diff options
author | Tim Rühsen <tim.ruehsen@gmx.de> | 2019-12-20 12:58:41 +0100 |
---|---|---|
committer | Tim Rühsen <tim.ruehsen@gmx.de> | 2020-01-28 13:11:51 +0100 |
commit | e6eb6cb3adf61ac085432636ef6edc676a46e803 (patch) | |
tree | c961e4b197cee16318204dd34b4793943e185efc | |
parent | da7a2d60ce8c2cf0d2c04b5c583454c52f4f326e (diff) | |
download | gnutls-e6eb6cb3adf61ac085432636ef6edc676a46e803.tar.gz |
Fix "implicit conversion from type 'int' < 0 to 'unsigned'"
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
-rw-r--r-- | lib/x509/verify.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/lib/x509/verify.c b/lib/x509/verify.c index d381b4ee87..a026138aef 100644 --- a/lib/x509/verify.c +++ b/lib/x509/verify.c @@ -626,10 +626,12 @@ verify_crt(gnutls_x509_crt_t cert, gnutls_datum_t cert_signed_data = { NULL, 0 }; gnutls_datum_t cert_signature = { NULL, 0 }; gnutls_x509_crt_t issuer = NULL; + gnutls_sign_algorithm_t sigalg; int issuer_version; unsigned result = 1; unsigned int out = 0, usage; - int sigalg, ret; + int ret; + const gnutls_sign_entry_st *se; if (output) @@ -666,10 +668,12 @@ verify_crt(gnutls_x509_crt_t cert, "signatureAlgorithm"); if (ret < 0) { MARK_INVALID(0); + sigalg = GNUTLS_SIGN_UNKNOWN; + se = NULL; + } else { + sigalg = (gnutls_sign_algorithm_t) ret; + se = _gnutls_sign_to_entry(sigalg); } - sigalg = ret; - - se = _gnutls_sign_to_entry(sigalg); /* issuer is not in trusted certificate * authorities. @@ -759,7 +763,7 @@ verify_crt(gnutls_x509_crt_t cert, } } - if (sigalg < 0) { + if (!se) { MARK_INVALID(0); } else if (cert_signed_data.data != NULL && cert_signature.data != NULL) { @@ -796,7 +800,7 @@ verify_crt(gnutls_x509_crt_t cert, } } - if (sigalg >= 0 && se) { + if (se) { if (is_level_acceptable(cert, issuer, sigalg, flags) == 0) { MARK_INVALID(GNUTLS_CERT_INSECURE_ALGORITHM); } |