsLijw0tCbfupna/
17+
-----END X509 CRL-----
18+

t/openssl/x509/crl.t

+33-9
Original file line numberDiff line numberDiff line change
@@ -265,10 +265,34 @@ truetrue
265265
--- no_error_log
266266
[error]
267267

268+
=== TEST 10: x509.crl doesn't error if revoked is empty (regression)
269+
--- http_config eval: $::HttpConfig
270+
--- config
271+
location =/t {
272+
content_by_lua_block {
273+
local f = io.open("t/fixtures/no_revoked.crl"):read("*a")
274+
local c = myassert(require("resty.openssl.x509.crl").new(f))
275+
276+
for k, v in pairs(c) do
277+
ngx.say(tostring(k))
278+
end
279+
-- above should print nothing
280+
281+
ngx.say(c:get_last_update())
282+
}
283+
}
284+
--- request
285+
GET /t
286+
--- response_body_like eval
287+
"1652832000
288+
"
289+
--- no_error_log
290+
[error]
291+
268292
# START AUTO GENERATED CODE
269293

270294

271-
=== TEST 10: x509.crl:get_issuer_name (AUTOGEN)
295+
=== TEST 11: x509.crl:get_issuer_name (AUTOGEN)
272296
--- http_config eval: $::HttpConfig
273297
--- config
274298
location =/t {
@@ -288,7 +312,7 @@ truetrue
288312
--- no_error_log
289313
[error]
290314

291-
=== TEST 11: x509.crl:set_issuer_name (AUTOGEN)
315+
=== TEST 12: x509.crl:set_issuer_name (AUTOGEN)
292316
--- http_config eval: $::HttpConfig
293317
--- config
294318
location =/t {
@@ -316,7 +340,7 @@ truetrue
316340
--- no_error_log
317341
[error]
318342

319-
=== TEST 12: x509.crl:get_last_update (AUTOGEN)
343+
=== TEST 13: x509.crl:get_last_update (AUTOGEN)
320344
--- http_config eval: $::HttpConfig
321345
--- config
322346
location =/t {
@@ -335,7 +359,7 @@ truetrue
335359
--- no_error_log
336360
[error]
337361

338-
=== TEST 13: x509.crl:set_last_update (AUTOGEN)
362+
=== TEST 14: x509.crl:set_last_update (AUTOGEN)
339363
--- http_config eval: $::HttpConfig
340364
--- config
341365
location =/t {
@@ -361,7 +385,7 @@ truetrue
361385
--- no_error_log
362386
[error]
363387

364-
=== TEST 14: x509.crl:get_next_update (AUTOGEN)
388+
=== TEST 15: x509.crl:get_next_update (AUTOGEN)
365389
--- http_config eval: $::HttpConfig
366390
--- config
367391
location =/t {
@@ -380,7 +404,7 @@ truetrue
380404
--- no_error_log
381405
[error]
382406

383-
=== TEST 15: x509.crl:set_next_update (AUTOGEN)
407+
=== TEST 16: x509.crl:set_next_update (AUTOGEN)
384408
--- http_config eval: $::HttpConfig
385409
--- config
386410
location =/t {
@@ -406,7 +430,7 @@ truetrue
406430
--- no_error_log
407431
[error]
408432

409-
=== TEST 16: x509.crl:get_version (AUTOGEN)
433+
=== TEST 17: x509.crl:get_version (AUTOGEN)
410434
--- http_config eval: $::HttpConfig
411435
--- config
412436
location =/t {
@@ -425,7 +449,7 @@ truetrue
425449
--- no_error_log
426450
[error]
427451

428-
=== TEST 17: x509.crl:set_version (AUTOGEN)
452+
=== TEST 18: x509.crl:set_version (AUTOGEN)
429453
--- http_config eval: $::HttpConfig
430454
--- config
431455
location =/t {
@@ -451,7 +475,7 @@ truetrue
451475
--- no_error_log
452476
[error]
453477

454-
=== TEST 19: x509.crl:get_get_signature_name (AUTOGEN)
478+
=== TEST 20: x509.crl:get_get_signature_name (AUTOGEN)
455479
--- http_config eval: $::HttpConfig
456480
--- config
457481
location =/t {

0 commit comments

Comments
 (0)