0002-bearssl-Remove-unnecessary-CA-blob-length-check.patch (882B)
- From f91719c41ecf96fe661a3fa03b5d22b8e6d52402 Mon Sep 17 00:00:00 2001
- From: Michael Forney <mforney@mforney.org>
- Date: Mon, 15 Nov 2021 13:10:02 -0800
- Subject: [PATCH] bearssl: Remove unnecessary CA blob length check
- BearSSL APIs take a size_t length parameter, so unlike OpenSSL,
- there is no conversion to int and no reason to check that it's less
- than INT_MAX.
- ---
- lib/vtls/bearssl.c | 3 ---
- 1 file changed, 3 deletions(-)
- diff --git a/lib/vtls/bearssl.c b/lib/vtls/bearssl.c
- index 934149c..32d9a5b 100644
- --- a/lib/vtls/bearssl.c
- +++ b/lib/vtls/bearssl.c
- @@ -133,9 +133,6 @@ static CURLcode load_cafile(struct cafile_source *source,
- return CURLE_SSL_CACERT_BADFILE;
- }
- - if(source->type == CAFILE_SOURCE_BLOB && source->len > (size_t)INT_MAX)
- - return CURLE_SSL_CACERT_BADFILE;
- -
- ca.err = CURLE_OK;
- ca.in_cert = FALSE;
- ca.anchors = NULL;
- --
- 2.42.0