From: Alberto Leiva Popper <ydahhrk@gmail.com>
Date: Thu, 5 Oct 2023 17:16:19 +0000 (-0600)
Subject: Restore certificate stack push
X-Git-Tag: 1.6.0~43
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5ea9880d57819af575401b1dbd1c678b57aee750;p=thirdparty%2FFORT-validator.git

Restore certificate stack push

I had temporarily removed this code during the tree traversal review,
and forgot to restore it.

Push current certificate into certificate stack, so child objects can
validate themselves against it.
---

diff --git a/src/object/certificate.c b/src/object/certificate.c
index 142547f8..523b1591 100644
--- a/src/object/certificate.c
+++ b/src/object/certificate.c
@@ -2033,9 +2033,17 @@ certificate_traverse(struct rpp *rpp_parent, struct rpki_uri *cert_uri)
 	if (error)
 		goto revert_uris;
 
-	error = handle_manifest(sia_uris.mft, &pp);
+	error = x509stack_push(validation_certstack(state), cert_uri,
+		    cert, policy, certype);
 	if (error)
 		goto revert_uris;
+	cert = NULL; /* Ownership stolen */
+
+	error = handle_manifest(sia_uris.mft, &pp);
+	if (error) {
+		x509stack_cancel(validation_certstack(state));
+		goto revert_uris;
+	}
 
 	/* -- Validate & traverse the RPP (@pp) described by the manifest -- */
 	rpp_traverse(pp);