diff options
author | Stef Walter <stefw@redhat.com> | 2014-09-05 11:29:05 +0200 |
---|---|---|
committer | Stef Walter <stefw@redhat.com> | 2014-09-05 11:53:42 +0200 |
commit | fdb2ce9ba73d8e36aaf0cd32b1741b798d870520 (patch) | |
tree | 9770ad28b98f7617b0174178e42d92176a61d84f | |
parent | adea0235b44ccd33340e020583606508578771f3 (diff) | |
download | p11-kit-fdb2ce9ba73d8e36aaf0cd32b1741b798d870520.tar.gz |
trust: Produce a proper message for an invalid stapled extension
Previously we would output a line like this:
p11-kit: 'node != NULL' not true at lookup_extension
-rw-r--r-- | trust/builder.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/trust/builder.c b/trust/builder.c index fd7a662..5f76608 100644 --- a/trust/builder.c +++ b/trust/builder.c @@ -114,6 +114,7 @@ lookup_extension (p11_builder *builder, CK_OBJECT_CLASS klass = CKO_X_CERTIFICATE_EXTENSION; CK_OBJECT_HANDLE obj; CK_ATTRIBUTE *attrs; + CK_ATTRIBUTE *label; void *value; size_t length; node_asn *node; @@ -137,7 +138,15 @@ lookup_extension (p11_builder *builder, value = p11_attrs_find_value (attrs, CKA_VALUE, &length); if (value != NULL) { node = decode_or_get_asn1 (builder, "PKIX1.Extension", value, length); - return_val_if_fail (node != NULL, NULL); + if (node == NULL) { + label = p11_attrs_find_valid (attrs, CKA_LABEL); + if (label == NULL) + label = p11_attrs_find_valid (cert, CKA_LABEL); + p11_message ("%.*s: invalid certificate extension", + label ? (int)label->ulValueLen : 7, + label ? (char *)label->pValue : "unknown"); + return NULL; + } return p11_asn1_read (node, "extnValue", ext_len); } } |