From 220d7b027871f79f446c7b3c2db9ef43f24c19cc Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Thu, 7 Mar 2013 18:05:32 +0100 Subject: [PATCH] x509: Don't break when cA field of BasicConstraints is missing The field defaults to FALSE. It sucks that libtasn1 doesn't fill this in for us. https://bugs.freedesktop.org/show_bug.cgi?id=61975 --- common/x509.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/common/x509.c b/common/x509.c index 46e3bd9..f86d2b3 100644 --- a/common/x509.c +++ b/common/x509.c @@ -122,9 +122,16 @@ p11_x509_parse_basic_constraints (p11_dict *asn1_defs, len = sizeof (buffer); ret = asn1_read_value (ext, "cA", buffer, &len); - return_val_if_fail (ret == ASN1_SUCCESS, false); - *is_ca = (strcmp (buffer, "TRUE") == 0); + /* Default value for cA is FALSE */ + if (ret == ASN1_ELEMENT_NOT_FOUND) { + *is_ca = false; + + } else { + return_val_if_fail (ret == ASN1_SUCCESS, false); + *is_ca = (strcmp (buffer, "TRUE") == 0); + } + asn1_delete_structure (&ext); return true; -- 2.40.0