Do not print empty DN identities as invalid
authorMartin Willi <martin@revosec.ch>
Thu, 23 Dec 2010 14:22:32 +0000 (15:22 +0100)
committerMartin Willi <martin@revosec.ch>
Wed, 5 Jan 2011 15:46:07 +0000 (16:46 +0100)
src/libstrongswan/utils/identification.c

index 0696c10..fd2716d 100644 (file)
@@ -281,11 +281,13 @@ static void dntoa(chunk_t dn, char *buf, size_t len)
        chunk_t oid_data, data, printable;
        u_char type;
        int oid, written;
-       bool finished = FALSE;
+       bool finished = FALSE, empty = TRUE;
 
        e = create_rdn_enumerator(dn);
        while (e->enumerate(e, &oid_data, &type, &data))
        {
+               empty = FALSE;
+
                oid = asn1_known_oid(oid_data);
 
                if (oid == OID_UNKNOWN)
@@ -329,7 +331,11 @@ static void dntoa(chunk_t dn, char *buf, size_t len)
                        break;
                }
        }
-       if (!finished)
+       if (empty)
+       {
+               snprintf(buf, len, "");
+       }
+       else if (!finished)
        {
                snprintf(buf, len, "(invalid ID_DER_ASN1_DN)");
        }