[openssl/openssl] 3bd976: Fix strict client chain check with TLS-1.3
Tomas Mraz
noreply at reply.github.openssl.org
Fri Jun 3 13:52:26 UTC 2022
Branch: refs/heads/OpenSSL_1_1_1-stable
Home: https://github.openssl.org/openssl/openssl
Commit: 3bd976551e549c030bdbd150c7aa8a1980cb00fe
https://github.openssl.org/openssl/openssl/commit/3bd976551e549c030bdbd150c7aa8a1980cb00fe
Author: Tomas Mraz <tomas at openssl.org>
Date: 2022-06-03 (Fri, 03 Jun 2022)
Changed paths:
M ssl/t1_lib.c
Log Message:
-----------
Fix strict client chain check with TLS-1.3
When TLS-1.3 is used and the server does not send any CA names
the ca_dn will be NULL. sk_X509_NAME_num() returns -1 on null
argument.
Reviewed-by: Todd Short <todd.short at me.com>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17986)
(cherry picked from commit 89dd85430770d39cbfb15eb586c921958ca7687f)
More information about the openssl-commits
mailing list