From f8e924bcc3f291684189b2e0dd1808925abcfb99 Mon Sep 17 00:00:00 2001 From: tb Date: Mon, 17 Jun 2024 18:52:50 +0000 Subject: [PATCH] Put back NULL checks in crl_get() and build_chain() Turns out filemode still relies on these. Rather than adding to the spaghetti in filemode.c, begrudgingly put back the NULL checks with an additional XXX. ok claudio job --- usr.sbin/rpki-client/crl.c | 6 +++++- usr.sbin/rpki-client/validate.c | 6 +++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/usr.sbin/rpki-client/crl.c b/usr.sbin/rpki-client/crl.c index 0cf97caff99..fddd27aee5a 100644 --- a/usr.sbin/rpki-client/crl.c +++ b/usr.sbin/rpki-client/crl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crl.c,v 1.41 2024/06/12 10:03:09 tb Exp $ */ +/* $OpenBSD: crl.c,v 1.42 2024/06/17 18:52:50 tb Exp $ */ /* * Copyright (c) 2024 Theo Buehler * Copyright (c) 2019 Kristaps Dzonsons @@ -296,6 +296,10 @@ crl_get(struct crl_tree *crlt, const struct auth *a) { struct crl find; + /* XXX - this should be removed, but filemode relies on it. */ + if (a == NULL) + return NULL; + find.aki = a->cert->ski; find.mftpath = a->cert->mft; diff --git a/usr.sbin/rpki-client/validate.c b/usr.sbin/rpki-client/validate.c index f4c6e7c260f..bcbf9cbc5fb 100644 --- a/usr.sbin/rpki-client/validate.c +++ b/usr.sbin/rpki-client/validate.c @@ -1,4 +1,4 @@ -/* $OpenBSD: validate.c,v 1.75 2024/06/12 10:03:09 tb Exp $ */ +/* $OpenBSD: validate.c,v 1.76 2024/06/17 18:52:50 tb Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons * @@ -304,6 +304,10 @@ build_chain(const struct auth *a, STACK_OF(X509) **intermediates, *intermediates = NULL; *root = NULL; + /* XXX - this should be removed, but filemode relies on it. */ + if (a == NULL) + return; + if ((*intermediates = sk_X509_new_null()) == NULL) err(1, "sk_X509_new_null"); if ((*root = sk_X509_new_null()) == NULL) -- 2.20.1