diff options
| author | tb <> | 2020-10-26 11:56:36 +0000 |
|---|---|---|
| committer | tb <> | 2020-10-26 11:56:36 +0000 |
| commit | f61b97d9dd62e878e271aa54b64879e8942a182f (patch) | |
| tree | 8c4933b75402fc7ae535a3a576fae02d4dcd88d6 | |
| parent | d3ea9013dad42cd8c8569e9a061e851b2f3b757e (diff) | |
| download | openbsd-f61b97d9dd62e878e271aa54b64879e8942a182f.tar.gz openbsd-f61b97d9dd62e878e271aa54b64879e8942a182f.tar.bz2 openbsd-f61b97d9dd62e878e271aa54b64879e8942a182f.zip | |
Make sure that x509_vfy_check_id() failure also sets ctx->error, not only
ctx->xsc->error. Will be needed in an upcoming diff.
from beck
| -rw-r--r-- | src/lib/libcrypto/x509/x509_verify.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/src/lib/libcrypto/x509/x509_verify.c b/src/lib/libcrypto/x509/x509_verify.c index 0c32cd04b7..fdde098df7 100644 --- a/src/lib/libcrypto/x509/x509_verify.c +++ b/src/lib/libcrypto/x509/x509_verify.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x509_verify.c,v 1.13 2020/09/26 15:44:06 jsing Exp $ */ | 1 | /* $OpenBSD: x509_verify.c,v 1.14 2020/10/26 11:56:36 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> | 3 | * Copyright (c) 2020 Bob Beck <beck@openbsd.org> |
| 4 | * | 4 | * |
| @@ -458,8 +458,13 @@ x509_verify_cert_hostname(struct x509_verify_ctx *ctx, X509 *cert, char *name) | |||
| 458 | size_t len; | 458 | size_t len; |
| 459 | 459 | ||
| 460 | if (name == NULL) { | 460 | if (name == NULL) { |
| 461 | if (ctx->xsc != NULL) | 461 | if (ctx->xsc != NULL) { |
| 462 | return x509_vfy_check_id(ctx->xsc); | 462 | int ret; |
| 463 | |||
| 464 | if ((ret = x509_vfy_check_id(ctx->xsc)) == 0) | ||
| 465 | ctx->error = ctx->xsc->error; | ||
| 466 | return ret; | ||
| 467 | } | ||
| 463 | return 1; | 468 | return 1; |
| 464 | } | 469 | } |
| 465 | if ((candidate = strdup(name)) == NULL) { | 470 | if ((candidate = strdup(name)) == NULL) { |