luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity

Ensure we never return a nil set of trusted CA certs

Browse source 
Fixes #1637
This commit is contained in:
Jeff Mitchell 2016-07-21 09:50:31 -04:00
parent eaa35df2d9
commit d335038b40
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
builtin/credential/cert/path_login.go
View file

@ -210,6 +210,8 @@ func (b *backend) matchPolicy(chains [][]*x509.Certificate, trusted []*ParsedCer
// loadTrustedCerts is used to load all the trusted certificates from the backend
func (b *backend) loadTrustedCerts(store logical.Storage) (pool *x509.CertPool, trusted []*ParsedCert, trustedNonCAs []*ParsedCert) {
pool = x509.NewCertPool()
trusted = make([]*ParsedCert)
trustedNonCAs = make([]*ParsedCert)
names, err := store.List("cert/")
if err != nil {
b.Logger().Printf("[ERR] cert: failed to list trusted certs: %v", err)