diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2015-08-12 23:03:20 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2015-08-12 23:06:43 +0200 |
commit | 27ed11bb58fe643f81f3a12317e2cb876281a574 (patch) | |
tree | 8fe3e420b734e1e528ffce16d8ae51ee5dbd8b5e | |
parent | c235c7600a479b7feac84cea381d3d81c843f1b0 (diff) | |
download | gnutls-27ed11bb58fe643f81f3a12317e2cb876281a574.tar.gz |
certtool: removed limit on maximum imported certificates in the -i option
-rw-r--r-- | src/certtool.c | 25 |
1 files changed, 8 insertions, 17 deletions
diff --git a/src/certtool.c b/src/certtool.c index 4467514393..392f5bad37 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -1278,10 +1278,9 @@ static void cmd_parser(int argc, char **argv) gnutls_global_deinit(); } -#define MAX_CRTS 500 void certificate_info(int pubkey, common_info_st * cinfo) { - gnutls_x509_crt_t crt[MAX_CRTS]; + gnutls_x509_crt_t *crts = NULL; size_t size; int ret, i, count; gnutls_datum_t pem; @@ -1290,17 +1289,8 @@ void certificate_info(int pubkey, common_info_st * cinfo) pem.data = (void *) fread_file(infile, &size); pem.size = size; - crt_num = MAX_CRTS; ret = - gnutls_x509_crt_list_import(crt, &crt_num, &pem, incert_format, - GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED); - if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) { - fprintf(stderr, "too many certificates (%d); " - "will only read the first %d", crt_num, MAX_CRTS); - crt_num = MAX_CRTS; - ret = gnutls_x509_crt_list_import(crt, &crt_num, &pem, - incert_format, 0); - } + gnutls_x509_crt_list_import2(&crts, &crt_num, &pem, incert_format, 0); if (ret < 0) { fprintf(stderr, "import error: %s\n", gnutls_strerror(ret)); exit(1); @@ -1308,7 +1298,7 @@ void certificate_info(int pubkey, common_info_st * cinfo) free(pem.data); - count = ret; + count = crt_num; if (count > 1 && outcert_format == GNUTLS_X509_FMT_DER) { fprintf(stderr, @@ -1322,14 +1312,14 @@ void certificate_info(int pubkey, common_info_st * cinfo) fprintf(outfile, "\n"); if (outcert_format == GNUTLS_X509_FMT_PEM) - print_certificate_info(crt[i], outfile, 1); + print_certificate_info(crts[i], outfile, 1); if (pubkey) - pubkey_info(crt[i], cinfo); + pubkey_info(crts[i], cinfo); else { size = lbuffer_size; ret = - gnutls_x509_crt_export(crt[i], outcert_format, + gnutls_x509_crt_export(crts[i], outcert_format, lbuffer, &size); if (ret < 0) { fprintf(stderr, "export error: %s\n", @@ -1340,8 +1330,9 @@ void certificate_info(int pubkey, common_info_st * cinfo) fwrite(lbuffer, 1, size, outfile); } - gnutls_x509_crt_deinit(crt[i]); + gnutls_x509_crt_deinit(crts[i]); } + gnutls_free(crts); } #ifdef ENABLE_OPENPGP |