Move DN upper bound function to X509_DN static function

Avoids another public header, and it just makes sense that it be declared there.
author: Jack Lloyd <[email protected]> 2017-12-23 10:54:46 -0500
committer: Jack Lloyd <[email protected]> 2017-12-23 10:54:46 -0500
commit: 4f60801da0a0f94a69b80c8e1d9ab7dc4ce2f224 (patch)
tree: 7af066d89eac7592fa88f8ecbdbf96377bf929c8 /src/lib/x509/x509path.cpp
parent: 726e54725110bc7ef2bf115731074dd11bd229ec (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/x509/x509path.cpp b/src/lib/x509/x509path.cpp
index 1ee4385fd..168acf144 100644
--- a/src/lib/x509/x509path.cpp
+++ b/src/lib/x509/x509path.cpp
@@ -8,7 +8,6 @@
 
 #include <botan/x509path.h>
 #include <botan/x509_ext.h>
-#include <botan/x509_dn_ub.h>
 #include <botan/pk_keys.h>
 #include <botan/ocsp.h>
 #include <botan/oids.h>
@@ -95,8 +94,9 @@ PKIX::check_chain(const std::vector<std::shared_ptr<const X509_Certificate>>& ce
       // Check the subject's DN components' length
       for(const auto& dn_pair : subject->subject_dn().get_attributes())
          {
+         const size_t dn_ub = X509_DN::lookup_ub(dn_pair.first);
          // dn_pair = <OID,str>
-         if(lookup_ub(dn_pair.first) < dn_pair.second.size())
+         if(dn_ub > 0 && dn_pair.second.size() > dn_ub)
             {
             status.insert(Certificate_Status_Code::DN_TOO_LONG);
             }
author	Jack Lloyd <[email protected]>	2017-12-23 10:54:46 -0500
committer	Jack Lloyd <[email protected]>	2017-12-23 10:54:46 -0500
commit	4f60801da0a0f94a69b80c8e1d9ab7dc4ce2f224 (patch)
tree	7af066d89eac7592fa88f8ecbdbf96377bf929c8 /src/lib/x509/x509path.cpp
parent	726e54725110bc7ef2bf115731074dd11bd229ec (diff)