ssl_write_certificate_request() can handle empty ca_chain

commit: 21360ca4d45c47f16952fa1f75c21600c4e26d7e [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Fri Jun 21 15:11:10 2013 +0200
committer: Paul Bakker <p.j.bakker@polarssl.org> Fri Jun 21 15:11:10 2013 +0200
tree: 470aa61511f8b8c66df41cbad4f65fab0c5942d0
parent: 016ea076e72d771137d283958714e17368e3c049 [diff]
diff --git a/ChangeLog b/ChangeLog
index 00ab95d..21c91df 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -30,6 +30,7 @@
    * x509parse_crtpath() is now reentrant and uses more portable stat()
    * Fixed bignum.c and bn_mul.h to support Thumb2 and LLVM compiler
    * Fixed values for 2-key Triple DES in cipher layer
+   * ssl_write_certificate_request() can handle empty ca_chain
 
 Security
    * A possible DoS during the SSL Handshake, due to faulty parsing of

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index ee41633..9ba2294 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c

@@ -972,7 +972,7 @@
     crt = ssl->ca_chain;
 
     total_dn_size = 0;
-    while( crt != NULL )
+    while( crt != NULL && crt->version != 0)
     {
         if( p - buf > 4096 )
             break;
commit	21360ca4d45c47f16952fa1f75c21600c4e26d7e	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Fri Jun 21 15:11:10 2013 +0200
committer	Paul Bakker <p.j.bakker@polarssl.org>	Fri Jun 21 15:11:10 2013 +0200
tree	470aa61511f8b8c66df41cbad4f65fab0c5942d0
parent	016ea076e72d771137d283958714e17368e3c049 [diff]