diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-03-23 20:49:17 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-03-23 20:49:17 +0000 |
commit | 5f766b02c8c456c53ea1d9437ca334504576a138 (patch) | |
tree | 290c04e8a28a3021c147d15bc93f6216aee472c9 | |
parent | 0b5eab6ea262a3eb50a04234a0346d11ca706905 (diff) | |
download | gnutls-5f766b02c8c456c53ea1d9437ca334504576a138.tar.gz |
reduced the FIXMEs.
-rw-r--r-- | lib/gnutls_x509.c | 1 | ||||
-rw-r--r-- | lib/x509/mpi.c | 3 | ||||
-rw-r--r-- | lib/x509/pkcs7.c | 40 | ||||
-rw-r--r-- | lib/x509/verify.c | 3 |
4 files changed, 17 insertions, 30 deletions
diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c index e85e7adedc..73ca8676ee 100644 --- a/lib/gnutls_x509.c +++ b/lib/gnutls_x509.c @@ -935,7 +935,6 @@ int _gnutls_check_key_usage( const gnutls_cert* cert, return GNUTLS_E_INTERNAL_ERROR; } - /* FIXME: check here */ if (_gnutls_map_kx_get_cred(alg, 1) == GNUTLS_CRD_CERTIFICATE || _gnutls_map_kx_get_cred(alg, 0) == GNUTLS_CRD_CERTIFICATE) { diff --git a/lib/x509/mpi.c b/lib/x509/mpi.c index a534af160b..abd5a27b61 100644 --- a/lib/x509/mpi.c +++ b/lib/x509/mpi.c @@ -103,7 +103,8 @@ int _gnutls_x509_read_dsa_params(opaque * der, int dersize, GNUTLS_MPI * params) } /* FIXME: If the parameters are not included in the certificate - * then the issuer's parameters should be used. + * then the issuer's parameters should be used. This is not + * done yet. */ /* Read p */ diff --git a/lib/x509/pkcs7.c b/lib/x509/pkcs7.c index 8f7d759107..4bf30284ef 100644 --- a/lib/x509/pkcs7.c +++ b/lib/x509/pkcs7.c @@ -173,7 +173,13 @@ int gnutls_pkcs7_get_certificate(gnutls_pkcs7 pkcs7, return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; } - tmp_size = 256; /* some initial size */ + tmp_size = 0; + result = asn1_read_value(pkcs7->pkcs7, "content", NULL, &tmp_size); + if (result!=ASN1_MEM_ERROR) { + gnutls_assert(); + return _gnutls_asn2err(result); + } + tmp = gnutls_malloc(tmp_size); if (tmp==NULL) { gnutls_assert(); @@ -181,17 +187,6 @@ int gnutls_pkcs7_get_certificate(gnutls_pkcs7 pkcs7, } result = asn1_read_value(pkcs7->pkcs7, "content", tmp, &tmp_size); - /* FIXME: a hard coded value - */ - if (result==ASN1_MEM_ERROR && tmp_size > 0 && tmp_size < 50*1024) { - tmp = gnutls_realloc_fast( tmp, tmp_size); - if (tmp==NULL) { - gnutls_assert(); - return GNUTLS_E_MEMORY_ERROR; - } - result = asn1_read_value(pkcs7->pkcs7, "content", tmp, &tmp_size); - } - if (result != ASN1_SUCCESS) { gnutls_assert(); result = _gnutls_asn2err(result); @@ -313,7 +308,13 @@ int gnutls_pkcs7_get_certificate_count(gnutls_pkcs7 pkcs7) return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; } - tmp_size = 256; /* some initial size */ + tmp_size = 0; + result = asn1_read_value(pkcs7->pkcs7, "content", NULL, &tmp_size); + if (result!=ASN1_MEM_ERROR) { + gnutls_assert(); + return _gnutls_asn2err(result); + } + tmp = gnutls_malloc(tmp_size); if (tmp==NULL) { gnutls_assert(); @@ -321,18 +322,7 @@ int gnutls_pkcs7_get_certificate_count(gnutls_pkcs7 pkcs7) } result = asn1_read_value(pkcs7->pkcs7, "content", tmp, &tmp_size); - /* FIXME: a hard coded value - */ - if (result==ASN1_MEM_ERROR && tmp_size > 0 && tmp_size < 50*1024) { - tmp = gnutls_realloc_fast( tmp, tmp_size); - if (tmp==NULL) { - gnutls_assert(); - return GNUTLS_E_MEMORY_ERROR; - } - result = asn1_read_value(pkcs7->pkcs7, "content", tmp, &tmp_size); - } - - if (result != ASN1_SUCCESS) { + if (result!=ASN1_SUCCESS) { gnutls_assert(); result = _gnutls_asn2err(result); goto cleanup; diff --git a/lib/x509/verify.c b/lib/x509/verify.c index ec44ab63f1..60d28ea0e2 100644 --- a/lib/x509/verify.c +++ b/lib/x509/verify.c @@ -351,9 +351,6 @@ unsigned int _gnutls_x509_verify_certificate(gnutls_x509_crt * certificate_list, status |= GNUTLS_CERT_NOT_TRUSTED; } - /* FIXME: Check CRL --not done yet. - */ - return status; } |