summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@redhat.com>2016-05-10 10:44:57 +0200
committerNikos Mavrogiannopoulos <nmav@redhat.com>2016-05-10 10:44:57 +0200
commit1641ea943079765d601cf418dc2c89c1c93f0ecf (patch)
tree912c3dbac353be23054d2169947cd0d03b21c854
parentada28bc73cc78e3b974e7b7faf9f19722d6ee152 (diff)
downloadgnutls-1641ea943079765d601cf418dc2c89c1c93f0ecf.tar.gz
x509: allow empty DNs on parsing for subject DNs
Diffstat
-rw-r--r--lib/x509/crl.c2
-rw-r--r--lib/x509/crq.c2
-rw-r--r--lib/x509/dn.c12
-rw-r--r--lib/x509/ocsp.c4
-rw-r--r--lib/x509/x509.c4
-rw-r--r--lib/x509/x509_int.h2
6 files changed, 16 insertions, 10 deletions
diff --git a/lib/x509/crl.c b/lib/x509/crl.c
index 5f20a75051..483b6e8d96 100644
--- a/lib/x509/crl.c
+++ b/lib/x509/crl.c
@@ -210,7 +210,7 @@ gnutls_x509_crl_get_issuer_dn(const gnutls_x509_crl_t crl, char *buf,
return _gnutls_x509_parse_dn(crl->crl,
"tbsCertList.issuer.rdnSequence",
- buf, sizeof_buf);
+ buf, sizeof_buf, 0);
}
/**
diff --git a/lib/x509/crq.c b/lib/x509/crq.c
index b3a04e7b47..faf6443bb5 100644
--- a/lib/x509/crq.c
+++ b/lib/x509/crq.c
@@ -269,7 +269,7 @@ gnutls_x509_crq_get_dn(gnutls_x509_crq_t crq, char *buf, size_t * buf_size)
return _gnutls_x509_parse_dn(crq->crq,
"certificationRequestInfo.subject.rdnSequence",
- buf, buf_size);
+ buf, buf_size, 1);
}
/**
diff --git a/lib/x509/dn.c b/lib/x509/dn.c
index 5e6242698c..5e0b7026ff 100644
--- a/lib/x509/dn.c
+++ b/lib/x509/dn.c
@@ -227,7 +227,7 @@ _gnutls_x509_get_dn(ASN1_TYPE asn1_struct,
int
_gnutls_x509_parse_dn(ASN1_TYPE asn1_struct,
const char *asn1_rdn_name, char *buf,
- size_t * buf_size)
+ size_t * buf_size, unsigned allow_empty)
{
int ret;
gnutls_datum_t dn = {NULL, 0};
@@ -243,8 +243,14 @@ _gnutls_x509_parse_dn(ASN1_TYPE asn1_struct,
*buf_size = 0;
ret = _gnutls_x509_get_dn(asn1_struct, asn1_rdn_name, &dn);
- if (ret < 0)
+ if (ret < 0) {
+ if (allow_empty && ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+ gnutls_assert();
+ *buf_size = 0;
+ return 0;
+ }
return gnutls_assert_val(ret);
+ }
if (dn.size >= (unsigned int) *buf_size) {
gnutls_assert();
@@ -864,7 +870,7 @@ gnutls_x509_rdn_get(const gnutls_datum_t * idn,
return _gnutls_asn2err(result);
}
- result = _gnutls_x509_parse_dn(dn, "rdnSequence", buf, buf_size);
+ result = _gnutls_x509_parse_dn(dn, "rdnSequence", buf, buf_size, 0);
asn1_delete_structure(&dn);
return result;
diff --git a/lib/x509/ocsp.c b/lib/x509/ocsp.c
index 92db9b6aad..b52b94f915 100644
--- a/lib/x509/ocsp.c
+++ b/lib/x509/ocsp.c
@@ -1123,7 +1123,7 @@ gnutls_ocsp_resp_get_responder(gnutls_ocsp_resp_t resp,
ret = _gnutls_x509_parse_dn
(resp->basicresp, "tbsResponseData.responderID.byName",
- NULL, &l);
+ NULL, &l, 0);
if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER) {
if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
return 0; /* for backwards compatibility */
@@ -1139,7 +1139,7 @@ gnutls_ocsp_resp_get_responder(gnutls_ocsp_resp_t resp,
ret = _gnutls_x509_parse_dn
(resp->basicresp, "tbsResponseData.responderID.byName",
- (char *) dn->data, &l);
+ (char *) dn->data, &l, 0);
if (ret != GNUTLS_E_SUCCESS) {
gnutls_assert();
return ret;
diff --git a/lib/x509/x509.c b/lib/x509/x509.c
index 8d76f0df8d..ef27a68d38 100644
--- a/lib/x509/x509.c
+++ b/lib/x509/x509.c
@@ -496,7 +496,7 @@ gnutls_x509_crt_get_issuer_dn(gnutls_x509_crt_t cert, char *buf,
return _gnutls_x509_parse_dn(cert->cert,
"tbsCertificate.issuer.rdnSequence",
- buf, buf_size);
+ buf, buf_size, 0);
}
/**
@@ -640,7 +640,7 @@ gnutls_x509_crt_get_dn(gnutls_x509_crt_t cert, char *buf,
return _gnutls_x509_parse_dn(cert->cert,
"tbsCertificate.subject.rdnSequence",
- buf, buf_size);
+ buf, buf_size, 1);
}
/**
diff --git a/lib/x509/x509_int.h b/lib/x509/x509_int.h
index 2c275f4b45..31475f0678 100644
--- a/lib/x509/x509_int.h
+++ b/lib/x509/x509_int.h
@@ -160,7 +160,7 @@ int _gnutls_x509_pkix_sign(ASN1_TYPE src, const char *src_name,
int _gnutls_x509_parse_dn(ASN1_TYPE asn1_struct,
const char *asn1_rdn_name, char *buf,
- size_t * sizeof_buf);
+ size_t * sizeof_buf, unsigned allow_empty);
int
_gnutls_x509_get_dn(ASN1_TYPE asn1_struct,
View Lorry Controller Status