diff options
author | Simon Josefsson <simon@josefsson.org> | 2011-09-06 12:09:03 +0200 |
---|---|---|
committer | Simon Josefsson <simon@josefsson.org> | 2011-09-06 12:11:27 +0200 |
commit | ceb4f32c9417ab44a2df831c306d7329eb5a1fce (patch) | |
tree | 3fb00758567a86985a55ae9600435a1a6b279ee6 | |
parent | 80aaf33d85be24708d11c2f9f3bdada0cab49065 (diff) | |
download | gnutls-ceb4f32c9417ab44a2df831c306d7329eb5a1fce.tar.gz |
libgnutls: Allow CA importing of 0 certificates to succeed.
Reported by Jonathan Nieder <jrnieder@gmail.com> in
<http://bugs.debian.org/640639>.
-rw-r--r-- | NEWS | 4 | ||||
-rw-r--r-- | lib/x509/x509.c | 4 | ||||
-rw-r--r-- | tests/parse_ca.c | 9 |
3 files changed, 15 insertions, 2 deletions
@@ -2,6 +2,10 @@ GnuTLS NEWS -- History of user-visible changes. -*- outline -*- Copyright (C) 2000-2011 Free Software Foundation, Inc. See the end for copying conditions. +** libgnutls: Allow CA importing of 0 certificates to succeed. +Reported by Jonathan Nieder <jrnieder@gmail.com> in +<http://bugs.debian.org/640639>. + * Version 3.0.2 (released 2011-09-01) ** libgnutls: OpenPGP certificate type is not enabled diff --git a/lib/x509/x509.c b/lib/x509/x509.c index 606d44fd6b..9d85384777 100644 --- a/lib/x509/x509.c +++ b/lib/x509/x509.c @@ -3219,7 +3219,9 @@ gnutls_x509_crt_list_import (gnutls_x509_crt_t * certs, if (ptr == NULL) { gnutls_assert (); - return GNUTLS_E_BASE64_DECODING_ERROR; + *cert_max = 0; + /* no certificate found, likely empty file or garbage input */ + return 0; } count = 0; diff --git a/tests/parse_ca.c b/tests/parse_ca.c index 9f81887e27..42d9eb38ee 100644 --- a/tests/parse_ca.c +++ b/tests/parse_ca.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2007, 2010 Free Software Foundation, Inc. + * Copyright (C) 2007, 2010, 2011 Free Software Foundation, Inc. * * Author: Simon Josefsson * @@ -72,6 +72,13 @@ doit (void) if (rc != 2) fail ("import ca failed: %d\n", rc); + ca.data = (unsigned char*) ""; + ca.size = 0; + + rc = gnutls_certificate_set_x509_trust_mem (cred, &ca, GNUTLS_X509_FMT_PEM); + if (rc != 0) + fail ("import ca failed: %d\n", rc); + gnutls_certificate_free_credentials (cred); gnutls_global_deinit (); |