pool/pesign
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
pesign/pesign-allow-no-issuer-cert.patch
Gary Ching-Pang Lin 146aff81ea Accepting request 183593 from home:gary_lin:branches:Base:System 
Add pesign-allow-no-issuer-cert.patch to avoid crash when the
issuer's certificate is not available

OBS-URL: https://build.opensuse.org/request/show/183593
OBS-URL: https://build.opensuse.org/package/show/Base:System/pesign?expand=0&rev=21
2013-07-18 07:25:53 +00:00

45 lines
1.4 KiB
Diff
Raw Blame History

From be564827927e9845b61807b1355467df9d8115e6 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Mon, 4 Mar 2013 16:25:08 +0800
Subject: [PATCH] Include the issuer's certificate only when available
---
src/cms_common.c | 2 +-
src/signed_data.c | 7 +------
2 files changed, 2 insertions(+), 7 deletions(-)
diff --git a/src/cms_common.c b/src/cms_common.c
index 7cca21b..755dd31 100644
--- a/src/cms_common.c
+++ b/src/cms_common.c
@@ -588,7 +588,7 @@ find_named_certificate(cms_context *cms, char *name, CERTCertificate **cert)
if (!strcmp(node->cert->subjectName, name))
break;
}
- if (!node) {
+ if (CERT_LIST_END(node,certlist)) {
PK11_DestroySlotListElement(slots, &psle);
PK11_FreeSlotList(slots);
CERT_DestroyCertList(certlist);
diff --git a/src/signed_data.c b/src/signed_data.c
index fc1d137..97bf8b5 100644
--- a/src/signed_data.c
+++ b/src/signed_data.c
@@ -96,12 +96,7 @@ generate_certificate_list(cms_context *cms, SECItem ***certificate_list_p)
CERTCertificate *signer = NULL;
int rc = find_named_certificate(cms, cms->cert->issuerName,
&signer);
- if (rc < 0) {
- PORT_ArenaRelease(cms->arena, mark);
- return -1;
- }
-
- if (signer) {
+ if (rc == 0 && signer) {
if (signer->derCert.len != cms->cert->derCert.len ||
memcmp(signer->derCert.data,
cms->cert->derCert.data,
--
1.7.10.4
Reference in New Issue View Git Blame Copy Permalink