diff options
| author | jsing <> | 2017-01-03 17:13:41 +0000 | 
|---|---|---|
| committer | jsing <> | 2017-01-03 17:13:41 +0000 | 
| commit | b59839434159ffaa35ce2539d3fab2739552ca00 (patch) | |
| tree | 5a3e601f0663f578d8b7766ab16ca3035c1e5b14 /src/lib/libcrypto/ui/ui_openssl.c | |
| parent | e47446ff8e2ca4a3801a798b0f2307bdf1dcd6a8 (diff) | |
| download | openbsd-b59839434159ffaa35ce2539d3fab2739552ca00.tar.gz openbsd-b59839434159ffaa35ce2539d3fab2739552ca00.tar.bz2 openbsd-b59839434159ffaa35ce2539d3fab2739552ca00.zip | |
Revert previous - the original code was correct since X509_verify_cert()
should not have changed the X509_STORE_CTX error value on success and it
was initialised to X509_V_OK by X509_STORE_CTX_init(). Other software also
depends on this behaviour.
Previously X509_verify_cert() was mishandling the X509_STORE_CTX error
value when validating alternate chains. This has been fixed and further
changes now explicitly ensure that the error value will be set to X509_V_OK
if X509_verify_cert() returns success.
Diffstat (limited to 'src/lib/libcrypto/ui/ui_openssl.c')
0 files changed, 0 insertions, 0 deletions
