File trust-Dont-use-invalid-public-keys-for-looking-up-.patch of Package p11-kit
From 244e885d3e9aae7f7b286f1115a220eb16fa0530 Mon Sep 17 00:00:00 2001
From: Stef Walter <stefw@redhat.com>
Date: Fri, 8 Aug 2014 08:47:54 +0200
Subject: [PATCH] trust: Don't use invalid public keys for looking up stapled
extensions
https://bugs.freedesktop.org/show_bug.cgi?id=82328
---
trust/builder.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/trust/builder.c b/trust/builder.c
index f7ea86a..fd7a662 100644
--- a/trust/builder.c
+++ b/trust/builder.c
@@ -125,7 +125,7 @@ lookup_extension (p11_builder *builder,
{ CKA_INVALID },
};
- if (public_key == NULL)
+ if (public_key == NULL || public_key->type == CKA_INVALID)
public_key = p11_attrs_find_valid (cert, CKA_X_PUBLIC_KEY_INFO);
/* Look for a stapled certificate extension */
--
1.9.3