diff options
Diffstat (limited to 'src/lib/libssl/ssl_cert.c')
| -rw-r--r-- | src/lib/libssl/ssl_cert.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c index a711b5db5c..4c39925c60 100644 --- a/src/lib/libssl/ssl_cert.c +++ b/src/lib/libssl/ssl_cert.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_cert.c,v 1.85 2021/10/23 16:11:30 tb Exp $ */ | 1 | /* $OpenBSD: ssl_cert.c,v 1.86 2021/10/23 20:42:50 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -447,6 +447,15 @@ ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk) | |||
| 447 | ret = X509_verify_cert(ctx); | 447 | ret = X509_verify_cert(ctx); |
| 448 | 448 | ||
| 449 | s->verify_result = X509_STORE_CTX_get_error(ctx); | 449 | s->verify_result = X509_STORE_CTX_get_error(ctx); |
| 450 | sk_X509_pop_free(s->internal->verified_chain, X509_free); | ||
| 451 | s->internal->verified_chain = NULL; | ||
| 452 | if (X509_STORE_CTX_get0_chain(ctx) != NULL) { | ||
| 453 | s->internal->verified_chain = X509_STORE_CTX_get1_chain(ctx); | ||
| 454 | if (s->internal->verified_chain == NULL) { | ||
| 455 | SSLerrorx(ERR_R_MALLOC_FAILURE); | ||
| 456 | ret = 0; | ||
| 457 | } | ||
| 458 | } | ||
| 450 | 459 | ||
| 451 | err: | 460 | err: |
| 452 | X509_STORE_CTX_free(ctx); | 461 | X509_STORE_CTX_free(ctx); |