crypto: fix to check ext method for shared lib

In the case of using openssl with shared library, reinterpret_cast<X509V3_EXT_I2V>(i2v_GENERAL_NAMES)) refers plt pointer so that SafeX509ExtPrint returns false. Fix it to check it with method of NID_subject_alt_name This patch originally was created by Fedor Indutny and Ben Noordhuis Fixes: #617 PR-URL: #800 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Fedor Indutny <fedor@indutny.com>
nodejs · Feb 11, 2015 · e63b517 · e63b517
1 parent 15d156e
commit e63b517
Showing 1 changed file with 1 addition and 7 deletions.
diff --git a/src/node_crypto.cc b/src/node_crypto.cc
@@ -1099,15 +1099,9 @@ void SSLWrap<Base>::OnClientHello(void* arg,
 
 
 static bool SafeX509ExtPrint(BIO* out, X509_EXTENSION* ext) {
-  // Only alt_name is escaped at the moment
-  if (OBJ_obj2nid(ext->object) != NID_subject_alt_name)
-    return false;
-
   const X509V3_EXT_METHOD* method = X509V3_EXT_get(ext);
-  if (method == NULL || method->it == NULL)
-    return false;
 
-  if (method->i2v != reinterpret_cast<X509V3_EXT_I2V>(i2v_GENERAL_NAMES))
+  if (method != X509V3_EXT_get_nid(NID_subject_alt_name))
     return false;
 
   const unsigned char* p = ext->value->data;