summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509/x509_vfy.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/x509/x509_vfy.c')
-rw-r--r--src/lib/libcrypto/x509/x509_vfy.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c
index 552d1e7251..2bb21b443e 100644
--- a/src/lib/libcrypto/x509/x509_vfy.c
+++ b/src/lib/libcrypto/x509/x509_vfy.c
@@ -453,9 +453,9 @@ static int check_revocation(X509_STORE_CTX *ctx)
453 if (!(ctx->flags & X509_V_FLAG_CRL_CHECK)) 453 if (!(ctx->flags & X509_V_FLAG_CRL_CHECK))
454 return 1; 454 return 1;
455 if (ctx->flags & X509_V_FLAG_CRL_CHECK_ALL) 455 if (ctx->flags & X509_V_FLAG_CRL_CHECK_ALL)
456 last = 0;
457 else
458 last = sk_X509_num(ctx->chain) - 1; 456 last = sk_X509_num(ctx->chain) - 1;
457 else
458 last = 0;
459 for(i = 0; i <= last; i++) 459 for(i = 0; i <= last; i++)
460 { 460 {
461 ctx->error_depth = i; 461 ctx->error_depth = i;
@@ -674,7 +674,7 @@ static int internal_verify(X509_STORE_CTX *ctx)
674 ok=(*cb)(0,ctx); 674 ok=(*cb)(0,ctx);
675 if (!ok) goto end; 675 if (!ok) goto end;
676 } 676 }
677 if (X509_verify(xs,pkey) <= 0) 677 else if (X509_verify(xs,pkey) <= 0)
678 /* XXX For the final trusted self-signed cert, 678 /* XXX For the final trusted self-signed cert,
679 * this is a waste of time. That check should 679 * this is a waste of time. That check should
680 * optional so that e.g. 'openssl x509' can be 680 * optional so that e.g. 'openssl x509' can be
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-15 10:44:53 +0000