certtool: handle empty CNs on verification

That is, handle GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE if returned from gnutls_x509_crt_get_dn() on the end certificate.
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2016-05-10 15:20:09 +0200
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2016-05-10 15:20:16 +0200
commit: 99f4643f64ae51cb44f9f8010811e940da5ac463 (patch)
tree: 1c13a41e3c70d08569eeb3e90a2bcf9a7cf7378c /src
parent: 3ac0bc90372f7a6251b8e749f3fceb78375a589a (diff)
download: gnutls-99f4643f64ae51cb44f9f8010811e940da5ac463.tar.gz
1 files changed, 8 insertions, 3 deletions
diff --git a/src/certtool.c b/src/certtool.c
index 8682de43c9..e6ee59ecac 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -2163,9 +2163,14 @@ static int detailed_verification(gnutls_x509_crt_t cert,
 	name_size = sizeof(name);
 	ret = gnutls_x509_crt_get_dn(cert, name, &name_size);
 	if (ret < 0) {
-		fprintf(stderr, "gnutls_x509_crt_get_dn: %s\n",
-			gnutls_strerror(ret));
-		exit(1);
+		if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+			name[0] = 0;
+			name_size = 0;
+		} else {
+			fprintf(stderr, "gnutls_x509_crt_get_dn: %s\n",
+				gnutls_strerror(ret));
+			exit(1);
+		}
 	}
 
 	fprintf(outfile, "\tSubject: %s\n", name);
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2016-05-10 15:20:09 +0200
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2016-05-10 15:20:16 +0200
commit	99f4643f64ae51cb44f9f8010811e940da5ac463 (patch)
tree	1c13a41e3c70d08569eeb3e90a2bcf9a7cf7378c /src
parent	3ac0bc90372f7a6251b8e749f3fceb78375a589a (diff)
download	gnutls-99f4643f64ae51cb44f9f8010811e940da5ac463.tar.gz