gnutls-cli: do not fail if CKA_ID is too long

Increased the buffer needed to read reasonable-sized CKA_IDs
and avoid failure when the CKA_ID is too long.

Resolves #520

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

diff --git a/src/pkcs11.c b/src/pkcs11.c
index 4132f9ac37fb27de383bc55dccc8ce8a01762a35..a7962d60951958785cac4825211f20f46533bf0c 100644 (file)
--- a/src/pkcs11.c
+++ b/src/pkcs11.c
@@ -256,7 +256,7 @@ pkcs11_list(FILE * outfile, const char *url, int type, unsigned int flags,
        }
 
        for (i = 0; i < crt_list_size; i++) {
-               char buf[128];
+               char buf[256];
                size_t size;
                const char *p;
                unsigned int oflags;
@@ -327,11 +327,16 @@ pkcs11_list(FILE * outfile, const char *url, int type, unsigned int flags,
                                               GNUTLS_PKCS11_OBJ_ID_HEX,
                                               buf, &size);
                if (ret < 0) {
-                       fprintf(stderr, "Error in %s:%d: %s\n", __func__,
-                               __LINE__, gnutls_strerror(ret));
-                       app_exit(1);
+                       if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) {
+                               fprintf(outfile, "\tID: (too long)\n");
+                       } else {
+                               fprintf(stderr, "Error in %s:%d: %s\n", __func__,
+                                       __LINE__, gnutls_strerror(ret));
+                               app_exit(1);
+                       }
+               } else {
+                       fprintf(outfile, "\tID: %s\n", buf);
                }
-               fprintf(outfile, "\tID: %s\n", buf);
 
                if (otype == GNUTLS_PKCS11_OBJ_X509_CRT && print_exts > 0) {
                        ret = gnutls_pkcs11_obj_get_exts(crt_list[i], &exts, &exts_size, 0);