diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-02-25 15:57:55 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-02-25 15:57:55 +0100 |
| commit | 56071ff3831bbfb2cc43d2ea4cb58b11d6ac536c (patch) | |
| tree | 6b54d67db729fee12729fa9dca7be7cae925a36d | |
| parent | febcb204c4e78fb13f88e662b994c7655c1d12f3 (diff) | |
| download | gnutls_2_8_x.tar.gz | |
corrected return codesgnutls_2_8_x
| -rw-r--r-- | lib/x509/verify.c | 28 |
1 files changed, 15 insertions, 13 deletions
diff --git a/lib/x509/verify.c b/lib/x509/verify.c index cc7850a9c6..e7e2774140 100644 --- a/lib/x509/verify.c +++ b/lib/x509/verify.c @@ -112,7 +112,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, if (result < 0) { gnutls_assert (); - goto cleanup; + goto fail; } result = @@ -121,7 +121,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, if (result < 0) { gnutls_assert (); - goto cleanup; + goto fail; } result = @@ -129,7 +129,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, if (result < 0) { gnutls_assert (); - goto cleanup; + goto fail; } result = @@ -137,7 +137,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, if (result < 0) { gnutls_assert (); - goto cleanup; + goto fail; } /* If the subject certificate is the same as the issuer @@ -177,6 +177,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, else gnutls_assert (); +fail: result = 0; cleanup: @@ -269,7 +270,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, gnutls_datum_t cert_signed_data = { NULL, 0 }; gnutls_datum_t cert_signature = { NULL, 0 }; gnutls_x509_crt_t issuer; - int ret, issuer_version, result; + int ret, issuer_version, result = 0; if (output) *output = 0; @@ -299,7 +300,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, if (issuer_version < 0) { gnutls_assert (); - return issuer_version; + return 0; } if (!(flags & GNUTLS_VERIFY_DISABLE_CA_SIGN) && @@ -320,6 +321,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, if (result < 0) { gnutls_assert (); + result = 0; goto cleanup; } @@ -328,23 +330,25 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, if (result < 0) { gnutls_assert (); + result = 0; goto cleanup; } - ret = + result = _gnutls_x509_verify_signature (&cert_signed_data, NULL, &cert_signature, issuer); - if (ret < 0) + if (result < 0) { + result = 0; gnutls_assert (); + goto cleanup; } - else if (ret == 0) + else if (result == 0) { gnutls_assert (); /* error. ignore it */ if (output) *output |= GNUTLS_CERT_INVALID; - ret = 0; } /* If the certificate is not self signed check if the algorithms @@ -364,12 +368,10 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, { if (output) *output |= GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID; - ret = 0; + result = 0; } } - result = ret; - cleanup: _gnutls_free_datum (&cert_signed_data); _gnutls_free_datum (&cert_signature); |