diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2020-10-26 12:01:02 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2020-10-26 12:01:02 +0000 |
| commit | aceda6992e373b4f41cddbc158c3d9d470be8973 (patch) | |
| tree | 9df9996ed60f29af479d5c34bb767ba0d21d7f31 /lib | |
| parent | 3233fd3e6542d63e88e8619c599384695d042160 (diff) | |
Add a safety net to ensure that we set an error on the store context.
Suggested by and discussed with beck
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libcrypto/x509/x509_verify.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/libcrypto/x509/x509_verify.c b/lib/libcrypto/x509/x509_verify.c index 74316cb9411..124d4ba34ee 100644 --- a/lib/libcrypto/x509/x509_verify.c +++ b/lib/libcrypto/x509/x509_verify.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_verify.c,v 1.15 2020/10/26 11:59:16 tb Exp $ */ +/* $OpenBSD: x509_verify.c,v 1.16 2020/10/26 12:01:01 tb Exp $ */ /* * Copyright (c) 2020 Bob Beck <beck@openbsd.org> * @@ -932,6 +932,8 @@ x509_verify(struct x509_verify_ctx *ctx, X509 *leaf, char *name) return (ctx->chains_count); err: + if (ctx->error == X509_V_OK) + ctx->error = X509_V_ERR_UNSPECIFIED; if (ctx->xsc != NULL) ctx->xsc->error = ctx->error; return 0; |