From bb0f57aeb4de36a3b2b8b8cb01d25b32af0357d3 Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?V=C3=ADt=20Ondruch?= <vondruch@redhat.com>

Date: Wed, 27 Oct 2021 16:28:24 +0200

Subject: [PATCH] Provide distinguished name which will be correctly parsed.

It seems that since ruby openssl 2.1.0 [[1]], the distinguished name

submitted to `OpenSSL::X509::Name.parse` is not correctly parsed if it

does not contain the first slash:

~~~

$ ruby -v

ruby 3.0.2p107 (2021-07-07 revision 0db68f0233) [x86_64-linux]

$ gem list | grep openssl

openssl (default: 2.2.0)

$ irb -r openssl

irb(main):001:0> OpenSSL::X509::Name.parse("CN=nobody/DC=example").to_s(OpenSSL::X509::Name::ONELINE)

=> "CN = nobody/DC=example"

irb(main):002:0> OpenSSL::X509::Name.parse("/CN=nobody/DC=example").to_s(OpenSSL::X509::Name::ONELINE)

=> "CN = nobody, DC = example"

~~~

[1]: https://github.com/ruby/openssl/commit/19c67cd10c57f3ab7b13966c36431ebc3fdd653b

---

 lib/rubygems/security.rb | 2 +-

 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/rubygems/security.rb b/lib/rubygems/security.rb

index c80639af6d..12de141f36 100644

--- a/lib/rubygems/security.rb

+++ b/lib/rubygems/security.rb

@@ -510,7 +510,7 @@ def self.email_to_name(email_address)

     dcs = dcs.split '.'

-    name = "CN=#{cn}/#{dcs.map {|dc| "DC=#{dc}" }.join '/'}"

+    name = "/CN=#{cn}/#{dcs.map {|dc| "DC=#{dc}" }.join '/'}"

     OpenSSL::X509::Name.parse name

   end

-- 

2.32.0