]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
corrected remove_pkcs11_url()
authorNikos Mavrogiannopoulos <nmav@gnutls.org>
Mon, 6 Oct 2014 21:22:45 +0000 (23:22 +0200)
committerNikos Mavrogiannopoulos <nmav@gnutls.org>
Mon, 6 Oct 2014 21:22:45 +0000 (23:22 +0200)
lib/x509/verify-high2.c

index 776a854fb1af78dda87cc953a8cf988223d0bb26..c08c3f1fde6eba25ee7bcd1d4b8292ddbc1eac15 100644 (file)
@@ -169,53 +169,11 @@ gnutls_x509_trust_list_remove_trust_mem(gnutls_x509_trust_list_t list,
 static
 int remove_pkcs11_url(gnutls_x509_trust_list_t list, const char *ca_file)
 {
-       gnutls_x509_crt_t *xcrt_list = NULL;
-       gnutls_pkcs11_obj_t *pcrt_list = NULL;
-       unsigned int pcrt_list_size = 0, i;
-       int ret;
-
-       ret =
-           gnutls_pkcs11_obj_list_import_url2(&pcrt_list, &pcrt_list_size,
-                                              ca_file,
-                                              GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA,
-                                              0);
-       if (ret < 0)
-               return gnutls_assert_val(ret);
-
-       if (pcrt_list_size == 0) {
-               ret = 0;
-               goto cleanup;
+       if (strcmp(ca_file, list->pkcs11_token) == 0) {
+               gnutls_free(list->pkcs11_token);
+               list->pkcs11_token = NULL;
        }
-
-       xcrt_list =
-           gnutls_malloc(sizeof(gnutls_x509_crt_t) * pcrt_list_size);
-       if (xcrt_list == NULL) {
-               ret = GNUTLS_E_MEMORY_ERROR;
-               goto cleanup;
-       }
-
-       ret =
-           gnutls_x509_crt_list_import_pkcs11(xcrt_list, pcrt_list_size,
-                                              pcrt_list, 0);
-       if (ret < 0) {
-               gnutls_assert();
-               goto cleanup;
-       }
-
-       ret =
-           gnutls_x509_trust_list_remove_cas(list, xcrt_list,
-                                             pcrt_list_size);
-
-      cleanup:
-       for (i = 0; i < pcrt_list_size; i++) {
-               gnutls_pkcs11_obj_deinit(pcrt_list[i]);
-               if (xcrt_list)
-                       gnutls_x509_crt_deinit(xcrt_list[i]);
-       }
-       gnutls_free(pcrt_list);
-       gnutls_free(xcrt_list);
-
-       return ret;
+       return 0;
 }
 #endif