artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 40d1347) | patch
Check for X509_get_ext_d2i() failure
authortb <tb@openbsd.org>
Thu, 1 Jun 2023 07:29:15 +0000 (07:29 +0000)
committertb <tb@openbsd.org>
Thu, 1 Jun 2023 07:29:15 +0000 (07:29 +0000)
commitc25290f5d726ab77ee4cb0e52dcfaced44a2b795
tree96f398052a300b6709bb67fea5393de1b821a88ctree | snapshot
parent40d1347d0a5d08ba3c6fc8c4d67873541e164d3dcommit | diff
Check for X509_get_ext_d2i() failure

X509_get_ext_d2i() (or rather X509V3_get_d2i()) can return NULL for
various reasons. If it fails because the extension wasn't found, it
sets *crit = -1. In any other case, e.g., the cert is bad or we ran
out of memory in X509V3_EXT_d2i(), crit is set to something else, so
we should actually error.

ok jsing
lib/libtls/tls_verify.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim