in DecodeAltNames, skip unknown name types, don't treat as error

2014-03-18 09:24:07 -07:00 · 2014-03-18 09:24:07 -07:00 · ac452eebdc
commit ac452eebdc
parent 1ea620cece
1 changed files with 11 additions and 2 deletions
--- a/ctaocrypt/src/asn.c
+++ b/ctaocrypt/src/asn.c
@ -2936,8 +2936,17 @@ static int DecodeAltNames(byte* input, int sz, DecodedCert* cert)
        }
 #endif /* CYASSL_SEP */
        else {
-            CYASSL_MSG("\tNot DNS type");
-            return ASN_PARSE_E;
+            int strLen;
+            word32 lenStartIdx = idx;
+
+            CYASSL_MSG("\tUnsupported name type, skipping");
+
+            if (GetLength(input, &idx, &strLen, sz) < 0) {
+                CYASSL_MSG("\tfail: unsupported name length");
+                return ASN_PARSE_E;
+            }
+            length -= (strLen + idx - lenStartIdx);
+            idx += strLen;
        }
    }
    return 0;