From 47acf270f1976f9d3dbd389662c60e52c26202fd Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Sat, 22 Nov 2025 17:04:33 +0000
Subject: [PATCH] Refactor ASN1_STRING access to use accessor functions

Replace direct access to .data and .length attributes with
ASN1_STRING_get0_data() and ASN1_STRING_length() accessor
functions in the X509Extension._subjectAltNameString() method.

This improves compatibility with OpenSSL's opaque structure
design and follows the pattern used elsewhere in the codebase.
---
 src/OpenSSL/crypto.py | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/OpenSSL/crypto.py b/src/OpenSSL/crypto.py
index 366007e8..23437e7b 100644
--- a/src/OpenSSL/crypto.py
+++ b/src/OpenSSL/crypto.py
@@ -885,9 +885,11 @@ def _subjectAltNameString(self) -> str:
                 _lib.GENERAL_NAME_print(bio, name)
                 parts.append(_bio_to_string(bio).decode("utf-8"))
             else:
-                value = _ffi.buffer(name.d.ia5.data, name.d.ia5.length)[
-                    :
-                ].decode("utf-8")
+                asn1_string = _ffi.cast("ASN1_STRING*", name.d.ia5)
+                value = _ffi.buffer(
+                    _lib.ASN1_STRING_get0_data(asn1_string),
+                    _lib.ASN1_STRING_length(asn1_string),
+                )[:].decode("utf-8")
                 parts.append(label + ":" + value)
         return ", ".join(parts)