diff options
| author | markus <> | 2003-09-30 15:19:38 +0000 |
|---|---|---|
| committer | markus <> | 2003-09-30 15:19:38 +0000 |
| commit | 5e59d119ef27ac38b6179a37b15c3e59d463b3e3 (patch) | |
| tree | fb8eb71906e1bcebd219cf7843af3d4d8a6a2d19 /src/lib/libcrypto/x509 | |
| parent | 46d14e519df20470f3dae87cf64e3c915b35b03d (diff) | |
| download | openbsd-5e59d119ef27ac38b6179a37b15c3e59d463b3e3.tar.gz openbsd-5e59d119ef27ac38b6179a37b15c3e59d463b3e3.tar.bz2 openbsd-5e59d119ef27ac38b6179a37b15c3e59d463b3e3.zip | |
security fix from http://www.openssl.org/news/secadv_20030930.txt
see also http://cvs.openssl.org/chngview?cn=11471
Diffstat (limited to 'src/lib/libcrypto/x509')
| -rw-r--r-- | src/lib/libcrypto/x509/x509_vfy.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c index 552d1e7251..04997ba456 100644 --- a/src/lib/libcrypto/x509/x509_vfy.c +++ b/src/lib/libcrypto/x509/x509_vfy.c | |||
| @@ -674,7 +674,7 @@ static int internal_verify(X509_STORE_CTX *ctx) | |||
| 674 | ok=(*cb)(0,ctx); | 674 | ok=(*cb)(0,ctx); |
| 675 | if (!ok) goto end; | 675 | if (!ok) goto end; |
| 676 | } | 676 | } |
| 677 | if (X509_verify(xs,pkey) <= 0) | 677 | else if (X509_verify(xs,pkey) <= 0) |
| 678 | /* XXX For the final trusted self-signed cert, | 678 | /* XXX For the final trusted self-signed cert, |
| 679 | * this is a waste of time. That check should | 679 | * this is a waste of time. That check should |
| 680 | * optional so that e.g. 'openssl x509' can be | 680 | * optional so that e.g. 'openssl x509' can be |