summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@redhat.com>2016-06-28 09:28:37 +0200
committerNikos Mavrogiannopoulos <nmav@redhat.com>2016-06-28 09:28:37 +0200
commit5b3dbb3422aeaec19f284624fcea97bc8e0a0d11 (patch)
tree97d1db6fc12d9e524ebd37272a4ff2c29c3c9e46
parent84cb762c572fa609415767acd640389cd95b8652 (diff)
downloadgnutls-5b3dbb3422aeaec19f284624fcea97bc8e0a0d11.tar.gz
find_cert_cb: minor cleanups in find_cert_cb
Diffstat
-rw-r--r--lib/pkcs11.c56
1 files changed, 28 insertions, 28 deletions
diff --git a/lib/pkcs11.c b/lib/pkcs11.c
index d1f13bb250..50d0621ce9 100644
--- a/lib/pkcs11.c
+++ b/lib/pkcs11.c
@@ -3574,30 +3574,37 @@ find_cert_cb(struct ck_function_list *module, struct pkcs11_session_info *sinfo,
break;
}
- a[0].type = CKA_LABEL;
- a[0].value = label_tmp;
- a[0].value_len = sizeof(label_tmp);
-
- a[1].type = CKA_ID;
- a[1].value = id_tmp;
- a[1].value_len = sizeof(id_tmp);
-
/* data will contain the certificate */
rv = pkcs11_get_attribute_avalue(sinfo->module, sinfo->pks, obj, CKA_VALUE, &data);
- if (rv == CKR_OK && pkcs11_get_attribute_value
- (sinfo->module, sinfo->pks, obj, a,
- 2) == CKR_OK) {
- label.data = a[0].value;
- label.size = a[0].value_len;
- id.data = a[1].value;
- id.size = a[1].value_len;
+ if (rv == CKR_OK) {
+ ret = check_found_cert(priv, &data, now);
+ if (ret < 0) {
+ _gnutls_free_datum(&data);
+ continue;
+ }
- found = 1;
- break;
- } else {
- _gnutls_debug_log
- ("p11: Skipped cert, missing attrs.\n");
+ a[0].type = CKA_LABEL;
+ a[0].value = label_tmp;
+ a[0].value_len = sizeof(label_tmp);
+
+ a[1].type = CKA_ID;
+ a[1].value = id_tmp;
+ a[1].value_len = sizeof(id_tmp);
+
+ if (pkcs11_get_attribute_value(sinfo->module, sinfo->pks, obj, a, 2) == CKR_OK) {
+ label.data = a[0].value;
+ label.size = a[0].value_len;
+ id.data = a[1].value;
+ id.size = a[1].value_len;
+
+ found = 1;
+ break;
+ } else {
+ _gnutls_free_datum(&data);
+ _gnutls_debug_log
+ ("p11: Skipped cert, missing attrs.\n");
+ }
}
}
@@ -3605,14 +3612,7 @@ find_cert_cb(struct ck_function_list *module, struct pkcs11_session_info *sinfo,
finalized = 1;
if (found != 0) {
- ret = check_found_cert(priv, &data, now);
- if (ret < 0) {
- _gnutls_free_datum(&data);
- found = 0;
- continue;
- }
-
- if (priv->flags & GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT) {
+ if (priv->flags & GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT && data.size > 0) {
gnutls_datum_t spki;
rv = pkcs11_get_attribute_avalue(sinfo->module, sinfo->pks, obj, CKA_PUBLIC_KEY_INFO, &spki);
if (rv == CKR_OK) {
View Lorry Controller Status