diff options
author | Simon Josefsson <simon@josefsson.org> | 2009-08-13 11:16:08 +0200 |
---|---|---|
committer | Simon Josefsson <simon@josefsson.org> | 2009-08-13 11:16:08 +0200 |
commit | e727c7de76e51be19efc0b6b241b41b4cf381ecc (patch) | |
tree | b9f138afa67fa42f14ba46d02b5f3496a4760f42 | |
parent | a8badfe1e547b594067a2cd73d6c65068dfd69e4 (diff) | |
download | gnutls-e727c7de76e51be19efc0b6b241b41b4cf381ecc.tar.gz |
(gnutls_x509_crt_import): Re-initialize the ASN.1 structure.
If this is not done here, the next certificate loading may fail
because asn1_der_decoding modified the ASN.1 structure. Triggered by
the hostname-check self-test.
-rw-r--r-- | lib/x509/x509.c | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/lib/x509/x509.c b/lib/x509/x509.c index 048ff8989a..e1746a4a62 100644 --- a/lib/x509/x509.c +++ b/lib/x509/x509.c @@ -62,6 +62,9 @@ gnutls_x509_crt_init (gnutls_x509_crt_t * cert) return _gnutls_asn2err (result); } + /* If you add anything here, be sure to check if it has to be added + to gnutls_x509_crt_import as well. */ + *cert = tmp; return 0; /* success */ @@ -166,7 +169,6 @@ gnutls_x509_crt_import (gnutls_x509_crt_t cert, { int result = 0, need_free = 0; gnutls_datum_t _data; - opaque *signature = NULL; if (cert == NULL) { @@ -209,6 +211,23 @@ gnutls_x509_crt_import (gnutls_x509_crt_t cert, need_free = 1; } + if (cert->cert) + { + /* Any earlier asn1_der_decoding will modify the ASN.1 + structure, so we need to replace it with a fresh + structure. */ + asn1_delete_structure (&cert->cert); + + result = asn1_create_element (_gnutls_get_pkix (), + "PKIX1.Certificate", &cert->cert); + if (result != ASN1_SUCCESS) + { + result = _gnutls_asn2err (result); + gnutls_assert (); + goto cleanup; + } + } + result = asn1_der_decoding (&cert->cert, _data.data, _data.size, NULL); if (result != ASN1_SUCCESS) { @@ -226,7 +245,6 @@ gnutls_x509_crt_import (gnutls_x509_crt_t cert, return 0; cleanup: - gnutls_free (signature); if (need_free) _gnutls_free_datum (&_data); return result; |