Use iterator for CRL (Issue #5532)

apple · Feb 25, 2019 · 74dece9 · 74dece9
1 parent 17675b0
commit 74dece9
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 10 deletions.
diff --git a/CHANGES.md b/CHANGES.md
@@ -27,7 +27,7 @@ Changes in CUPS v2.2.11
 - Added a USB quirks rule for Xerox printers (Issue #5523)
 - The scheduler's self-signed certificate did not include all of the alternate
   names for the server when using GNU TLS (Issue #5525)
-- Fixed a compiler warning with newer versions of GCC (Issue #5533)
+- Fixed compiler warnings with newer versions of GCC (Issue #5532, Issue #5533)
 - Media size matching now uses a tolerance of 0.5mm (rdar://33822024)
 - The lpadmin command would hang with a bad PPD file (rdar://41495016)
 - Fixed a potential crash bug in cups-driverd (rdar://46625579)

diff --git a/cups/tls-gnutls.c b/cups/tls-gnutls.c
@@ -403,31 +403,33 @@ httpCredentialsAreValidForName(
 
     if (result)
     {
-      int		i,		/* Looping var */
-			count;		/* Number of revoked certificates */
+      gnutls_x509_crl_iter_t iter = NULL;
+					/* Iterator */
       unsigned char	cserial[1024],	/* Certificate serial number */
 			rserial[1024];	/* Revoked serial number */
       size_t		cserial_size,	/* Size of cert serial number */
 			rserial_size;	/* Size of revoked serial number */
 
       _cupsMutexLock(&tls_mutex);
 
-      count = gnutls_x509_crl_get_crt_count(tls_crl);
-
-      if (count > 0)
+      if (gnutls_x509_crl_get_crt_count(tls_crl) > 0)
       {
         cserial_size = sizeof(cserial);
         gnutls_x509_crt_get_serial(cert, cserial, &cserial_size);
 
-        for (i = 0; i < count; i ++)
-	{
-	  rserial_size = sizeof(rserial);
-          if (!gnutls_x509_crl_get_crt_serial(tls_crl, (unsigned)i, rserial, &rserial_size, NULL) && cserial_size == rserial_size && !memcmp(cserial, rserial, rserial_size))
+	rserial_size = sizeof(rserial);
+
+        while (!gnutls_x509_crl_iter_crt_serial(tls_crl, &iter, rserial, &rserial_size, NULL))
+        {
+          if (cserial_size == rserial_size && !memcmp(cserial, rserial, rserial_size))
 	  {
 	    result = 0;
 	    break;
 	  }
+
+	  rserial_size = sizeof(rserial);
 	}
+	gnutls_x509_crl_iter_deinit(iter);
       }
 
       _cupsMutexUnlock(&tls_mutex);