@@ -18961,7 +18961,6 @@ static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert)
1896118961#ifndef WOLFSSL_ASN_TEMPLATE
1896218962 word32 idx = 0;
1896318963 int length = 0;
18964- int count = 0;
1896518964 byte b = 0;
1896618965 word32 oid;
1896718966
@@ -18971,7 +18970,7 @@ static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert)
1897118970 if (GetSequence(input, &idx, &length, sz) < 0)
1897218971 return ASN_PARSE_E;
1897318972
18974- while ((idx < (word32)sz) && (count < MAX_AIA_SZ) ) {
18973+ while ((idx < (word32)sz)) {
1897518974 /* Unwrap a single AIA */
1897618975 if (GetSequence(input, &idx, &length, sz) < 0)
1897718976 return ASN_PARSE_E;
@@ -18989,23 +18988,22 @@ static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert)
1898918988 return ASN_PARSE_E;
1899018989
1899118990 /* Set ocsp entry */
18992- if (b == GENERALNAME_URI && oid == AIA_OCSP_OID)
18991+ if (b == GENERALNAME_URI && oid == AIA_OCSP_OID &&
18992+ cert->extAuthInfo == NULL)
1899318993 {
1899418994 cert->extAuthInfoSz = length;
1899518995 cert->extAuthInfo = input + idx;
18996- #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
18997- count++;
18998- #else
18996+ #if !defined(OPENSSL_ALL) && !defined(WOLFSSL_QT)
1899918997 break;
1900018998 #endif
1900118999 }
1900219000 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
1900319001 /* Set CaIssuers entry */
19004- else if ((b == GENERALNAME_URI) && oid == AIA_CA_ISSUER_OID)
19002+ else if ((b == GENERALNAME_URI) && oid == AIA_CA_ISSUER_OID &&
19003+ cert->extAuthInfoCaIssuer == NULL)
1900519004 {
1900619005 cert->extAuthInfoCaIssuerSz = length;
1900719006 cert->extAuthInfoCaIssuer = input + idx;
19008- count++;
1900919007 }
1901019008 #endif
1901119009 idx += (word32)length;
@@ -19015,7 +19013,6 @@ static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert)
1901519013#else
1901619014 word32 idx = 0;
1901719015 int length = 0;
19018- int count = 0;
1901919016 int ret = 0;
1902019017
1902119018 WOLFSSL_ENTER("DecodeAuthInfo");
@@ -19025,7 +19022,7 @@ static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert)
1902519022 ret = ASN_PARSE_E;
1902619023 }
1902719024
19028- while ((ret == 0) && (idx < (word32)sz) && (count < MAX_AIA_SZ) ) {
19025+ while ((ret == 0) && (idx < (word32)sz)) {
1902919026 ASNGetData dataASN[accessDescASN_Length];
1903019027
1903119028 /* Clear dynamic data and retrieve OID and name. */
@@ -19040,27 +19037,26 @@ static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert)
1904019037
1904119038 /* Check we have OCSP and URI. */
1904219039 if ((dataASN[ACCESSDESCASN_IDX_METH].data.oid.sum == AIA_OCSP_OID) &&
19043- (dataASN[ACCESSDESCASN_IDX_LOC].tag == GENERALNAME_URI)) {
19040+ (dataASN[ACCESSDESCASN_IDX_LOC].tag == GENERALNAME_URI) &&
19041+ (cert->extAuthInfo == NULL)) {
1904419042 /* Store URI for OCSP lookup. */
1904519043 GetASN_GetConstRef(&dataASN[ACCESSDESCASN_IDX_LOC],
1904619044 &cert->extAuthInfo, &sz32);
1904719045 cert->extAuthInfoSz = (int)sz32;
19048- #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
19049- count++;
19050- #else
19046+ #if !defined(OPENSSL_ALL) && !defined(WOLFSSL_QT)
1905119047 break;
1905219048 #endif
1905319049 }
1905419050 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
1905519051 /* Check we have CA Issuer and URI. */
1905619052 else if ((dataASN[ACCESSDESCASN_IDX_METH].data.oid.sum ==
1905719053 AIA_CA_ISSUER_OID) &&
19058- (dataASN[ACCESSDESCASN_IDX_LOC].tag == GENERALNAME_URI)) {
19054+ (dataASN[ACCESSDESCASN_IDX_LOC].tag == GENERALNAME_URI) &&
19055+ (cert->extAuthInfoCaIssuer == NULL)) {
1905919056 /* Set CaIssuers entry */
1906019057 GetASN_GetConstRef(&dataASN[ACCESSDESCASN_IDX_LOC],
1906119058 &cert->extAuthInfoCaIssuer, &sz32);
1906219059 cert->extAuthInfoCaIssuerSz = (int)sz32;
19063- count++;
1906419060 }
1906519061 #endif
1906619062 /* Otherwise skip. */
0 commit comments