From 1adaed90467afee64441e73640e76f347c54016c Mon Sep 17 00:00:00 2001
From: Michael Gernoth <michael@gernoth.net>
Date: Wed, 10 Dec 2003 08:02:59 +0000
Subject: [PATCH] X509 Certificate fix from Daniel Drown

git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/trunk/rdesktop@556 423420c4-83ab-492f-b58f-81f9feb106b5
---
 secure.c | 32 +++++++++++++++++++++++++++++++-
 1 file changed, 31 insertions(+), 1 deletion(-)

diff --git a/secure.c b/secure.c
index e98f02f..5546d82 100644
--- a/secure.c
+++ b/secure.c
@@ -625,8 +625,38 @@ sec_parse_crypt_info(STREAM s, uint32 * rc4_key_size,
 	}
 	else
 	{
+		uint32 certcount;
+
 		DEBUG_RDP5(("We're going for the RDP5-style encryption\n"));
-		in_uint8s(s, 4);	/* Number of certificates */
+		in_uint32_le(s, certcount); /* Number of certificates */
+
+		if(certcount < 2) 
+		{
+			error("Server didn't send enough X509 certificates\n");
+			return False;
+		}
+
+		for(; certcount > 2; certcount--)
+		{ /* ignore all the certificates between the root and the signing CA */
+			uint32 ignorelen;
+			X509 *ignorecert;
+
+			DEBUG_RDP5(("Ignored certs left: %d\n", certcount));
+
+			in_uint32_le(s, ignorelen);
+			DEBUG_RDP5(("Ignored Certificate length is %d\n", ignorelen));
+			ignorecert = d2i_X509(NULL, &(s->p), ignorelen);
+
+			if(ignorecert == NULL)
+			{ /* XXX: error out? */
+				DEBUG_RDP5(("got a bad cert: this will probably screw up the rest of the communication\n"));
+			}
+
+#ifdef WITH_DEBUG_RDP5
+			DEBUG_RDP5(("cert #%d (ignored):\n",certcount));
+			X509_print_fp(stdout, ignorecert);
+#endif
+		}
 
 		/* Do da funky X.509 stuffy