From 566273af2c3f0e6bff6df6eb8922b28f302c2090 Mon Sep 17 00:00:00 2001
From: Yann Leboulanger <asterix@lagaule.org>
Date: Mon, 8 Oct 2012 11:14:47 +0200
Subject: [PATCH] prevent traceback when a wrong certificate is being checked.
 Fixes #7242

---
 src/common/check_X509.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/common/check_X509.py b/src/common/check_X509.py
index 5a77eedccc..5d7213dcb6 100644
--- a/src/common/check_X509.py
+++ b/src/common/check_X509.py
@@ -133,7 +133,12 @@ try:
         for i in range(0, cnt):
             ext = cert.get_extension(i)
             if ext.get_short_name() == 'subjectAltName':
-                r = _parse_asn1(ext.get_data())
+                try:
+                    r = _parse_asn1(ext.get_data())
+                except:
+                    log.error('Wrong data in certificate: subjectAltName=%s' % \
+                        ext.get_data())
+                    continue
                 if 'otherName' in r:
                     if oid_xmppaddr in r['otherName']:
                         for host in r['otherName'][oid_xmppaddr]:
-- 
GitLab