Fix handshake segfault if no privkey is supplied

Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

diff --git a/lib/auth/cert.c b/lib/auth/cert.c
index 454070642c424991c46bc61259e03bfcb3fa4d08..228d98468a9721b40a75522c98b2c0e75dda59ac 100644 (file)
--- a/lib/auth/cert.c
+++ b/lib/auth/cert.c
@@ -1640,6 +1640,9 @@ _gnutls_select_server_cert(gnutls_session_t session, const gnutls_cipher_suite_e
                                          gnutls_pk_get_name(session->internals.selected_cert_list[0].pubkey->params.algo));
                }
 
+               if (session->internals.selected_key == NULL)
+                       return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
+
                ret = cert_select_sign_algorithm(session,
                                                 &session->internals.selected_cert_list[0],
                                                 session->internals.selected_key,

diff --git a/lib/privkey.c b/lib/privkey.c
index 2069fc016a556faccfcee724f329793715946a9b..2ec87dd4c74c2fa99e5695e68ced34ffb5e1dc50 100644 (file)
--- a/lib/privkey.c
+++ b/lib/privkey.c
@@ -1972,6 +1972,9 @@ unsigned _gnutls_privkey_compatible_with_sig(gnutls_privkey_t privkey,
 {
        const gnutls_sign_entry_st *se;
 
+       if (unlikely(privkey == NULL))
+               return gnutls_assert_val(0);
+
        se = _gnutls_sign_to_entry(sign);
        if (unlikely(se == NULL))
                return gnutls_assert_val(0);