Bug#579631: cr-lf causes same problem

Fri, 10 Sep 2010 22:15:17 -0700 

On 09/10/2010 01:16 AM, Scott Wheeler wrote:
> I see the same error message. In my case it turned out to be CR-LF line 
> endings introduced by cut and paste of a certificate in an email client on a 
> Mac into vi on an Ubuntu box, so arguably it's my fault. However OpenSSL does 
> handle this, and if it is not supported, a more informative error message 
> would be useful.

Does the attached patch fix this issue?

regards,
Nikos



diff --git a/NEWS b/NEWS
index 36bcd3c..ae12a69 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,9 @@ See the end for copying conditions.
 
 * Version 2.10.2 (unreleased)
 
+** libgnutls: Is now more liberal in the PEM decoding. That is spaces and 
+tabs are being skipped.
+
 ** libgnutls: Renamed NULL MAC to MAC-NULL to prevent clash with NULL
 cipher. This prevented the usage of the TLS ciphersuites with NULL
 cipher.
diff --git a/lib/x509_b64.c b/lib/x509_b64.c
index 767dbd8..c9bea30 100644
--- a/lib/x509_b64.c
+++ b/lib/x509_b64.c
@@ -414,7 +414,7 @@ cpydata (const uint8_t * data, int data_size, uint8_t ** 
result)
 
   for (j = i = 0; i < data_size; i++)
     {
-      if (data[i] == '\n' || data[i] == '\r')
+      if (data[i] == '\n' || data[i] == '\r' || data[i] == ' ' || data[i] == 
'\t')
        continue;
       (*result)[j] = data[i];
       j++;
@@ -427,15 +427,14 @@ cpydata (const uint8_t * data, int data_size, uint8_t ** 
result)
  *
  * The result_size is the return value
  */
-#define ENDSTR "-----\n"
-#define ENDSTR2 "-----\r"
+#define ENDSTR "-----"
 int
 _gnutls_fbase64_decode (const char *header, const opaque * data,
                        size_t data_size, uint8_t ** result)
 {
   int ret;
   static const char top[] = "-----BEGIN ";
-  static const char bottom[] = "\n-----END ";
+  static const char bottom[] = "-----END ";
   uint8_t *rdata;
   int rdata_size;
   uint8_t *kdata;
@@ -463,13 +462,10 @@ _gnutls_fbase64_decode (const char *header, const opaque 
* data,
       return GNUTLS_E_BASE64_DECODING_ERROR;
     }
 
-  kdata = memmem (rdata, data_size, ENDSTR, sizeof (ENDSTR) - 1);
+  kdata = memmem (rdata+1, data_size-1, ENDSTR, sizeof (ENDSTR) - 1);
   /* allow CR as well.
    */
   if (kdata == NULL)
-    kdata = memmem (rdata, data_size, ENDSTR2, sizeof (ENDSTR2) - 1);
-
-  if (kdata == NULL)
     {
       gnutls_assert ();
       _gnutls_x509_log ("Could not find '%s'\n", ENDSTR);

Reply via email to