Add a safety net to ensure that we set an error on the store context.

Suggested by and discussed with beck
author: tb <> 2020-10-26 12:01:01 +0000
committer: tb <> 2020-10-26 12:01:01 +0000
commit: b6e3a98ca0466885963f0d6f9e70e869262a5f56 (patch)
tree: bd0ad62ec5fb3aebc53bd19ebed57d3b32a4da59
parent: acc40c0c32e41953f34429d329083e63e46ac95c (diff)
download: openbsd-b6e3a98ca0466885963f0d6f9e70e869262a5f56.tar.gz
openbsd-b6e3a98ca0466885963f0d6f9e70e869262a5f56.tar.bz2
openbsd-b6e3a98ca0466885963f0d6f9e70e869262a5f56.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/src/lib/libcrypto/x509/x509_verify.c b/src/lib/libcrypto/x509/x509_verify.c
index 74316cb941..124d4ba34e 100644
--- a/src/lib/libcrypto/x509/x509_verify.c
+++ b/src/lib/libcrypto/x509/x509_verify.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_verify.c,v 1.15 2020/10/26 11:59:16 tb Exp $ */
+/* $OpenBSD: x509_verify.c,v 1.16 2020/10/26 12:01:01 tb Exp $ */
 /*
 * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
 *
@@ -932,6 +932,8 @@ x509_verify(struct x509_verify_ctx *ctx, X509 *leaf, char *name)
        return (ctx->chains_count);
 err:
+        if (ctx->error == X509_V_OK)
+                ctx->error = X509_V_ERR_UNSPECIFIED;
        if (ctx->xsc != NULL)
                ctx->xsc->error = ctx->error;
        return 0;
author	tb <>	2020-10-26 12:01:01 +0000
committer	tb <>	2020-10-26 12:01:01 +0000
commit	b6e3a98ca0466885963f0d6f9e70e869262a5f56 (patch)
tree	bd0ad62ec5fb3aebc53bd19ebed57d3b32a4da59
parent	acc40c0c32e41953f34429d329083e63e46ac95c (diff)
download	openbsd-b6e3a98ca0466885963f0d6f9e70e869262a5f56.tar.gz openbsd-b6e3a98ca0466885963f0d6f9e70e869262a5f56.tar.bz2 openbsd-b6e3a98ca0466885963f0d6f9e70e869262a5f56.zip