projects
/
krb5.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
140e24e
)
X509_verify_cert can return without setting cert_ctx.current_cert. If
author
Greg Hudson
<ghudson@mit.edu>
Wed, 8 Sep 2010 03:15:49 +0000
(
03:15
+0000)
committer
Greg Hudson
<ghudson@mit.edu>
Wed, 8 Sep 2010 03:15:49 +0000
(
03:15
+0000)
it does, don't dereference a null pointer when creating the pkiDebug
message.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24296
dc483132
-0cff-0310-8789-
dd5450dbe970
src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
patch
|
blob
|
history
diff --git
a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
index 25104d680dde571e11c82fe7339572ed2df4d840..bdde2e0fbcdfa03a558ab67971b2233ebe8017cd 100644
(file)
--- a/
src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+++ b/
src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
@@
-1319,8
+1319,11
@@
cms_signeddata_verify(krb5_context context,
default:
retval = KRB5KDC_ERR_INVALID_CERTIFICATE;
}
- X509_NAME_oneline(X509_get_subject_name(
- reqctx->received_cert), buf, sizeof(buf));
+ if (reqctx->received_cert == NULL)
+ strlcpy(buf, "(none)", sizeof(buf));
+ else
+ X509_NAME_oneline(X509_get_subject_name(reqctx->received_cert),
+ buf, sizeof(buf));
pkiDebug("problem with cert DN = %s (error=%d) %s\n", buf, j,
X509_verify_cert_error_string(j));
krb5_set_error_message(context, retval, "%s\n",