diff options
| author | Stef Walter <stefw@gnome.org> | 2013-03-07 18:05:32 +0100 |
|---|---|---|
| committer | Stef Walter <stefw@gnome.org> | 2013-03-07 18:05:32 +0100 |
| commit | 220d7b027871f79f446c7b3c2db9ef43f24c19cc (patch) | |
| tree | 2ecffbceaac1b51b18c0569c5c458af40db141b2 | |
| parent | 3e532011ac100391315ffa13f537ed130cc45b2e (diff) | |
x509: Don't break when cA field of BasicConstraints is missing
The field defaults to FALSE. It sucks that libtasn1 doesn't
fill this in for us.
https://bugs.freedesktop.org/show_bug.cgi?id=61975
| -rw-r--r-- | common/x509.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/common/x509.c b/common/x509.c index 46e3bd9..f86d2b3 100644 --- a/common/x509.c +++ b/common/x509.c @@ -122,9 +122,16 @@ p11_x509_parse_basic_constraints (p11_dict *asn1_defs, len = sizeof (buffer); ret = asn1_read_value (ext, "cA", buffer, &len); - return_val_if_fail (ret == ASN1_SUCCESS, false); - *is_ca = (strcmp (buffer, "TRUE") == 0); + /* Default value for cA is FALSE */ + if (ret == ASN1_ELEMENT_NOT_FOUND) { + *is_ca = false; + + } else { + return_val_if_fail (ret == ASN1_SUCCESS, false); + *is_ca = (strcmp (buffer, "TRUE") == 0); + } + asn1_delete_structure (&ext); return true; |