summaryrefslogtreecommitdiff
path: root/src/pluto/crl.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/pluto/crl.c')
-rw-r--r--src/pluto/crl.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/src/pluto/crl.c b/src/pluto/crl.c
index 1c9c9a8cc..38db0f2fd 100644
--- a/src/pluto/crl.c
+++ b/src/pluto/crl.c
@@ -163,7 +163,7 @@ bool insert_crl(x509crl_t *x509crl, char *crl_uri, bool cache_crl)
{
/* keep any known CRL distribution points */
add_distribution_points(x509crl->distributionPoints,
- oldcrl->distributionPoints);
+ oldcrl->distributionPoints);
/* now delete the old CRL */
free_first_crl();
@@ -199,7 +199,7 @@ bool insert_crl(x509crl_t *x509crl, char *crl_uri, bool cache_crl)
chunk_t hex, encoding;
hex = chunk_to_hex(crl->get_authKeyIdentifier(crl), NULL, FALSE);
- snprintf(buf, sizeof(buf), "%s/%s.crl", CRL_PATH, hex);
+ snprintf(buf, sizeof(buf), "%s/%s.crl", CRL_PATH, hex.ptr);
free(hex.ptr);
if (cert_crl->get_encoding(cert_crl, CERT_ASN1_DER, &encoding))
@@ -425,7 +425,8 @@ cert_status_t verify_by_crl(cert_t *cert, time_t *until, time_t *revocationDate,
lock_authcert_list("verify_by_crl");
issuer_cert = get_authcert(issuer, authKeyID, X509_CA);
- trusted = cert_crl->issued_by(cert_crl, issuer_cert->cert);
+ trusted = issuer_cert ? cert_crl->issued_by(cert_crl, issuer_cert->cert)
+ : FALSE;
unlock_authcert_list("verify_by_crl");
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-15 06:53:51 +0000