From 3d1291ca74816105f206c083aa4f450ebb402fe6 Mon Sep 17 00:00:00 2001
From: beck <>
Date: Sat, 9 Jan 2021 03:01:03 +0000
Subject: Bail out early after finding an single chain if we are have been
 called from x509_vfy and have an xsc. There's no point in finding more chains
 since that API can not return them, and all we do is trigger buggy callbacks
 in calling software.

ok jsing@
---
 src/lib/libcrypto/x509/x509_verify.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'src/lib')

diff --git a/src/lib/libcrypto/x509/x509_verify.c b/src/lib/libcrypto/x509/x509_verify.c
index b19b5373c5..d343706ea1 100644
--- a/src/lib/libcrypto/x509/x509_verify.c
+++ b/src/lib/libcrypto/x509/x509_verify.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_verify.c,v 1.28 2021/01/08 03:23:56 beck Exp $ */
+/* $OpenBSD: x509_verify.c,v 1.29 2021/01/09 03:01:03 beck Exp $ */
 /*
  * Copyright (c) 2020-2021 Bob Beck <beck@openbsd.org>
  *
@@ -470,6 +470,14 @@ x509_verify_build_chains(struct x509_verify_ctx *ctx, X509 *cert,
 	X509 *candidate;
 	int i, depth, count, ret;
 
+	/*
+	 * If we are finding chains with an xsc, just stop after we have
+	 * one chain, there's no point in finding more, it just exercises
+	 * the potentially buggy callback processing in the calling software.
+	 */
+	if (ctx->xsc != NULL && ctx->chains_count > 0)
+		return;
+
 	depth = sk_X509_num(current_chain->certs);
 	if (depth > 0)
 		depth--;
-- 
cgit v1.2.3-55-g6feb