Commit `957f269a42`

DraagrenKirneh <h_n91@hotmail.com>

2023-05-22 16:13:34

Ignore certificates with unknown OID (#15539)

* Ignore certificates with unknown OID * switch directly after catch

master

1 parent 89f622f

Changed files (1)

lib

std

crypto

Certificate

Bundle.zig

@@ -244,10 +244,16 @@ pub fn parseCert(cb: *Bundle, gpa: Allocator, decoded_start: u32, now_sec: i64)
     // the subject name, we pre-parse all of them to make sure and only
     // include in the bundle ones that we know will parse. This way we can
     // use `catch unreachable` later.
-    const parsed_cert = try Certificate.parse(.{
+    const parsed_cert = Certificate.parse(.{
         .buffer = cb.bytes.items,
         .index = decoded_start,
-    });
+    }) catch |err| switch (err) {
+        error.CertificateHasUnrecognizedObjectId => {
+            cb.bytes.items.len = decoded_start;
+            return;
+        },
+        else => |e| return e,
+    };
     if (now_sec > parsed_cert.validity.not_after) {
         // Ignore expired cert.
         cb.bytes.items.len = decoded_start;

Commit 957f269a42

Commit `957f269a42`