summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/libcrypto/x509/x509_verify.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/src/lib/libcrypto/x509/x509_verify.c b/src/lib/libcrypto/x509/x509_verify.c
index d3534879b8..5dcec27542 100644
--- a/src/lib/libcrypto/x509/x509_verify.c
+++ b/src/lib/libcrypto/x509/x509_verify.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_verify.c,v 1.70 2024/06/07 06:21:40 tb Exp $ */ 1/* $OpenBSD: x509_verify.c,v 1.71 2025/02/08 01:01:31 tb Exp $ */
2/* 2/*
3 * Copyright (c) 2020-2021 Bob Beck <beck@openbsd.org> 3 * Copyright (c) 2020-2021 Bob Beck <beck@openbsd.org>
4 * 4 *
@@ -539,8 +539,11 @@ x509_verify_parent_signature(X509 *parent, X509 *child, int *error)
539 int ret = 0; 539 int ret = 0;
540 540
541 /* Use cached value if we have it */ 541 /* Use cached value if we have it */
542 if ((cached = x509_issuer_cache_find(parent->hash, child->hash)) >= 0) 542 if ((cached = x509_issuer_cache_find(parent->hash, child->hash)) >= 0) {
543 if (cached == 0)
544 *error = X509_V_ERR_CERT_SIGNATURE_FAILURE;
543 return cached; 545 return cached;
546 }
544 547
545 /* Check signature. Did parent sign child? */ 548 /* Check signature. Did parent sign child? */
546 if ((pkey = X509_get_pubkey(parent)) == NULL) { 549 if ((pkey = X509_get_pubkey(parent)) == NULL) {
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-15 22:00:17 +0000