Don't use assertion for failures of mbedtls_x509_crt_x_acquire()

These functions may afil in a regular run, e.g. due to an out of memory error.
2019-06-28 10:52:45 +01:00 · 2019-06-28 10:52:45 +01:00 · 2224ccf390
commit 2224ccf390
parent d92078fc55
3 changed files with 20 additions and 12 deletions
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -6507,7 +6507,10 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl,
        mbedtls_pk_context *pk;
        ret = mbedtls_x509_crt_pk_acquire( chain, &pk );
        if( ret != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_x509_crt_pk_acquire", ret );
            return( ret );
+        }

        /* If certificate uses an EC key, make sure the curve is OK */
        if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECKEY ) )