diff options
| author | tedu <> | 2014-07-09 19:08:10 +0000 |
|---|---|---|
| committer | tedu <> | 2014-07-09 19:08:10 +0000 |
| commit | 11a127ccc73e8028c49fcc091006c04dd20830ff (patch) | |
| tree | f3911ecf54007d6e34b55ab97bf3bb62b1210a7a | |
| parent | 4ad21b851b73c49f8a20a8b6bf3c423280cbcff4 (diff) | |
| download | openbsd-11a127ccc73e8028c49fcc091006c04dd20830ff.tar.gz openbsd-11a127ccc73e8028c49fcc091006c04dd20830ff.tar.bz2 openbsd-11a127ccc73e8028c49fcc091006c04dd20830ff.zip | |
ocsp_check_ids says "If algoritm mismatch let caller deal with it" before
returning 2. The one and only caller doesn't check for that, so...
Stop returning it.
ok miod
| -rw-r--r-- | src/lib/libcrypto/ocsp/ocsp_vfy.c | 7 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/ocsp/ocsp_vfy.c | 7 |
2 files changed, 2 insertions, 12 deletions
diff --git a/src/lib/libcrypto/ocsp/ocsp_vfy.c b/src/lib/libcrypto/ocsp/ocsp_vfy.c index 3d67f75460..b62394b765 100644 --- a/src/lib/libcrypto/ocsp/ocsp_vfy.c +++ b/src/lib/libcrypto/ocsp/ocsp_vfy.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ocsp_vfy.c,v 1.11 2014/06/12 15:49:30 deraadt Exp $ */ | 1 | /* $OpenBSD: ocsp_vfy.c,v 1.12 2014/07/09 19:08:10 tedu Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| @@ -283,11 +283,6 @@ ocsp_check_ids(STACK_OF(OCSP_SINGLERESP) *sresp, OCSP_CERTID **ret) | |||
| 283 | tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId; | 283 | tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId; |
| 284 | /* Check to see if IDs match */ | 284 | /* Check to see if IDs match */ |
| 285 | if (OCSP_id_issuer_cmp(cid, tmpid)) { | 285 | if (OCSP_id_issuer_cmp(cid, tmpid)) { |
| 286 | /* If algoritm mismatch let caller deal with it */ | ||
| 287 | if (OBJ_cmp(tmpid->hashAlgorithm->algorithm, | ||
| 288 | cid->hashAlgorithm->algorithm)) | ||
| 289 | return 2; | ||
| 290 | /* Else mismatch */ | ||
| 291 | return 0; | 286 | return 0; |
| 292 | } | 287 | } |
| 293 | } | 288 | } |
diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_vfy.c b/src/lib/libssl/src/crypto/ocsp/ocsp_vfy.c index 3d67f75460..b62394b765 100644 --- a/src/lib/libssl/src/crypto/ocsp/ocsp_vfy.c +++ b/src/lib/libssl/src/crypto/ocsp/ocsp_vfy.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ocsp_vfy.c,v 1.11 2014/06/12 15:49:30 deraadt Exp $ */ | 1 | /* $OpenBSD: ocsp_vfy.c,v 1.12 2014/07/09 19:08:10 tedu Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| @@ -283,11 +283,6 @@ ocsp_check_ids(STACK_OF(OCSP_SINGLERESP) *sresp, OCSP_CERTID **ret) | |||
| 283 | tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId; | 283 | tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId; |
| 284 | /* Check to see if IDs match */ | 284 | /* Check to see if IDs match */ |
| 285 | if (OCSP_id_issuer_cmp(cid, tmpid)) { | 285 | if (OCSP_id_issuer_cmp(cid, tmpid)) { |
| 286 | /* If algoritm mismatch let caller deal with it */ | ||
| 287 | if (OBJ_cmp(tmpid->hashAlgorithm->algorithm, | ||
| 288 | cid->hashAlgorithm->algorithm)) | ||
| 289 | return 2; | ||
| 290 | /* Else mismatch */ | ||
| 291 | return 0; | 286 | return 0; |
| 292 | } | 287 | } |
| 293 | } | 288 | } |