OpenSSL: Fix uninitialized variable in CRL reloading corner case

The flags variable needs to be initialized to 0 if check_crl is 0 in
the updated configuration.

Fixes: 159a7fbdeafe ("crl_reload_interval: Add CRL reloading support")
Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index d8422d25d2b411158f67552985d106994e61d173..18d76737e78a1c96319215eaf1bdcfc217510e65 100644 (file)
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -329,8 +329,7 @@ static X509_STORE * tls_crl_cert_reload(const char *ca_cert, int check_crl)
                return NULL;
        }
 
-       if (check_crl)
-               flags = X509_V_FLAG_CRL_CHECK;
+       flags = check_crl ? X509_V_FLAG_CRL_CHECK : 0;
        if (check_crl == 2)
                flags |= X509_V_FLAG_CRL_CHECK_ALL;