summaryrefslogtreecommitdiff
path: root/src/v1.erl
diff options
context:
space:
mode:
authorLinus Nordberg <linus@nordberg.se>2014-10-24 11:40:41 +0200
committerLinus Nordberg <linus@nordberg.se>2014-10-24 11:40:41 +0200
commitec817aad427b01ae60ff2d25df34a7babf1865fa (patch)
treee4db6dc5a4500b71663bc5797f662163f9b2ce68 /src/v1.erl
parent00156d1b7740c4177fc29bd10d75ea4e0e59cc6e (diff)
Catch badly ASN.1-encoded certificates.
Now not crashing badly encoded certs in the list of known roots, which is good. They're simply ignored. Next step is to figure out if we should accept some anomalies, due to reality.
Diffstat (limited to 'src/v1.erl')
-rw-r--r--src/v1.erl10
1 files changed, 5 insertions, 5 deletions
diff --git a/src/v1.erl b/src/v1.erl
index 0c13cbc..086fa35 100644
--- a/src/v1.erl
+++ b/src/v1.erl
@@ -21,13 +21,13 @@ request(post, "ct/v1/add-chain", Input) ->
Roots = catlfish:known_roots(),
case x509:normalise_chain(Roots, [LeafCert|CertChain]) of
{ok, [Leaf | Chain]} ->
- io:format("[info] adding ~p~n",
+ io:format("[info] adding ~p~n",
[x509:cert_string(LeafCert)]),
success(catlfish:add_chain(Leaf, Chain));
- {Err, Msg} ->
- io:format("[info] rejecting ~p: ~p~n",
- [x509:cert_string(LeafCert), Err]),
- html("add-chain: ", [Msg, Err])
+ {error, Reason} ->
+ io:format("[info] rejecting ~p: ~p~n",
+ [x509:cert_string(LeafCert), Reason]),
+ html("add-chain: invalid chain", Reason)
end;
Invalid ->
html("add-chain: chain is not a list: ", [Invalid])