From d22eb4ae99267c457ed2d50906c19a242dab90ca Mon Sep 17 00:00:00 2001
From: fengweihao <fengweihao@iie.ac.cn>
Date: Tue, 10 Sep 2019 20:02:16 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9PXY=5FOBJ=5FKERING=E9=85=8D?=
 =?UTF-8?q?=E7=BD=AE=E8=A1=A8=E8=AF=BB=E5=8F=96?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/cert_session.c | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/src/cert_session.c b/src/cert_session.c
index 54f1144..5315583 100644
--- a/src/cert_session.c
+++ b/src/cert_session.c
@@ -118,6 +118,10 @@ static int x509_public_str2idx(const char *public_algo)
 {
 	int bits = 1024;
 
+	if (public_algo == NULL || strcasecmp(public_algo, "null") == 0)
+	{
+		goto finish;
+	}
 	if (strcasestr(public_algo, "1024") != NULL)
 	{
 		bits = 1024;
@@ -130,6 +134,7 @@ static int x509_public_str2idx(const char *public_algo)
 	{
 		bits = 4096;
 	}
+finish:
 	return bits;
 }
 
@@ -532,7 +537,7 @@ x509_modify_by_cert(X509 *cacrt, EVP_PKEY *cakey, X509 *origcrt, char *pkey, int
 	    !X509_set_pubkey(crt, key))
 		goto errout;
 
-	if (*expire_time == 0)
+	if (*expire_time <= 0)
 	{		
 		int day = 0, sec = 0;
 		ASN1_TIME_set(X509_get_notBefore(crt), ASN1_GetTimeT(X509_get_notBefore(origcrt)));
@@ -1477,7 +1482,6 @@ pthread_work_proc(struct evhttp_request *evh_req, void *arg)
 
     thread_decode_uri(uri, &request->origin, &request->keyring_id, request->sni,
                       &request->is_valid);
-
     mesa_runtime_log(RLOG_LV_DEBUG, MODULE_NAME, "[Thread %d]Received a %s request for uri, kering_id:%d, sni:%s origin:%p valid:%d",
                      request->thread_id, cmdtype, request->keyring_id, request->sni, request->origin, request->is_valid);
 
@@ -1888,12 +1892,12 @@ const char* table_line, MAAT_PLUGIN_EX_DATA* ad, long __attribute__((__unused__)
     memset(pxy_obj, 0, sizeof(struct pxy_obj_keyring));
 	atomic64_set(&pxy_obj->ref_cnt, 1);
 
-	ret=sscanf(table_line, "%d\t%s\t%s\t%s\t%s\t%s\t%lu\t%s\t%d", &pxy_obj->keyring_id, profile_name,
-		       pxy_obj->keyring_type, private_file, public_file, pxy_obj->public_algo, &pxy_obj->expire_after, 
+	ret=sscanf(table_line, "%d\t%s\t%s\t%s\t%s\t%lu\t%s\t%s\t%d", &pxy_obj->keyring_id, profile_name,
+		       pxy_obj->keyring_type, private_file, public_file, &pxy_obj->expire_after, pxy_obj->public_algo,  
 		       pxy_obj->v3_ctl, &pxy_obj->is_valid);
 	if(ret!=9)
 	{
-        kfree(&pxy_obj);
+        kfree(pxy_obj);
         mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "certstore parse config failed: %s", table_line);
         goto finish;
 	}