ignoring unkown crl/ocsp uris

author Martin Willi <martin@strongswan.org>

Wed, 4 Jul 2007 12:00:33 +0000 (12:00 -0000)

committer Martin Willi <martin@strongswan.org>

Wed, 4 Jul 2007 12:00:33 +0000 (12:00 -0000)
author Martin Willi <martin@strongswan.org>
Wed, 4 Jul 2007 12:00:33 +0000 (12:00 -0000)
committer Martin Willi <martin@strongswan.org>
Wed, 4 Jul 2007 12:00:33 +0000 (12:00 -0000)
diff --git a/src/charon/config/credentials/local_credential_store.c b/src/charon/config/credentials/local_credential_store.c

index 6964345..649fcbc 100644 (file)
--- a/src/charon/config/credentials/local_credential_store.c
+++ b/src/charon/config/credentials/local_credential_store.c
@@ -456,7 +456,10 @@ static void add_uris(ca_info_t *issuer, x509_t *cert)
         
         while (iterator->iterate(iterator, (void**)&uri))
         {
-               issuer->add_crluri(issuer, uri->get_encoding(uri));
+               if (uri->get_type(uri) == ID_DER_ASN1_GN_URI)
+               {
+                       issuer->add_crluri(issuer, uri->get_encoding(uri));
+               }
         }
         iterator->destroy(iterator);
  
@@ -465,7 +468,10 @@ static void add_uris(ca_info_t *issuer, x509_t *cert)
         
         while (iterator->iterate(iterator, (void**)&uri))
         {
-               issuer->add_ocspuri(issuer, uri->get_encoding(uri));
+               if (uri->get_type(uri) == ID_DER_ASN1_GN_URI)
+               {
+                       issuer->add_ocspuri(issuer, uri->get_encoding(uri));
+               }
         }
         iterator->destroy(iterator);
  }
diff --git a/src/libstrongswan/crypto/ca.c b/src/libstrongswan/crypto/ca.c

index 07413e8..97c184b 100644 (file)
--- a/src/libstrongswan/crypto/ca.c
+++ b/src/libstrongswan/crypto/ca.c
@@ -345,7 +345,7 @@ static void add_crluri(private_ca_info_t *this, chunk_t uri)
                 strncasecmp(uri.ptr, "file", 4) != 0  &&
                 strncasecmp(uri.ptr, "ftp",  3) != 0))
         {
-               DBG1("  invalid crl uri '%#B'", uri);
+               DBG1("  invalid crl uri '%#B'", &uri);
                 return;
         }
         else
@@ -399,7 +399,10 @@ void add_info (private_ca_info_t *this, const private_ca_info_t *that)
  
                 while (iterator->iterate(iterator, (void**)&uri))
                 {
-                       add_crluri(this, uri->get_encoding(uri));
+                       if (uri->get_type(uri) == ID_DER_ASN1_GN_URI)
+                       {
+                               add_crluri(this, uri->get_encoding(uri));
+                       }
                 }
                 iterator->destroy(iterator);
         }
@@ -411,7 +414,10 @@ void add_info (private_ca_info_t *this, const private_ca_info_t *that)
  
                 while (iterator->iterate(iterator, (void**)&uri))
                 {
-                       add_ocspuri(this, uri->get_encoding(uri));
+                       if (uri->get_type(uri) == ID_DER_ASN1_GN_URI)
+                       {
+                               add_ocspuri(this, uri->get_encoding(uri));
+                       }
                 }
                 iterator->destroy(iterator);
         }
author	Martin Willi <martin@strongswan.org>
	Wed, 4 Jul 2007 12:00:33 +0000 (12:00 -0000)
committer	Martin Willi <martin@strongswan.org>
	Wed, 4 Jul 2007 12:00:33 +0000 (12:00 -0000)
src/charon/config/credentials/local_credential_store.c		patch \| blob \| history
src/libstrongswan/crypto/ca.c		patch \| blob \| history