wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Find the CRL entry again after lock

Browse Source
This commit is contained in:
Sean Parkinson
2017-04-11 14:30:35 +10:00
committed by Sean Parkinson
parent ff4fcf21d6
commit 1e2a6412d7
1 changed files with 21 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
src/crl.c
View File

@@ -255,17 +255,28 @@ static int CheckCertCRLList(WOLFSSL_CRL* crl, DecodedCert* cert, int *pFoundEntr
return BAD_MUTEX_E; return BAD_MUTEX_E;
} }
if (ret == 0) crle = crl->crlList;
crle->verified = 1; while (crle) {
else { if (XMEMCMP(crle->issuerHash, cert->issuerHash,
crle->verified = ret; CRL_DIGEST_SIZE) == 0) {
break;
}
XFREE(crle->toBeSigned, crl->heap, DYNAMIC_TYPE_CRL_ENTRY); if (ret == 0)
crle->toBeSigned = NULL; crle->verified = 1;
XFREE(crle->signature, crl->heap, DYNAMIC_TYPE_CRL_ENTRY); else
crle->signature = NULL; crle->verified = ret;
XFREE(crle->toBeSigned, crl->heap,
DYNAMIC_TYPE_CRL_ENTRY);
crle->toBeSigned = NULL;
XFREE(crle->signature, crl->heap,
DYNAMIC_TYPE_CRL_ENTRY);
crle->signature = NULL;
break;
}
crle = crle->next;
}
if (crle == NULL || crle->verified < 0)
break;
} }
else if (crle->verified < 0) { else if (crle->verified < 0) {
WOLFSSL_MSG("Cannot use CRL as it didn't verify"); WOLFSSL_MSG("Cannot use CRL as it didn't verify");