commit 8af7bfa982dbc855d159f2e990ea33c464f969bc
author Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon Jul 10 11:20:08 2017 +0200
committer Simon Butcher <simon.butcher@arm.com> Fri Jul 28 13:15:57 2017 +0100
tree 8950ab91f5e22356a0e3e5350cef5cf66295a60f
parent 7ac50196f3e9350a93ec658237a69e74890f38a0

Improve behaviour on fatal errors

If we didn't walk the whole chain, then there may be any kind of errors in the
part of the chain we didn't check, so setting all flags looks like the safe
thing to do.

library/x509_crt.c

diff --git a/library/x509_crt.c b/library/x509_crt.c
index 2b3eef7..70ad356 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -2147,7 +2147,7 @@
         ret = x509_crt_verify_top( crt, parent, ca_crl,
                                    pathlen, selfsigned, flags, f_vrfy, p_vrfy );
         if( ret != 0 )
-            return( ret );
+            goto exit;
     }
     else
     {
@@ -2162,17 +2162,24 @@
             ret = x509_crt_verify_child( crt, parent, trust_ca, ca_crl,
                                          pathlen, selfsigned, flags, f_vrfy, p_vrfy );
             if( ret != 0 )
-                return( ret );
+                goto exit;
         }
         else
         {
             ret = x509_crt_verify_top( crt, trust_ca, ca_crl,
                                        pathlen, selfsigned, flags, f_vrfy, p_vrfy );
             if( ret != 0 )
-                return( ret );
+                goto exit;
         }
     }
 
+exit:
+    if( ret != 0 )
+    {
+        *flags = (uint32_t) -1;
+        return( ret );
+    }
+
     if( *flags != 0 )
         return( POLARSSL_ERR_X509_CERT_VERIFY_FAILED );