lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

- Changed the behaviour of x509parse_parse_crt for permissive parsing. Now returns the number of 'failed certificates' instead of having a switch to enable it.

Browse Source 
- As a consequence all error code that were positive were changed. A lot of MALLOC_FAILED and FILE_IO_ERROR error codes added for different modules.
 - Programs and tests were adapted accordingly
This commit is contained in:
Paul Bakker
2011-12-10 21:55:01 +00:00
parent 18d32911c0
commit 69e095cc15
38 changed files with 254 additions and 162 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
library/asn1parse.c
View File

@ -242,7 +242,7 @@ int asn1_get_sequence_of( unsigned char **p,
sizeof( asn1_sequence ) );
if( cur->next == NULL )
return( 1 );
return( POLARSSL_ERR_ASN1_MALLOC_FAILED );
cur = cur->next;
}

4
library/bignum.c
View File

@ -89,12 +89,12 @@ int mpi_grow( mpi *X, size_t nblimbs )
t_uint *p;
if( nblimbs > POLARSSL_MPI_MAX_LIMBS )
return( 1 );
return( POLARSSL_ERR_MPI_MALLOC_FAILED );
if( X->n < nblimbs )
{
if( ( p = (t_uint *) malloc( nblimbs * ciL ) ) == NULL )
return( 1 );
return( POLARSSL_ERR_MPI_MALLOC_FAILED );
memset( p, 0, nblimbs * ciL );

10
library/ctr_drbg.c
View File

@ -244,7 +244,7 @@ int ctr_drbg_reseed( ctr_drbg_context *ctx,
memset( seed, 0, CTR_DRBG_MAX_SEED_INPUT );
/*
* Gather POLARSSL_CTR_DRBG_ENTROPYLEN bytes of entropy to seed state
* Gather enropy_len bytes of entropy to seed state
*/
if( 0 != ctx->f_entropy( ctx->p_entropy, seed,
ctx->entropy_len ) )
@ -357,7 +357,7 @@ int ctr_drbg_write_seed_file( ctr_drbg_context *ctx, const char *path )
unsigned char buf[ CTR_DRBG_MAX_INPUT ];
if( ( f = fopen( path, "wb" ) ) == NULL )
return( 1 );
return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR );
if( ( ret = ctr_drbg_random( ctx, buf, CTR_DRBG_MAX_INPUT ) ) != 0 )
return( ret );
@ -365,7 +365,7 @@ int ctr_drbg_write_seed_file( ctr_drbg_context *ctx, const char *path )
if( fwrite( buf, 1, CTR_DRBG_MAX_INPUT, f ) != CTR_DRBG_MAX_INPUT )
{
fclose( f );
return( 1 );
return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR );
}
fclose( f );
@ -379,7 +379,7 @@ int ctr_drbg_update_seed_file( ctr_drbg_context *ctx, const char *path )
unsigned char buf[ CTR_DRBG_MAX_INPUT ];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( 1 );
return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR );
fseek( f, 0, SEEK_END );
n = (size_t) ftell( f );
@ -391,7 +391,7 @@ int ctr_drbg_update_seed_file( ctr_drbg_context *ctx, const char *path )
if( fread( buf, 1, n, f ) != n )
{
fclose( f );
return( 1 );
return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR );
}
ctr_drbg_update( ctx, buf, n );

72
library/error.c
View File

@ -67,6 +67,18 @@
#include "polarssl/md.h"
#endif
#if defined(POLARSSL_MD2_C)
#include "polarssl/md2.h"
#endif
#if defined(POLARSSL_MD4_C)
#include "polarssl/md4.h"
#endif
#if defined(POLARSSL_MD5_C)
#include "polarssl/md5.h"
#endif
#if defined(POLARSSL_NET_C)
#include "polarssl/net.h"
#endif
@ -83,6 +95,18 @@
#include "polarssl/rsa.h"
#endif
#if defined(POLARSSL_SHA1_C)
#include "polarssl/sha1.h"
#endif
#if defined(POLARSSL_SHA2_C)
#include "polarssl/sha2.h"
#endif
#if defined(POLARSSL_SHA4_C)
#include "polarssl/sha4.h"
#endif
#if defined(POLARSSL_SSL_TLS_C)
#include "polarssl/ssl.h"
#endif
@ -258,6 +282,8 @@ void error_strerror( int ret, char *buf, size_t buflen )
snprintf( buf, buflen, "SSL - Processing of the ChangeCipherSpec handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_FINISHED) )
snprintf( buf, buflen, "SSL - Processing of the Finished handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_MALLOC_FAILED) )
snprintf( buf, buflen, "SSL - Memory allocation failed" );
#endif /* POLARSSL_SSL_TLS_C */
#if defined(POLARSSL_X509_PARSE_C)
@ -299,8 +325,12 @@ void error_strerror( int ret, char *buf, size_t buflen )
snprintf( buf, buflen, "X509 - Invalid RSA key tag or value" );
if( use_ret == -(POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT) )
snprintf( buf, buflen, "X509 - Format not recognized as DER or PEM" );
if( use_ret == -(POLARSSL_ERR_X509_VALUE_TO_LENGTH) )
snprintf( buf, buflen, "X509 - Not used" );
if( use_ret == -(POLARSSL_ERR_X509_INVALID_INPUT) )
snprintf( buf, buflen, "X509 - Input invalid" );
if( use_ret == -(POLARSSL_ERR_X509_MALLOC_FAILED) )
snprintf( buf, buflen, "X509 - Allocation of memory failed" );
if( use_ret == -(POLARSSL_ERR_X509_FILE_IO_ERROR) )
snprintf( buf, buflen, "X509 - Read/write of file failed" );
#endif /* POLARSSL_X509_PARSE_C */
if( strlen( buf ) == 0 )
@ -348,6 +378,8 @@ void error_strerror( int ret, char *buf, size_t buflen )
snprintf( buf, buflen, "ASN1 - Actual length differs from expected length" );
if( use_ret == -(POLARSSL_ERR_ASN1_INVALID_DATA) )
snprintf( buf, buflen, "ASN1 - Data is invalid. (not used)" );
if( use_ret == -(POLARSSL_ERR_ASN1_MALLOC_FAILED) )
snprintf( buf, buflen, "ASN1 - Memory allocation failed" );
#endif /* POLARSSL_ASN1_PARSE_C */
#if defined(POLARSSL_BASE64_C)
@ -365,13 +397,15 @@ void error_strerror( int ret, char *buf, size_t buflen )
if( use_ret == -(POLARSSL_ERR_MPI_INVALID_CHARACTER) )
snprintf( buf, buflen, "BIGNUM - There is an invalid character in the digit string" );
if( use_ret == -(POLARSSL_ERR_MPI_BUFFER_TOO_SMALL) )
snprintf( buf, buflen, "BIGNUM - The output buffer is too small to write too" );
snprintf( buf, buflen, "BIGNUM - The buffer is too small to write to" );
if( use_ret == -(POLARSSL_ERR_MPI_NEGATIVE_VALUE) )
snprintf( buf, buflen, "BIGNUM - The input arguments are negative or result in illegal output" );
if( use_ret == -(POLARSSL_ERR_MPI_DIVISION_BY_ZERO) )
snprintf( buf, buflen, "BIGNUM - The input argument for division is zero, which is not allowed" );
if( use_ret == -(POLARSSL_ERR_MPI_NOT_ACCEPTABLE) )
snprintf( buf, buflen, "BIGNUM - The input arguments are not acceptable" );
if( use_ret == -(POLARSSL_ERR_MPI_MALLOC_FAILED) )
snprintf( buf, buflen, "BIGNUM - Memory allocation failed" );
#endif /* POLARSSL_BIGNUM_C */
#if defined(POLARSSL_CAMELLIA_C)
@ -388,6 +422,8 @@ void error_strerror( int ret, char *buf, size_t buflen )
snprintf( buf, buflen, "CTR_DRBG - Too many random requested in single call" );
if( use_ret == -(POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG) )
snprintf( buf, buflen, "CTR_DRBG - Input too large (Entropy + additional)" );
if( use_ret == -(POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR) )
snprintf( buf, buflen, "CTR_DRBG - Read/write error in file" );
#endif /* POLARSSL_CTR_DRBG_C */
#if defined(POLARSSL_DES_C)
@ -402,6 +438,21 @@ void error_strerror( int ret, char *buf, size_t buflen )
snprintf( buf, buflen, "ENTROPY - No more sources can be added" );
#endif /* POLARSSL_ENTROPY_C */
#if defined(POLARSSL_MD2_C)
if( use_ret == -(POLARSSL_ERR_MD2_FILE_IO_ERROR) )
snprintf( buf, buflen, "MD2 - Read/write error in file" );
#endif /* POLARSSL_MD2_C */
#if defined(POLARSSL_MD4_C)
if( use_ret == -(POLARSSL_ERR_MD4_FILE_IO_ERROR) )
snprintf( buf, buflen, "MD4 - Read/write error in file" );
#endif /* POLARSSL_MD4_C */
#if defined(POLARSSL_MD5_C)
if( use_ret == -(POLARSSL_ERR_MD5_FILE_IO_ERROR) )
snprintf( buf, buflen, "MD5 - Read/write error in file" );
#endif /* POLARSSL_MD5_C */
#if defined(POLARSSL_NET_C)
if( use_ret == -(POLARSSL_ERR_NET_UNKNOWN_HOST) )
snprintf( buf, buflen, "NET - Failed to get an IP address for the given hostname" );
@ -432,6 +483,21 @@ void error_strerror( int ret, char *buf, size_t buflen )
snprintf( buf, buflen, "PADLOCK - Input data should be aligned" );
#endif /* POLARSSL_PADLOCK_C */
#if defined(POLARSSL_SHA1_C)
if( use_ret == -(POLARSSL_ERR_SHA1_FILE_IO_ERROR) )
snprintf( buf, buflen, "SHA1 - Read/write error in file" );
#endif /* POLARSSL_SHA1_C */
#if defined(POLARSSL_SHA2_C)
if( use_ret == -(POLARSSL_ERR_SHA2_FILE_IO_ERROR) )
snprintf( buf, buflen, "SHA2 - Read/write error in file" );
#endif /* POLARSSL_SHA2_C */
#if defined(POLARSSL_SHA4_C)
if( use_ret == -(POLARSSL_ERR_SHA4_FILE_IO_ERROR) )
snprintf( buf, buflen, "SHA4 - Read/write error in file" );
#endif /* POLARSSL_SHA4_C */
#if defined(POLARSSL_XTEA_C)
if( use_ret == -(POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH) )
snprintf( buf, buflen, "XTEA - The data input has an invalid length" );

4
library/md2.c
View File

@ -189,7 +189,7 @@ int md2_file( const char *path, unsigned char output[16] )
unsigned char buf[1024];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( 1 );
return( POLARSSL_ERR_MD2_FILE_IO_ERROR );
md2_starts( &ctx );
@ -203,7 +203,7 @@ int md2_file( const char *path, unsigned char output[16] )
if( ferror( f ) != 0 )
{
fclose( f );
return( 2 );
return( POLARSSL_ERR_MD2_FILE_IO_ERROR );
}
fclose( f );

4
library/md4.c
View File

@ -285,7 +285,7 @@ int md4_file( const char *path, unsigned char output[16] )
unsigned char buf[1024];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( 1 );
return( POLARSSL_ERR_MD4_FILE_IO_ERROR );
md4_starts( &ctx );
@ -299,7 +299,7 @@ int md4_file( const char *path, unsigned char output[16] )
if( ferror( f ) != 0 )
{
fclose( f );
return( 2 );
return( POLARSSL_ERR_MD4_FILE_IO_ERROR );
}
fclose( f );

4
library/md5.c
View File

@ -304,7 +304,7 @@ int md5_file( const char *path, unsigned char output[16] )
unsigned char buf[1024];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( 1 );
return( POLARSSL_ERR_MD5_FILE_IO_ERROR );
md5_starts( &ctx );
@ -318,7 +318,7 @@ int md5_file( const char *path, unsigned char output[16] )
if( ferror( f ) != 0 )
{
fclose( f );
return( 2 );
return( POLARSSL_ERR_MD5_FILE_IO_ERROR );
}
fclose( f );

4
library/sha1.c
View File

@ -339,7 +339,7 @@ int sha1_file( const char *path, unsigned char output[20] )
unsigned char buf[1024];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( 1 );
return( POLARSSL_ERR_SHA1_FILE_IO_ERROR );
sha1_starts( &ctx );
@ -353,7 +353,7 @@ int sha1_file( const char *path, unsigned char output[20] )
if( ferror( f ) != 0 )
{
fclose( f );
return( 2 );
return( POLARSSL_ERR_SHA1_FILE_IO_ERROR );
}
fclose( f );

4
library/sha2.c
View File

@ -341,7 +341,7 @@ int sha2_file( const char *path, unsigned char output[32], int is224 )
unsigned char buf[1024];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( 1 );
return( POLARSSL_ERR_SHA2_FILE_IO_ERROR );
sha2_starts( &ctx, is224 );
@ -355,7 +355,7 @@ int sha2_file( const char *path, unsigned char output[32], int is224 )
if( ferror( f ) != 0 )
{
fclose( f );
return( 2 );
return( POLARSSL_ERR_SHA2_FILE_IO_ERROR );
}
fclose( f );

4
library/sha4.c
View File

@ -339,7 +339,7 @@ int sha4_file( const char *path, unsigned char output[64], int is384 )
unsigned char buf[1024];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( 1 );
return( POLARSSL_ERR_SHA4_FILE_IO_ERROR );
sha4_starts( &ctx, is384 );
@ -353,7 +353,7 @@ int sha4_file( const char *path, unsigned char output[64], int is384 )
if( ferror( f ) != 0 )
{
fclose( f );
return( 2 );
return( POLARSSL_ERR_SHA4_FILE_IO_ERROR );
}
fclose( f );

9
library/ssl_tls.c
View File

@ -1376,7 +1376,7 @@ int ssl_parse_certificate( ssl_context *ssl )
{
SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed",
sizeof( x509_cert ) ) );
return( 1 );
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
}
memset( ssl->peer_cert, 0, sizeof( x509_cert ) );
@ -1401,8 +1401,7 @@ int ssl_parse_certificate( ssl_context *ssl )
return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE );
}
ret = x509parse_crt( ssl->peer_cert, ssl->in_msg + i, n,
X509_NON_PERMISSIVE );
ret = x509parse_crt( ssl->peer_cert, ssl->in_msg + i, n );
if( ret != 0 )
{
SSL_DEBUG_RET( 1, " x509parse_crt", ret );
@ -1707,7 +1706,7 @@ int ssl_init( ssl_context *ssl )
if( ssl->in_ctr == NULL )
{
SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed", len ) );
return( 1 );
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
}
ssl->out_ctr = (unsigned char *) malloc( len );
@ -1718,7 +1717,7 @@ int ssl_init( ssl_context *ssl )
{
SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed", len ) );
free( ssl-> in_ctr );
return( 1 );
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
}
memset( ssl-> in_ctr, 0, SSL_BUFFER_LEN );

71
library/x509parse.c
View File

@ -284,7 +284,7 @@ static int x509_get_name( unsigned char **p,
sizeof( x509_name ) );
if( use->next == NULL )
return( 1 );
return( POLARSSL_ERR_X509_MALLOC_FAILED );
memset( use->next, 0, sizeof( x509_name ) );
@ -303,7 +303,7 @@ static int x509_get_name( unsigned char **p,
sizeof( x509_name ) );
if( cur->next == NULL )
return( 1 );
return( POLARSSL_ERR_X509_MALLOC_FAILED );
return( x509_get_name( p, end2, cur->next ) );
}
@ -1018,12 +1018,12 @@ int x509parse_crt_der( x509_cert *crt, const unsigned char *buf, size_t buflen )
* Check for valid input
*/
if( crt == NULL || buf == NULL )
return( 1 );
return( POLARSSL_ERR_X509_INVALID_INPUT );
p = (unsigned char *) malloc( len = buflen );
if( p == NULL )
return( 1 );
return( POLARSSL_ERR_X509_MALLOC_FAILED );
memcpy( p, buf, buflen );
@ -1259,10 +1259,9 @@ int x509parse_crt_der( x509_cert *crt, const unsigned char *buf, size_t buflen )
/*
* Parse one or more PEM certificates from a buffer and add them to the chained list
*/
int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen,
int permissive )
int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
{
int ret, success = 0, first_error = 0;
int ret, success = 0, first_error = 0, total_failed = 0;
x509_cert *crt, *prev = NULL;
int buf_format = X509_FORMAT_DER;
@ -1272,7 +1271,7 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen,
* Check for valid input
*/
if( crt == NULL || buf == NULL )
return( 1 );
return( POLARSSL_ERR_X509_INVALID_INPUT );
while( crt->version != 0 && crt->next != NULL )
{
@ -1288,7 +1287,7 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen,
crt->next = (x509_cert *) malloc( sizeof( x509_cert ) );
if( crt->next == NULL )
return( 1 );
return( POLARSSL_ERR_X509_MALLOC_FAILED );
prev = crt;
crt = crt->next;
@ -1349,9 +1348,9 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen,
if( ret != 0 )
{
/*
* quit parsing on a memory error or if in non-permissive parsing mode
* quit parsing on a memory error
*/
if( ret == 1 || permissive != 1 )
if( ret == POLARSSL_ERR_X509_MALLOC_FAILED )
{
if( prev )
prev->next = NULL;
@ -1364,6 +1363,8 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen,
if( first_error == 0 )
first_error = ret;
total_failed++;
memset( crt, 0, sizeof( x509_cert ) );
continue;
@ -1377,7 +1378,7 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen,
crt->next = (x509_cert *) malloc( sizeof( x509_cert ) );
if( crt->next == NULL )
return( 1 );
return( POLARSSL_ERR_X509_MALLOC_FAILED );
prev = crt;
crt = crt->next;
@ -1396,7 +1397,7 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen,
}
if( success )
return( 0 );
return( total_failed );
else if( first_error )
return( first_error );
else
@ -1423,7 +1424,7 @@ int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
* Check for valid input
*/
if( crl == NULL || buf == NULL )
return( 1 );
return( POLARSSL_ERR_X509_INVALID_INPUT );
while( crl->version != 0 && crl->next != NULL )
crl = crl->next;
@ -1438,7 +1439,7 @@ int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
if( crl->next == NULL )
{
x509_crl_free( crl );
return( 1 );
return( POLARSSL_ERR_X509_MALLOC_FAILED );
}
crl = crl->next;
@ -1481,7 +1482,7 @@ int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
p = (unsigned char *) malloc( len = buflen );
if( p == NULL )
return( 1 );
return( POLARSSL_ERR_X509_MALLOC_FAILED );
memcpy( p, buf, buflen );
@ -1491,7 +1492,7 @@ int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
p = (unsigned char *) malloc( len = buflen );
if( p == NULL )
return( 1 );
return( POLARSSL_ERR_X509_MALLOC_FAILED );
memcpy( p, buf, buflen );
@ -1680,7 +1681,7 @@ int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
if( crl->next == NULL )
{
x509_crl_free( crl );
return( 1 );
return( POLARSSL_ERR_X509_MALLOC_FAILED );
}
crl = crl->next;
@ -1701,20 +1702,20 @@ int load_file( const char *path, unsigned char **buf, size_t *n )
FILE *f;
if( ( f = fopen( path, "rb" ) ) == NULL )
return( 1 );
return( POLARSSL_ERR_X509_FILE_IO_ERROR );
fseek( f, 0, SEEK_END );
*n = (size_t) ftell( f );
fseek( f, 0, SEEK_SET );
if( ( *buf = (unsigned char *) malloc( *n + 1 ) ) == NULL )
return( 1 );
return( POLARSSL_ERR_X509_MALLOC_FAILED );
if( fread( *buf, 1, *n, f ) != *n )
{
fclose( f );
free( *buf );
return( 1 );
return( POLARSSL_ERR_X509_FILE_IO_ERROR );
}
fclose( f );
@ -1727,16 +1728,16 @@ int load_file( const char *path, unsigned char **buf, size_t *n )
/*
* Load one or more certificates and add them to the chained list
*/
int x509parse_crtfile( x509_cert *chain, const char *path, int permissive )
int x509parse_crtfile( x509_cert *chain, const char *path )
{
int ret;
size_t n;
unsigned char *buf;
if ( load_file( path, &buf, &n ) )
return( 1 );
if ( (ret = load_file( path, &buf, &n ) ) != 0 )
return( ret );
ret = x509parse_crt( chain, buf, n, permissive );
ret = x509parse_crt( chain, buf, n );
memset( buf, 0, n + 1 );
free( buf );
@ -1753,8 +1754,8 @@ int x509parse_crlfile( x509_crl *chain, const char *path )
size_t n;
unsigned char *buf;
if ( load_file( path, &buf, &n ) )
return( 1 );
if ( (ret = load_file( path, &buf, &n ) ) != 0 )
return( ret );
ret = x509parse_crl( chain, buf, n );
@ -1773,8 +1774,8 @@ int x509parse_keyfile( rsa_context *rsa, const char *path, const char *pwd )
size_t n;
unsigned char *buf;
if ( load_file( path, &buf, &n ) )
return( 1 );
if ( (ret = load_file( path, &buf, &n ) ) != 0 )
return( ret );
if( pwd == NULL )
ret = x509parse_key( rsa, buf, n, NULL, 0 );
@ -1797,8 +1798,8 @@ int x509parse_public_keyfile( rsa_context *rsa, const char *path )
size_t n;
unsigned char *buf;
if ( load_file( path, &buf, &n ) )
return( 1 );
if ( (ret = load_file( path, &buf, &n ) ) != 0 )
return( ret );
ret = x509parse_public_key( rsa, buf, n );
@ -2250,8 +2251,8 @@ int x509parse_dhmfile( dhm_context *dhm, const char *path )
size_t n;
unsigned char *buf;
if ( load_file( path, &buf, &n ) )
return( 1 );
if ( ( ret = load_file( path, &buf, &n ) ) != 0 )
return( ret );
ret = x509parse_dhm( dhm, buf, n );
@ -3155,7 +3156,7 @@ int x509_self_test( int verbose )
memset( &clicert, 0, sizeof( x509_cert ) );
ret = x509parse_crt( &clicert, (unsigned char *) test_cli_crt,
strlen( test_cli_crt ), X509_NON_PERMISSIVE );
strlen( test_cli_crt ) );
if( ret != 0 )
{
if( verbose != 0 )
@ -3167,7 +3168,7 @@ int x509_self_test( int verbose )
memset( &cacert, 0, sizeof( x509_cert ) );
ret = x509parse_crt( &cacert, (unsigned char *) test_ca_crt,
strlen( test_ca_crt ), X509_NON_PERMISSIVE );
strlen( test_ca_crt ) );
if( ret != 0 )
{
if( verbose != 0 )