[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Sat Jul 2 19:34:01 UTC 2016
The branch master has been updated
via 9d6daf99c286d260e50278f63ddb7d164462256e (commit)
from 3426de2262caee3283b88c40308b99009182fcd1 (commit)
- Log -----------------------------------------------------------------
commit 9d6daf99c286d260e50278f63ddb7d164462256e
Author: Andreas Karlsson <andreas at proxel.se>
Date: Sat Jul 2 01:19:39 2016 +0200
Fix broken loading of client CAs
The SSL_load_client_CA_file() failed to load any CAs due to an
inccorrect assumption about the return value of lh_*_insert(). The
return value when inserting into a hash is the old value of the key.
The bug was introduced in 3c82e437bb3af822ea13cd5a24bab0745c556246.
Reviewed-by: Kurt Roeckx <kurt at openssl.org>
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1279)
-----------------------------------------------------------------------
Summary of changes:
ssl/ssl_cert.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index c6e2d09..2a07ee6 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -605,8 +605,7 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file)
X509_NAME_free(xn);
xn = NULL;
} else {
- if (!lh_X509_NAME_insert(name_hash, xn))
- goto err;
+ lh_X509_NAME_insert(name_hash, xn);
if (!sk_X509_NAME_push(ret, xn))
goto err;
}
More information about the openssl-commits
mailing list