From 41349fd2bc320534964a958deb01e2edca10b131 Mon Sep 17 00:00:00 2001
From: Simon Butcher <simonb@redtangent.net>
Date: Sun, 7 Oct 2018 17:48:37 +0100
Subject: [PATCH] Fix CSR parsing header call

Change the secondary X509 CSR parsing call for the alternative MS header to only
occur if the first call fails due to the header being unfound, instead of any
call.
---
 library/x509_csr.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/library/x509_csr.c b/library/x509_csr.c
index 8afdf141b..87c179e3d 100644
--- a/library/x509_csr.c
+++ b/library/x509_csr.c
@@ -286,13 +286,14 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz
                                        "-----BEGIN CERTIFICATE REQUEST-----",
                                        "-----END CERTIFICATE REQUEST-----",
                                        buf, NULL, 0, &use_len );
-        if( ret != 0 )
+        if( ret == MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
         {
             ret = mbedtls_pem_read_buffer( &pem,
                                            "-----BEGIN NEW CERTIFICATE REQUEST-----",
                                            "-----END NEW CERTIFICATE REQUEST-----",
                                            buf, NULL, 0, &use_len );
         }
+
         if( ret == 0 )
         {
             /*