File 4541-public_key-Code-enhancement.patch of Package erlang
From 589e27d2916cbf858852b712b0da2754cfc6dda2 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Thu, 23 Sep 2021 11:21:19 +0200
Subject: [PATCH 1/5] public_key: Code enhancement
Make code easier to read by ordering clauses so error case comes last.
---
lib/public_key/src/public_key.erl | 34 +++++++++++++++----------------
1 file changed, 16 insertions(+), 18 deletions(-)
diff --git a/lib/public_key/src/public_key.erl b/lib/public_key/src/public_key.erl
index b8f9573249..6ecb902db5 100644
--- a/lib/public_key/src/public_key.erl
+++ b/lib/public_key/src/public_key.erl
@@ -1103,27 +1103,10 @@ pkix_normalize_name(Issuer) ->
{error, {bad_cert, Reason :: term()}}.
%% Description: Performs a basic path validation according to RFC 5280.
%%--------------------------------------------------------------------
-pkix_path_validation(PathErr, [Cert | Chain], Options0) when is_atom(PathErr)->
- {VerifyFun, Userstat0} =
- proplists:get_value(verify_fun, Options0, ?DEFAULT_VERIFYFUN),
- Otpcert = otp_cert(Cert),
- Reason = {bad_cert, PathErr},
- try VerifyFun(Otpcert, Reason, Userstat0) of
- {valid, Userstate} ->
- Options = proplists:delete(verify_fun, Options0),
- pkix_path_validation(Otpcert, Chain, [{verify_fun,
- {VerifyFun, Userstate}}| Options]);
- {fail, UserReason} ->
- {error, UserReason}
- catch
- _:_ ->
- {error, Reason}
- end;
pkix_path_validation(TrustedCert, CertChain, Options)
when is_binary(TrustedCert) ->
OtpCert = pkix_decode_cert(TrustedCert, otp),
pkix_path_validation(OtpCert, CertChain, Options);
-
pkix_path_validation(#'OTPCertificate'{} = TrustedCert, CertChain, Options)
when is_list(CertChain), is_list(Options) ->
MaxPathDefault = length(CertChain),
@@ -1139,8 +1122,23 @@ pkix_path_validation(#'OTPCertificate'{} = TrustedCert, CertChain, Options)
catch
throw:{bad_cert, _} = Result ->
{error, Result}
+ end;
+pkix_path_validation(PathErr, [Cert | Chain], Options0) when is_atom(PathErr)->
+ {VerifyFun, Userstat0} =
+ proplists:get_value(verify_fun, Options0, ?DEFAULT_VERIFYFUN),
+ Otpcert = otp_cert(Cert),
+ Reason = {bad_cert, PathErr},
+ try VerifyFun(Otpcert, Reason, Userstat0) of
+ {valid, Userstate} ->
+ Options = proplists:delete(verify_fun, Options0),
+ pkix_path_validation(Otpcert, Chain, [{verify_fun,
+ {VerifyFun, Userstate}}| Options]);
+ {fail, UserReason} ->
+ {error, UserReason}
+ catch
+ _:_ ->
+ {error, Reason}
end.
-
%--------------------------------------------------------------------
-spec pkix_crls_validate(OTPcertificate, DPandCRLs, Options) ->
CRLstatus when OTPcertificate :: #'OTPCertificate'{},
--
2.31.1