From ec817aad427b01ae60ff2d25df34a7babf1865fa Mon Sep 17 00:00:00 2001
From: Linus Nordberg <linus@nordberg.se>
Date: Fri, 24 Oct 2014 11:40:41 +0200
Subject: Catch badly ASN.1-encoded certificates.

Now not crashing badly encoded certs in the list of known roots, which
is good. They're simply ignored. Next step is to figure out if we
should accept some anomalies, due to reality.
---
 src/v1.erl | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'src/v1.erl')

diff --git a/src/v1.erl b/src/v1.erl
index 0c13cbc..086fa35 100644
--- a/src/v1.erl
+++ b/src/v1.erl
@@ -21,13 +21,13 @@ request(post, "ct/v1/add-chain", Input) ->
                         Roots = catlfish:known_roots(),
                         case x509:normalise_chain(Roots, [LeafCert|CertChain]) of
                             {ok, [Leaf | Chain]} ->
-				io:format("[info] adding ~p~n",
+                                io:format("[info] adding ~p~n",
                                           [x509:cert_string(LeafCert)]),
                                 success(catlfish:add_chain(Leaf, Chain));
-                            {Err, Msg} ->
-				io:format("[info] rejecting ~p: ~p~n",
-                                          [x509:cert_string(LeafCert), Err]),
-                                html("add-chain: ", [Msg, Err])
+                            {error, Reason} ->
+                                io:format("[info] rejecting ~p: ~p~n",
+                                          [x509:cert_string(LeafCert), Reason]),
+                                html("add-chain: invalid chain", Reason)
                         end;
                     Invalid ->
                         html("add-chain: chain is not a list: ", [Invalid])
-- 
cgit v1.1