From 4383d44ca79eba8836d9f92c612c44ba8aeb87bd Mon Sep 17 00:00:00 2001
From: markus <>
Date: Thu, 14 Feb 2013 15:11:44 +0000
Subject: cherry pick bugfixes for
 http://www.openssl.org/news/secadv_20130205.txt from the openssl git (changes
 between openssl 1.0.1c and 1.0.1d). ok djm@

---
 src/lib/libcrypto/ocsp/ocsp_vfy.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

(limited to 'src/lib/libcrypto/ocsp')

diff --git a/src/lib/libcrypto/ocsp/ocsp_vfy.c b/src/lib/libcrypto/ocsp/ocsp_vfy.c
index 415d67e61c..91a45c9133 100644
--- a/src/lib/libcrypto/ocsp/ocsp_vfy.c
+++ b/src/lib/libcrypto/ocsp/ocsp_vfy.c
@@ -91,9 +91,12 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
 		{
 		EVP_PKEY *skey;
 		skey = X509_get_pubkey(signer);
-		ret = OCSP_BASICRESP_verify(bs, skey, 0);
-		EVP_PKEY_free(skey);
-		if(ret <= 0)
+		if (skey)
+			{
+			ret = OCSP_BASICRESP_verify(bs, skey, 0);
+			EVP_PKEY_free(skey);
+			}
+		if(!skey || ret <= 0)
 			{
 			OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, OCSP_R_SIGNATURE_FAILURE);
 			goto end;
-- 
cgit v1.2.3-55-g6feb