[openssl] master update
dev at ddvo.net
dev at ddvo.net
Thu Feb 18 10:22:51 UTC 2021
The branch master has been updated
via 0b3139e815d3d14c4d7506488add6e02a2b682ec (commit)
from ba37b82045b1b2fbcbf7580b317de5e3b52c8035 (commit)
- Log -----------------------------------------------------------------
commit 0b3139e815d3d14c4d7506488add6e02a2b682ec
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date: Thu Feb 11 21:07:14 2021 +0100
chain_build(): Call verify_cb_cert() if a preliminary error has become final
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14157)
-----------------------------------------------------------------------
Summary of changes:
crypto/x509/x509_vfy.c | 17 ++++++++++++-----
1 file changed, 12 insertions(+), 5 deletions(-)
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index d5c09d28f4..83dddeeb3d 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -352,7 +352,7 @@ static int check_issued(ossl_unused X509_STORE_CTX *ctx, X509 *x, X509 *issuer)
*/
if (err != X509_V_ERR_SUBJECT_ISSUER_MISMATCH)
ctx->error = err;
- return 0; /* Better call verify_cb_cert(ctx, x, ctx->error_depth, err) ? */
+ return 0;
}
/*
@@ -3282,10 +3282,17 @@ static int build_chain(X509_STORE_CTX *ctx)
return 0;
case X509_TRUST_UNTRUSTED:
default:
- if (ctx->error != X509_V_OK)
- /* Callback already issued in most such cases */
- return 0;
- num = sk_X509_num(ctx->chain);
+ switch(ctx->error) {
+ case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+ case X509_V_ERR_CERT_NOT_YET_VALID:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+ case X509_V_ERR_CERT_HAS_EXPIRED:
+ return 0; /* Callback already issued by x509_check_cert_time() */
+ default: /* A preliminary error has become final */
+ return verify_cb_cert(ctx, NULL, num - 1, ctx->error);
+ case X509_V_OK:
+ break;
+ }
CB_FAIL_IF(num > depth,
ctx, NULL, num - 1, X509_V_ERR_CERT_CHAIN_TOO_LONG);
CB_FAIL_IF(DANETLS_ENABLED(dane)
More information about the openssl-commits
mailing list