artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2157a8e) | patch
In proc_parser_roa() adjust the expiry calculation to walk all of
authorclaudio <claudio@openbsd.org>
Wed, 3 Nov 2021 10:19:22 +0000 (10:19 +0000)
committerclaudio <claudio@openbsd.org>
Wed, 3 Nov 2021 10:19:22 +0000 (10:19 +0000)
commiteb39c32b2c1655e91568c24a5250d9b0ce4a4936
treee829bd6e91de6dc26f172e7d33c66edf8b5cbcdatree | snapshot
parent2157a8e57aa54c01ec8a80aa47eeed3370599aaecommit | diff
In proc_parser_roa() adjust the expiry calculation to walk all of
the auth tree (including the TA) and be more careful to not dereference
NULL pointers. Both valid_ski_aki() and get_crl() can return NULL
pointers. In these situations X509_verify_cert() should fail and
the affected code should be not reachable but better be prepared.
With and OK tb@
usr.sbin/rpki-client/parser.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim