Accept zero-length certificate request payloads

author Martin Willi <martin@revosec.ch>

Tue, 3 Apr 2012 06:35:25 +0000 (08:35 +0200)

committer Martin Willi <martin@revosec.ch>

Wed, 11 Apr 2012 15:22:23 +0000 (17:22 +0200)
author Martin Willi <martin@revosec.ch>
Tue, 3 Apr 2012 06:35:25 +0000 (08:35 +0200)
committer Martin Willi <martin@revosec.ch>
Wed, 11 Apr 2012 15:22:23 +0000 (17:22 +0200)
diff --git a/src/libcharon/encoding/payloads/certreq_payload.c b/src/libcharon/encoding/payloads/certreq_payload.c

index 8e0836f0edba5224bb85243073fde635a47016bb..02015f273124d417504ad73b35544e9be948a749 100644 (file)
--- a/src/libcharon/encoding/payloads/certreq_payload.c
+++ b/src/libcharon/encoding/payloads/certreq_payload.c
@@ -111,8 +111,7 @@ METHOD(payload_t, verify, status_t,
  {
         if (this->encoding == ENC_X509_SIGNATURE)
         {
-               if (this->data.len < HASH_SIZE_SHA1 ||
-                       this->data.len % HASH_SIZE_SHA1)
+               if (this->data.len % HASH_SIZE_SHA1)
                 {
                         DBG1(DBG_ENC, "invalid X509 hash length (%d) in certreq",
                                  this->data.len);
author	Martin Willi <martin@revosec.ch>
	Tue, 3 Apr 2012 06:35:25 +0000 (08:35 +0200)
committer	Martin Willi <martin@revosec.ch>
	Wed, 11 Apr 2012 15:22:23 +0000 (17:22 +0200)