Fix crash in x509_crl when certificate issuer is specified (#441)

* Fix x509_crl certificate issuer issue. * Add tests. * Add changelog fragment.
2026-05-08 06:13:03 +00:00 · 2022-04-18 08:17:27 +02:00
parent 041fff5057
commit 9d03178b00
4 changed files with 33 additions and 3 deletions
--- a/tests/integration/targets/x509_crl/tasks/impl.yml
+++ b/tests/integration/targets/x509_crl/tasks/impl.yml
@@ -524,3 +524,25 @@
    path: '{{ remote_tmp_dir }}/ca-crl2.crl'
    list_revoked_certificates: false
  register: crl_2_info_2
+
+- name: Create CRL 3
+  x509_crl:
+    path: '{{ remote_tmp_dir }}/ca-crl3.crl'
+    privatekey_path: '{{ remote_tmp_dir }}/ca.key'
+    issuer:
+      CN: Ansible
+    last_update: +0d
+    next_update: +0d
+    revoked_certificates:
+      - serial_number: 1234
+        revocation_date: 20191001000000Z
+        issuer:
+          - "DNS:ca.example.org"
+        issuer_critical: true
+  register: crl_3
+
+- name: Retrieve CRL 3 infos
+  x509_crl_info:
+    path: '{{ remote_tmp_dir }}/ca-crl3.crl'
+    list_revoked_certificates: true
+  register: crl_3_info
--- a/tests/integration/targets/x509_crl/tests/validate.yml
+++ b/tests/integration/targets/x509_crl/tests/validate.yml
@@ -102,3 +102,11 @@
          ['commonName', 'CRL'],
          ['commonName', 'Test'],
        ]
+
+- name: Validate CRL 3 info
+  assert:
+    that:
+      - crl_3.revoked_certificates == crl_3_info.revoked_certificates
+      - crl_3.revoked_certificates[0].issuer == [
+          "DNS:ca.example.org",
+        ]