diff options
| author | Carl Hetherington <cth@carlh.net> | 2016-01-27 21:06:26 +0000 |
|---|---|---|
| committer | Carl Hetherington <cth@carlh.net> | 2016-01-27 21:06:26 +0000 |
| commit | b28be8a5d9610dc8c83a19d1d531f9ebf21e1492 (patch) | |
| tree | 5461aa7e9a914e62dc3d81a516bfa33ba05a6a3f /src | |
| parent | 3757ba5e3207944a66610c4a82068029dd8a49a3 (diff) | |
Check for trailing data when loading certificates.
Diffstat (limited to 'src')
| -rw-r--r-- | src/certificate.cc | 15 | ||||
| -rw-r--r-- | src/certificate.h | 10 |
2 files changed, 22 insertions, 3 deletions
diff --git a/src/certificate.cc b/src/certificate.cc index 36aef7f9..fd767fa7 100644 --- a/src/certificate.cc +++ b/src/certificate.cc @@ -34,6 +34,7 @@ #include <openssl/err.h> #include <boost/algorithm/string.hpp> #include <cerrno> +#include <iostream> #include <algorithm> using std::list; @@ -50,6 +51,7 @@ static string const end_certificate = "-----END CERTIFICATE-----"; Certificate::Certificate (X509* c) : _certificate (c) , _public_key (0) + , _extra_data (false) { } @@ -61,7 +63,7 @@ Certificate::Certificate (string cert) : _certificate (0) , _public_key (0) { - read_string (cert); + _extra_data = read_string (cert); } /** Copy constructor. @@ -70,6 +72,7 @@ Certificate::Certificate (string cert) Certificate::Certificate (Certificate const & other) : _certificate (0) , _public_key (0) + , _extra_data (other._extra_data) { if (other._certificate) { read_string (other.certificate (true)); @@ -78,8 +81,9 @@ Certificate::Certificate (Certificate const & other) /** Read a certificate from a string. * @param cert String to read. + * @return true if there is extra stuff after the end of the certificate, false if not. */ -void +bool Certificate::read_string (string cert) { /* Reformat cert so that it has line breaks every 64 characters. @@ -137,6 +141,12 @@ Certificate::read_string (string cert) } BIO_free (bio); + + line.clear (); + if (s.good ()) { + getline (s, line); + } + return !line.empty(); } /** Destructor */ @@ -160,6 +170,7 @@ Certificate::operator= (Certificate const & other) _certificate = 0; RSA_free (_public_key); _public_key = 0; + _extra_data = other._extra_data; read_string (other.certificate (true)); diff --git a/src/certificate.h b/src/certificate.h index 6225cf31..438d9980 100644 --- a/src/certificate.h +++ b/src/certificate.h @@ -76,8 +76,12 @@ public: std::string thumbprint () const; + bool extra_data () const { + return _extra_data; + } + private: - void read_string (std::string); + bool read_string (std::string); static std::string name_for_xml (X509_NAME *); static std::string asn_to_utf8 (ASN1_STRING *); @@ -85,6 +89,10 @@ private: X509* _certificate; mutable RSA* _public_key; + /** true if extra data was found when this certificate was read + from a string. + */ + bool _extra_data; }; bool operator== (Certificate const & a, Certificate const & b); |