[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Matt Caswell
matt at openssl.org
Fri Aug 18 09:03:51 UTC 2017
The branch OpenSSL_1_0_2-stable has been updated
via f36fedcc764bdcadef30fe214f51b18a17f3f08c (commit)
from 3281f1eb65008c3c6176418f6c6f83b29d1e8482 (commit)
- Log -----------------------------------------------------------------
commit f36fedcc764bdcadef30fe214f51b18a17f3f08c
Author: David von Oheimb <David.von.Oheimb at siemens.com>
Date: Thu Aug 17 21:45:06 2017 +0200
Fix OCSP_basic_verify() cert chain construction in case bs->certs is NULL (backport)
Reviewed-by: Rich Salz <rsalz at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4183)
-----------------------------------------------------------------------
Summary of changes:
crypto/ocsp/ocsp_vfy.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/crypto/ocsp/ocsp_vfy.c b/crypto/ocsp/ocsp_vfy.c
index d4a257c..7a7d060 100644
--- a/crypto/ocsp/ocsp_vfy.c
+++ b/crypto/ocsp/ocsp_vfy.c
@@ -118,6 +118,8 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
goto end;
}
}
+ } else if (certs != NULL) {
+ untrusted = certs;
} else {
untrusted = bs->certs;
}
More information about the openssl-commits
mailing list