Imported Upstream version 4.5.2

1 files changed, 4 insertions, 3 deletions

diff --git a/src/pluto/crl.c b/src/pluto/crl.c
index 1c9c9a8cc..38db0f2fd 100644
--- a/src/pluto/crl.c
+++ b/src/pluto/crl.c
@@ -163,7 +163,7 @@ bool insert_crl(x509crl_t *x509crl, char *crl_uri, bool cache_crl)
 		{
 			/* keep any known CRL distribution points */
 			add_distribution_points(x509crl->distributionPoints,
-					 				oldcrl->distributionPoints);
+									oldcrl->distributionPoints);
 
 			/* now delete the old CRL */
 			free_first_crl();
@@ -199,7 +199,7 @@ bool insert_crl(x509crl_t *x509crl, char *crl_uri, bool cache_crl)
 		chunk_t hex, encoding;
 
 		hex = chunk_to_hex(crl->get_authKeyIdentifier(crl), NULL, FALSE);
-		snprintf(buf, sizeof(buf), "%s/%s.crl", CRL_PATH, hex);
+		snprintf(buf, sizeof(buf), "%s/%s.crl", CRL_PATH, hex.ptr);
 		free(hex.ptr);
 
 		if (cert_crl->get_encoding(cert_crl, CERT_ASN1_DER, &encoding))
@@ -425,7 +425,8 @@ cert_status_t verify_by_crl(cert_t *cert, time_t *until, time_t *revocationDate,
 		lock_authcert_list("verify_by_crl");
 
 		issuer_cert = get_authcert(issuer, authKeyID, X509_CA);
-		trusted = cert_crl->issued_by(cert_crl, issuer_cert->cert);
+		trusted = issuer_cert ? cert_crl->issued_by(cert_crl, issuer_cert->cert)
+							  : FALSE;
 
 		unlock_authcert_list("verify_by_crl");