Add a safety net to ensure that we set an error on the store context.

Suggested by and discussed with beck
author: tb <> 2020-10-26 12:01:01 +0000
committer: tb <> 2020-10-26 12:01:01 +0000
commit: 7df3dd01de26ca0cd2d9564f78d3beea427d540a (patch)
tree: bd0ad62ec5fb3aebc53bd19ebed57d3b32a4da59 /src/lib
parent: 5035742c50e7ba71002226f107cc1ba6ae270c99 (diff)
download: openbsd-7df3dd01de26ca0cd2d9564f78d3beea427d540a.tar.gz
openbsd-7df3dd01de26ca0cd2d9564f78d3beea427d540a.tar.bz2
openbsd-7df3dd01de26ca0cd2d9564f78d3beea427d540a.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/src/lib/libcrypto/x509/x509_verify.c b/src/lib/libcrypto/x509/x509_verify.c
index 74316cb941..124d4ba34e 100644
--- a/src/lib/libcrypto/x509/x509_verify.c
+++ b/src/lib/libcrypto/x509/x509_verify.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_verify.c,v 1.15 2020/10/26 11:59:16 tb Exp $ */
+/* $OpenBSD: x509_verify.c,v 1.16 2020/10/26 12:01:01 tb Exp $ */
 /*
 * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
 *
@@ -932,6 +932,8 @@ x509_verify(struct x509_verify_ctx *ctx, X509 *leaf, char *name)
        return (ctx->chains_count);
 err:
+        if (ctx->error == X509_V_OK)
+                ctx->error = X509_V_ERR_UNSPECIFIED;
        if (ctx->xsc != NULL)
                ctx->xsc->error = ctx->error;
        return 0;
author	tb <>	2020-10-26 12:01:01 +0000
committer	tb <>	2020-10-26 12:01:01 +0000
commit	7df3dd01de26ca0cd2d9564f78d3beea427d540a (patch)
tree	bd0ad62ec5fb3aebc53bd19ebed57d3b32a4da59 /src/lib
parent	5035742c50e7ba71002226f107cc1ba6ae270c99 (diff)
download	openbsd-7df3dd01de26ca0cd2d9564f78d3beea427d540a.tar.gz openbsd-7df3dd01de26ca0cd2d9564f78d3beea427d540a.tar.bz2 openbsd-7df3dd01de26ca0cd2d9564f78d3beea427d540a.zip