OpenSSL: Make openssl_debug_dump_certificate() more robust
SSL_CTX_get0_certificate() returns NULL if no certificate is installed. While this should not be the case here due to the loop in openssl_debug_dump_certificate_chains() proceeding only if the SSL_CTX_set_current_cert() returns success, it is safer to make openssl_debug_dump_certificate() explicitly check against NULL before trying to dump details about the certificate. Signed-off-by: Pooventhiran G <pooventh@codeaurora.org>
This commit is contained in:
parent
d68c0dd4d4
commit
e364a34c69
1 changed files with 3 additions and 0 deletions
|
@ -5323,6 +5323,9 @@ static void openssl_debug_dump_certificate(int i, X509 *cert)
|
||||||
ASN1_INTEGER *ser;
|
ASN1_INTEGER *ser;
|
||||||
char serial_num[128];
|
char serial_num[128];
|
||||||
|
|
||||||
|
if (!cert)
|
||||||
|
return;
|
||||||
|
|
||||||
X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf));
|
X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf));
|
||||||
|
|
||||||
ser = X509_get_serialNumber(cert);
|
ser = X509_get_serialNumber(cert);
|
||||||
|
|
Loading…
Reference in a new issue