From: Nikos Mavrogiannopoulos Date: Mon, 14 Apr 2014 11:44:21 +0000 (+0200) Subject: Allow a null ca file; i.e., allow setting only CRLs in gnutls_x509_trust_list_add_tru... X-Git-Tag: gnutls_3_3_1~50 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=10f15e7cc8b2e229e0911d0e8faeaff7bbcbd110;p=thirdparty%2Fgnutls.git Allow a null ca file; i.e., allow setting only CRLs in gnutls_x509_trust_list_add_trust_file(). --- diff --git a/lib/x509/verify-high2.c b/lib/x509/verify-high2.c index 0065ac7e03..202ed839ca 100644 --- a/lib/x509/verify-high2.c +++ b/lib/x509/verify-high2.c @@ -241,20 +241,22 @@ gnutls_x509_trust_list_add_trust_file(gnutls_x509_trust_list_t list, size_t size; int ret; + if (ca_file != NULL) { #ifdef ENABLE_PKCS11 - if (strncmp(ca_file, "pkcs11:", 7) == 0) { - list->pkcs11_token = gnutls_strdup(ca_file); + if (strncmp(ca_file, "pkcs11:", 7) == 0) { + list->pkcs11_token = gnutls_strdup(ca_file); - return 0; - } else + return 0; + } else #endif - { - cas.data = (void *) read_binary_file(ca_file, &size); - if (cas.data == NULL) { - gnutls_assert(); - return GNUTLS_E_FILE_ERROR; + { + cas.data = (void *) read_binary_file(ca_file, &size); + if (cas.data == NULL) { + gnutls_assert(); + return GNUTLS_E_FILE_ERROR; + } + cas.size = size; } - cas.size = size; } if (crl_file) {