]> git.ipfire.org Git - thirdparty/hostap.git/commitdiff
projects / thirdparty / hostap.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: bd7bb43)
OpenSSL: Fix OCSP error path
authorJouni Malinen <jouni@qca.qualcomm.com>
Thu, 19 Feb 2015 11:32:05 +0000 (13:32 +0200)
committerJouni Malinen <j@w1.fi>
Thu, 19 Feb 2015 11:32:05 +0000 (13:32 +0200)
If addition of a peer issuer certificate fails, the certs pointer would
be NULL when being passed to sk_X509_push() for peer issuer's issuer.
Fix this by skipping addition of issuer's issue if issuer addition
fails.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
src/crypto/tls_openssl.c patch | blob | blame | history

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index d8c8c56b50958b54e9ab8592d910af72825a4c27..a4c71dc06880403b3352210f38fbf7669fc7c135 100644 (file)
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -3167,7 +3167,7 @@ static int ocsp_resp_cb(SSL *s, void *arg)
                                sk_X509_free(certs);
                                certs = NULL;
                        }
-                       if (conn->peer_issuer_issuer) {
+                       if (certs && conn->peer_issuer_issuer) {
                                cert = X509_dup(conn->peer_issuer_issuer);
                                if (cert && !sk_X509_push(certs, cert)) {
                                        tls_show_errors(
Unnamed repository; edit this file 'description' to name the repository.