cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-03 20:22:59 -05:00
Code Issues Packages Projects Releases Wiki Activity

Handle missing CRL parsing gracefully

Browse Source
This commit is contained in:
Paul Bakker 2014-06-12 23:22:26 +02:00
parent 9b7fb6f68e
commit 8880cb52f7
1 changed files with 16 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
programs/x509/cert_app.c
View File

@ -175,7 +175,13 @@ int main( int argc, char *argv[] )
server_fd = 0; server_fd = 0;
x509_crt_init( &cacert ); x509_crt_init( &cacert );
x509_crt_init( &clicert ); x509_crt_init( &clicert );
#if defined(POLARSSL_X509_CRL_PARSE_C)
x509_crl_init( &cacrl ); x509_crl_init( &cacrl );
#else
/* Zeroize structure as CRL parsing is not supported and we have to pass
it to the verify function */
memset( &cacrl, 0, sizeof(x509_crl) );
#endif
pk_init( &pkey ); pk_init( &pkey );
if( argc == 0 ) if( argc == 0 )
@ -274,17 +280,18 @@ int main( int argc, char *argv[] )
printf( " ok (%d skipped)\n", ret ); printf( " ok (%d skipped)\n", ret );
#if defined(POLARSSL_X509_CRL_PARSE_C)
if( strlen( opt.crl_file ) ) if( strlen( opt.crl_file ) )
{ {
ret = x509_crl_parse_file( &cacrl, opt.crl_file ); if( ( ret = x509_crl_parse_file( &cacrl, opt.crl_file ) ) != 0 )
{
printf( " failed\n ! x509_crl_parse returned -0x%x\n\n", -ret );
goto exit;
}
verify = 1; verify = 1;
} }
#endif
if( ret < 0 )
{
printf( " failed\n ! x509_crl_parse returned -0x%x\n\n", -ret );
goto exit;
}
if( opt.mode == MODE_FILE ) if( opt.mode == MODE_FILE )
{ {
@ -473,7 +480,9 @@ exit:
net_close( server_fd ); net_close( server_fd );
x509_crt_free( &cacert ); x509_crt_free( &cacert );
x509_crt_free( &clicert ); x509_crt_free( &clicert );
#if defined(POLARSSL_X509_CRL_PARSE_C)
x509_crl_free( &cacrl ); x509_crl_free( &cacrl );
#endif
pk_free( &pkey ); pk_free( &pkey );
entropy_free( &entropy ); entropy_free( &entropy );