From: Martin Willi <martin@strongswan.org>
Date: Thu, 14 Sep 2006 13:14:58 +0000 (-0000)
Subject: handle certificate parsing error more generous
X-Git-Tag: 4.0.4~27
X-Git-Url: https://git.strongswan.org/?p=strongswan.git;a=commitdiff_plain;h=b9024ee058be017e078342efcc30e1586c007d65

handle certificate parsing error more generous
---

diff --git a/src/charon/sa/transactions/ike_auth.c b/src/charon/sa/transactions/ike_auth.c
index e440f5e..681c764 100644
--- a/src/charon/sa/transactions/ike_auth.c
+++ b/src/charon/sa/transactions/ike_auth.c
@@ -459,25 +459,32 @@ static void import_certificate(private_ike_auth_t *this, cert_payload_t *cert_pa
 		return;
 	}
 	cert = x509_create_from_chunk(cert_payload->get_data_clone(cert_payload));
-	
-	if (charon->credentials->verify(charon->credentials, cert, &found))
+	if (cert)
 	{
-		this->logger->log(this->logger, CONTROL|LEVEL1, 
-						  "received end entity certificate is trusted, added to store");
-		if (found)
+		if (charon->credentials->verify(charon->credentials, cert, &found))
 		{
-			cert->destroy(cert);
+			this->logger->log(this->logger, CONTROL|LEVEL1, 
+							"received end entity certificate is trusted, added to store");
+			if (!found)
+			{
+				charon->credentials->add_end_certificate(charon->credentials, cert);
+			}
+			else
+			{
+				cert->destroy(cert);
+			}
 		}
 		else
 		{
-			cert = charon->credentials->add_end_certificate(charon->credentials, cert);
+			this->logger->log(this->logger, CONTROL, 
+							  "received end entity certificate is not trusted, discarded");
+			cert->destroy(cert);
 		}
 	}
 	else
 	{
-		cert->destroy(cert);
 		this->logger->log(this->logger, CONTROL, 
-						  "received end entity certificate is not trusted, discarded");
+						  "parsing of received certificate failed, discarded");
 	}
 }