diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-01-07 14:35:59 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-01-07 14:43:24 +0100 |
commit | 021b984d7bfd34af9978998eb1e49a306779fc37 (patch) | |
tree | 12924540c6dba29c07e97310b7940d2f5f55e225 | |
parent | bfc63d15b71185b2f97d1e215df475f670d83513 (diff) | |
download | gnutls-021b984d7bfd34af9978998eb1e49a306779fc37.tar.gz |
trust_list_get_issuer_by_dn: fixed check for DN or SPKI
-rw-r--r-- | lib/x509/verify-high.c | 38 |
1 files changed, 19 insertions, 19 deletions
diff --git a/lib/x509/verify-high.c b/lib/x509/verify-high.c index ff5524e4e0..074a158e81 100644 --- a/lib/x509/verify-high.c +++ b/lib/x509/verify-high.c @@ -880,13 +880,13 @@ int trust_list_get_issuer_by_dn(gnutls_x509_trust_list_t list, uint8_t tmp[256]; size_t tmp_size; - hash = - hash_pjw_bare(dn->data, - dn->size); - hash %= list->size; + if (dn) { + hash = + hash_pjw_bare(dn->data, + dn->size); + hash %= list->size; - for (i = 0; i < list->node[hash].trusted_ca_size; i++) { - if (dn) { + for (i = 0; i < list->node[hash].trusted_ca_size; i++) { ret = _gnutls_x509_compare_raw_dn(dn, &list->node[hash].trusted_cas[i]->raw_dn); if (ret != 0) { if (spki && spki->size > 0) { @@ -901,22 +901,22 @@ int trust_list_get_issuer_by_dn(gnutls_x509_trust_list_t list, *issuer = crt_cpy(list->node[hash].trusted_cas[i]); return 0; } - } else if (spki) { - /* search everything! */ - for (i = 0; i < list->size; i++) { - for (j = 0; j < list->node[i].trusted_ca_size; j++) { - tmp_size = sizeof(tmp); + } + } else if (spki) { + /* search everything! */ + for (i = 0; i < list->size; i++) { + for (j = 0; j < list->node[i].trusted_ca_size; j++) { + tmp_size = sizeof(tmp); - ret = gnutls_x509_crt_get_subject_key_id(list->node[i].trusted_cas[j], tmp, &tmp_size, NULL); - if (ret < 0) - continue; + ret = gnutls_x509_crt_get_subject_key_id(list->node[i].trusted_cas[j], tmp, &tmp_size, NULL); + if (ret < 0) + continue; - if (spki->size != tmp_size || memcmp(spki->data, tmp, spki->size) != 0) - continue; + if (spki->size != tmp_size || memcmp(spki->data, tmp, spki->size) != 0) + continue; - *issuer = crt_cpy(list->node[i].trusted_cas[j]); - return 0; - } + *issuer = crt_cpy(list->node[i].trusted_cas[j]); + return 0; } } } |