SwitchEmu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2026-02-19 00:39:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Added permissive certificate parsing to x509parse_crt() and x509parse_crtfile(). With permissive parsing the parsing does not stop on encountering a parse-error

Browse Source
This commit is contained in:
Paul Bakker
2011-12-04 12:24:18 +00:00
parent a17bcc3033
commit 6c0ceb3f9a
15 changed files with 210 additions and 116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
programs/ssl/ssl_client2.c
View File

@@ -224,12 +224,12 @@ int main( int argc, char *argv[] )
#if defined(POLARSSL_FS_IO)
if( strlen( opt.ca_file ) )
ret = x509parse_crtfile( &cacert, opt.ca_file );
ret = x509parse_crtfile( &cacert, opt.ca_file, X509_NON_PERMISSIVE );
else
#endif
#if defined(POLARSSL_CERTS_C)
ret = x509parse_crt( &cacert, (unsigned char *) test_ca_crt,
strlen( test_ca_crt ) );
strlen( test_ca_crt ), X509_NON_PERMISSIVE );
#else
{
ret = 1;
@@ -254,12 +254,12 @@ int main( int argc, char *argv[] )
#if defined(POLARSSL_FS_IO)
if( strlen( opt.crt_file ) )
ret = x509parse_crtfile( &clicert, opt.crt_file );
ret = x509parse_crtfile( &clicert, opt.crt_file, X509_NON_PERMISSIVE );
else
#endif
#if defined(POLARSSL_CERTS_C)
ret = x509parse_crt( &clicert, (unsigned char *) test_cli_crt,
strlen( test_cli_crt ) );
strlen( test_cli_crt ), X509_NON_PERMISSIVE );
#else
{
ret = 1;

4
programs/ssl/ssl_fork_server.c
View File

@@ -230,7 +230,7 @@ int main( int argc, char *argv[] )
* server and CA certificates, as well as x509parse_keyfile().
*/
ret = x509parse_crt( &srvcert, (unsigned char *) test_srv_crt,
strlen( test_srv_crt ) );
strlen( test_srv_crt ), X509_NON_PERMISSIVE );
if( ret != 0 )
{
printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
@@ -238,7 +238,7 @@ int main( int argc, char *argv[] )
}
ret = x509parse_crt( &srvcert, (unsigned char *) test_ca_crt,
strlen( test_ca_crt ) );
strlen( test_ca_crt ), X509_NON_PERMISSIVE );
if( ret != 0 )
{
printf( " failed\n ! x509parse_crt returned %d\n\n", ret );

8
programs/ssl/ssl_mail_client.c
View File

@@ -476,12 +476,12 @@ int main( int argc, char *argv[] )
#if defined(POLARSSL_FS_IO)
if( strlen( opt.ca_file ) )
ret = x509parse_crtfile( &cacert, opt.ca_file );
ret = x509parse_crtfile( &cacert, opt.ca_file, X509_NON_PERMISSIVE );
else
#endif
#if defined(POLARSSL_CERTS_C)
ret = x509parse_crt( &cacert, (unsigned char *) test_ca_crt,
strlen( test_ca_crt ) );
strlen( test_ca_crt ), X509_NON_PERMISSIVE );
#else
{
ret = 1;
@@ -506,12 +506,12 @@ int main( int argc, char *argv[] )
#if defined(POLARSSL_FS_IO)
if( strlen( opt.crt_file ) )
ret = x509parse_crtfile( &clicert, opt.crt_file );
ret = x509parse_crtfile( &clicert, opt.crt_file, X509_NON_PERMISSIVE );
else
#endif
#if defined(POLARSSL_CERTS_C)
ret = x509parse_crt( &clicert, (unsigned char *) test_cli_crt,
strlen( test_cli_crt ) );
strlen( test_cli_crt ), X509_NON_PERMISSIVE );
#else
{
ret = 1;

4
programs/ssl/ssl_server.c
View File

@@ -216,7 +216,7 @@ int main( int argc, char *argv[] )
* server and CA certificates, as well as x509parse_keyfile().
*/
ret = x509parse_crt( &srvcert, (unsigned char *) test_srv_crt,
strlen( test_srv_crt ) );
strlen( test_srv_crt ), X509_NON_PERMISSIVE );
if( ret != 0 )
{
printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
@@ -224,7 +224,7 @@ int main( int argc, char *argv[] )
}
ret = x509parse_crt( &srvcert, (unsigned char *) test_ca_crt,
strlen( test_ca_crt ) );
strlen( test_ca_crt ), X509_NON_PERMISSIVE );
if( ret != 0 )
{
printf( " failed\n ! x509parse_crt returned %d\n\n", ret );