From eed67cf0e7f6cbe596495c2f83aeea7c15db0d6e Mon Sep 17 00:00:00 2001
From: Selva Nair <selva.nair@gmail.com>
Date: Fri, 26 Jul 2019 23:12:21 -0400
Subject: [PATCH] Correct the return value of cryptoapi RSA signature callbacks

Fixes the wrong check on siglen instead of *siglen for
signing failures.

Bug reported by: lilulo <lilulo@gmail.com>

Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <1564197141-30513-1-git-send-email-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg18708.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---
 src/openvpn/cryptoapi.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/openvpn/cryptoapi.c b/src/openvpn/cryptoapi.c
index 720fce096..35a9ebc47 100644
--- a/src/openvpn/cryptoapi.c
+++ b/src/openvpn/cryptoapi.c
@@ -393,7 +393,7 @@ rsa_sign_CNG(int type, const unsigned char *m, unsigned int m_len,
     }
 
     *siglen = priv_enc_CNG(cd, alg, m, (int)m_len, sig, RSA_size(rsa), padding);
-    return (siglen == 0) ? 0 : 1;
+    return (*siglen == 0) ? 0 : 1;
 }
 
 /* decrypt */
-- 
2.47.3