summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSimon Josefsson <simon@josefsson.org>2009-08-13 11:16:08 +0200
committerSimon Josefsson <simon@josefsson.org>2009-08-13 11:17:59 +0200
commit31acfa0514376eac81d2d27f1fcb49212d48ffd4 (patch)
treefd1c286cbab6150f9740ba0c57552210b6583f8e
parentc00f871890971ca0ec7ffc40d3cce5fefc6811a5 (diff)
downloadgnutls-31acfa0514376eac81d2d27f1fcb49212d48ffd4.tar.gz
(gnutls_x509_crt_import): Re-initialize the ASN.1 structure.
If this is not done here, the next certificate loading may fail because asn1_der_decoding modified the ASN.1 structure. Triggered by the hostname-check self-test.
-rw-r--r--lib/x509/x509.c22
1 files changed, 20 insertions, 2 deletions
diff --git a/lib/x509/x509.c b/lib/x509/x509.c
index 1f6616deb3..91ddc32cc7 100644
--- a/lib/x509/x509.c
+++ b/lib/x509/x509.c
@@ -62,6 +62,9 @@ gnutls_x509_crt_init (gnutls_x509_crt_t * cert)
return _gnutls_asn2err (result);
}
+ /* If you add anything here, be sure to check if it has to be added
+ to gnutls_x509_crt_import as well. */
+
*cert = tmp;
return 0; /* success */
@@ -166,7 +169,6 @@ gnutls_x509_crt_import (gnutls_x509_crt_t cert,
{
int result = 0, need_free = 0;
gnutls_datum_t _data;
- opaque *signature = NULL;
if (cert == NULL)
{
@@ -209,6 +211,23 @@ gnutls_x509_crt_import (gnutls_x509_crt_t cert,
need_free = 1;
}
+ if (cert->cert)
+ {
+ /* Any earlier asn1_der_decoding will modify the ASN.1
+ structure, so we need to replace it with a fresh
+ structure. */
+ asn1_delete_structure (&cert->cert);
+
+ result = asn1_create_element (_gnutls_get_pkix (),
+ "PKIX1.Certificate", &cert->cert);
+ if (result != ASN1_SUCCESS)
+ {
+ result = _gnutls_asn2err (result);
+ gnutls_assert ();
+ goto cleanup;
+ }
+ }
+
result = asn1_der_decoding (&cert->cert, _data.data, _data.size, NULL);
if (result != ASN1_SUCCESS)
{
@@ -226,7 +245,6 @@ gnutls_x509_crt_import (gnutls_x509_crt_t cert,
return 0;
cleanup:
- gnutls_free (signature);
if (need_free)
_gnutls_free_datum (&_data);
return result;