encode OID subidentifier value 0 as single 0x00 byte

author ethan-thompson <ethan.thompson@networkradius.com>

Mon, 16 Mar 2026 19:38:53 +0000 (15:38 -0400)

committer Alan T. DeKok <aland@freeradius.org>

Sat, 21 Mar 2026 05:09:23 +0000 (22:09 -0700)
author ethan-thompson <ethan.thompson@networkradius.com>
Mon, 16 Mar 2026 19:38:53 +0000 (15:38 -0400)
committer Alan T. DeKok <aland@freeradius.org>
Sat, 21 Mar 2026 05:09:23 +0000 (22:09 -0700)
diff --git a/src/protocols/der/encode.c b/src/protocols/der/encode.c

index 75bee5c8a19ed4bdd8663bf6d73329455c07548d..c6d668648f6ec9add7f0124b575aecfd566c19cb 100644 (file)
--- a/src/protocols/der/encode.c
+++ b/src/protocols/der/encode.c
@@ -590,6 +590,7 @@ static ssize_t fr_der_encode_oid_from_value(fr_dbuff_t *dbuff, uint64_t value, u
  {
         fr_dbuff_t      our_dbuff;
         int             i;
+       bool            wrote = false;
         uint64_t        oid;
  
         /*
@@ -632,12 +633,16 @@ static ssize_t fr_der_encode_oid_from_value(fr_dbuff_t *dbuff, uint64_t value, u
         for (i = 63; i >= 0; i -= 7) {
                 uint8_t more, part;
  
+               /*
+                *      Skip leading zeroes, but not intermediate ones.
+                */
                 part = (oid >> i) & 0x7f;
-               if (!part) continue;
+               if (!part && !wrote && (i > 0)) continue;
  
                 more = ((uint8_t) (i > 0)) << 7;
  
                 FR_DBUFF_IN_RETURN(&our_dbuff, (uint8_t) (more | part));
+               wrote = true;
         }
  
         (*count)++;
author	ethan-thompson <ethan.thompson@networkradius.com>
	Mon, 16 Mar 2026 19:38:53 +0000 (15:38 -0400)
committer	Alan T. DeKok <aland@freeradius.org>
	Sat, 21 Mar 2026 05:09:23 +0000 (22:09 -0700)