diff options
| author | tb <> | 2022-06-29 21:16:30 +0000 |
|---|---|---|
| committer | tb <> | 2022-06-29 21:16:30 +0000 |
| commit | 8b16ea4ecb70d4182a4bcde733e1d64267f9c488 (patch) | |
| tree | 4689c0c2bcf4f4c654839e66a30bdc59492f881a | |
| parent | d609c8ec719b355164a9fd97465715761d05c0a4 (diff) | |
| download | openbsd-8b16ea4ecb70d4182a4bcde733e1d64267f9c488.tar.gz openbsd-8b16ea4ecb70d4182a4bcde733e1d64267f9c488.tar.bz2 openbsd-8b16ea4ecb70d4182a4bcde733e1d64267f9c488.zip | |
Add a security check to ssl_set_cert()
ok beck jsing
| -rw-r--r-- | src/lib/libssl/ssl_rsa.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl_rsa.c b/src/lib/libssl/ssl_rsa.c index 11edb6f76e..11296d3baa 100644 --- a/src/lib/libssl/ssl_rsa.c +++ b/src/lib/libssl/ssl_rsa.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_rsa.c,v 1.41 2022/06/29 21:13:34 tb Exp $ */ | 1 | /* $OpenBSD: ssl_rsa.c,v 1.42 2022/06/29 21:16:30 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -364,8 +364,14 @@ ssl_set_cert(SSL_CTX *ctx, SSL *ssl, X509 *x) | |||
| 364 | { | 364 | { |
| 365 | SSL_CERT *c; | 365 | SSL_CERT *c; |
| 366 | EVP_PKEY *pkey; | 366 | EVP_PKEY *pkey; |
| 367 | int ssl_err; | ||
| 367 | int i; | 368 | int i; |
| 368 | 369 | ||
| 370 | if (!ssl_security_cert(ctx, ssl, x, 1, &ssl_err)) { | ||
| 371 | SSLerrorx(ssl_err); | ||
| 372 | return (0); | ||
| 373 | } | ||
| 374 | |||
| 369 | if ((c = ssl_get0_cert(ctx, ssl)) == NULL) | 375 | if ((c = ssl_get0_cert(ctx, ssl)) == NULL) |
| 370 | return (0); | 376 | return (0); |
| 371 | 377 | ||