diff options
| author | tedu <> | 2014-07-09 19:08:10 +0000 |
|---|---|---|
| committer | tedu <> | 2014-07-09 19:08:10 +0000 |
| commit | 11a127ccc73e8028c49fcc091006c04dd20830ff (patch) | |
| tree | f3911ecf54007d6e34b55ab97bf3bb62b1210a7a /src | |
| parent | 4ad21b851b73c49f8a20a8b6bf3c423280cbcff4 (diff) | |
| download | openbsd-11a127ccc73e8028c49fcc091006c04dd20830ff.tar.gz openbsd-11a127ccc73e8028c49fcc091006c04dd20830ff.tar.bz2 openbsd-11a127ccc73e8028c49fcc091006c04dd20830ff.zip | |
ocsp_check_ids says "If algoritm mismatch let caller deal with it" before
returning 2. The one and only caller doesn't check for that, so...
Stop returning it.
ok miod
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/ocsp/ocsp_vfy.c | 7 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/ocsp/ocsp_vfy.c | 7 |
2 files changed, 2 insertions, 12 deletions
diff --git a/src/lib/libcrypto/ocsp/ocsp_vfy.c b/src/lib/libcrypto/ocsp/ocsp_vfy.c index 3d67f75460..b62394b765 100644 --- a/src/lib/libcrypto/ocsp/ocsp_vfy.c +++ b/src/lib/libcrypto/ocsp/ocsp_vfy.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ocsp_vfy.c,v 1.11 2014/06/12 15:49:30 deraadt Exp $ */ | 1 | /* $OpenBSD: ocsp_vfy.c,v 1.12 2014/07/09 19:08:10 tedu Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| @@ -283,11 +283,6 @@ ocsp_check_ids(STACK_OF(OCSP_SINGLERESP) *sresp, OCSP_CERTID **ret) | |||
| 283 | tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId; | 283 | tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId; |
| 284 | /* Check to see if IDs match */ | 284 | /* Check to see if IDs match */ |
| 285 | if (OCSP_id_issuer_cmp(cid, tmpid)) { | 285 | if (OCSP_id_issuer_cmp(cid, tmpid)) { |
| 286 | /* If algoritm mismatch let caller deal with it */ | ||
| 287 | if (OBJ_cmp(tmpid->hashAlgorithm->algorithm, | ||
| 288 | cid->hashAlgorithm->algorithm)) | ||
| 289 | return 2; | ||
| 290 | /* Else mismatch */ | ||
| 291 | return 0; | 286 | return 0; |
| 292 | } | 287 | } |
| 293 | } | 288 | } |
diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_vfy.c b/src/lib/libssl/src/crypto/ocsp/ocsp_vfy.c index 3d67f75460..b62394b765 100644 --- a/src/lib/libssl/src/crypto/ocsp/ocsp_vfy.c +++ b/src/lib/libssl/src/crypto/ocsp/ocsp_vfy.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ocsp_vfy.c,v 1.11 2014/06/12 15:49:30 deraadt Exp $ */ | 1 | /* $OpenBSD: ocsp_vfy.c,v 1.12 2014/07/09 19:08:10 tedu Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| @@ -283,11 +283,6 @@ ocsp_check_ids(STACK_OF(OCSP_SINGLERESP) *sresp, OCSP_CERTID **ret) | |||
| 283 | tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId; | 283 | tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId; |
| 284 | /* Check to see if IDs match */ | 284 | /* Check to see if IDs match */ |
| 285 | if (OCSP_id_issuer_cmp(cid, tmpid)) { | 285 | if (OCSP_id_issuer_cmp(cid, tmpid)) { |
| 286 | /* If algoritm mismatch let caller deal with it */ | ||
| 287 | if (OBJ_cmp(tmpid->hashAlgorithm->algorithm, | ||
| 288 | cid->hashAlgorithm->algorithm)) | ||
| 289 | return 2; | ||
| 290 | /* Else mismatch */ | ||
| 291 | return 0; | 286 | return 0; |
| 292 | } | 287 | } |
| 293 | } | 288 | } |