Security-57031.30.12.tar.gz

[apple/security.git] / Security / libsecurity_ssl / lib / sslCrypto.c

diff --git a/Security/libsecurity_ssl/lib/sslCrypto.c b/Security/libsecurity_ssl/lib/sslCrypto.c
index 07457375e2a529cacf9111c6e4aab18c8f948e75..600916ccac931767571eb040a1a4884a10f8f191 100644 (file)
--- a/Security/libsecurity_ssl/lib/sslCrypto.c
+++ b/Security/libsecurity_ssl/lib/sslCrypto.c
@@ -187,13 +187,17 @@ static OSStatus sslVerifyCertChain(
        OSStatus status;
        SecTrustRef trust = NULL;
 
-    assert(certChain);
-
     if (arePeerCerts) {
                /* renegotiate - start with a new SecTrustRef */
         CFReleaseNull(ctx->peerSecTrust);
     }
 
+    if(certChain==NULL) {
+        sslErrorLog("***Error: NULL cert chain\n");
+        status = errSSLXCertChainInvalid;
+        goto errOut;
+    }
+
        status = sslCreateSecTrust(ctx, certChain, arePeerCerts, &trust);
 
        if (!ctx->enableCertVerify) {
@@ -446,8 +450,14 @@ tls_verify_peer_cert(SSLContext *ctx)
     if(err)
         goto out;
 
-    /* Set the public key */
-    tls_set_peer_pubkey(ctx->hdsk, certs);
+    /* Set the public key, only if we have certs.
+       We don't return an handshake error if there is no cert,
+       The fact that there is no cert should be reflected in the
+       trust results above, or will be handle when the application
+       does its own trust evaluation. */
+    if(certs) {
+        require_noerr(err=tls_set_peer_pubkey(ctx->hdsk, certs), out);
+    }
 
     /* Now that cert verification is done, update context state */
     /* (this code was formerly in SSLProcessHandshakeMessage, */