ssl_check_srvr_ecc_cert_and_alg() only returns 0/1 - test accordingly.

author jsing <jsing@openbsd.org>

Sun, 9 Jan 2022 15:55:37 +0000 (15:55 +0000)

committer jsing <jsing@openbsd.org>

Sun, 9 Jan 2022 15:55:37 +0000 (15:55 +0000)
author jsing <jsing@openbsd.org>
Sun, 9 Jan 2022 15:55:37 +0000 (15:55 +0000)
committer jsing <jsing@openbsd.org>
Sun, 9 Jan 2022 15:55:37 +0000 (15:55 +0000)
diff --git a/lib/libssl/ssl_clnt.c b/lib/libssl/ssl_clnt.c

index c031b70..19d8365 100644 (file)
--- a/lib/libssl/ssl_clnt.c
+++ b/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.133 2022/01/09 15:53:52 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.134 2022/01/09 15:55:37 jsing Exp $ */
  /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
   * All rights reserved.
   *
@@ -2456,8 +2456,8 @@ ssl3_check_cert_and_algorithm(SSL *s)
  
         idx = s->session->peer_cert_type;
         if (idx == SSL_PKEY_ECC) {
-               if (ssl_check_srvr_ecc_cert_and_alg(s,
-                   s->session->peer_pkeys[idx].x509) == 0) {
+               if (!ssl_check_srvr_ecc_cert_and_alg(s,
+                   s->session->peer_pkeys[idx].x509)) {
                         /* check failed */
                         SSLerror(s, SSL_R_BAD_ECC_CERT);
                         goto fatal_err;
author	jsing <jsing@openbsd.org>
	Sun, 9 Jan 2022 15:55:37 +0000 (15:55 +0000)
committer	jsing <jsing@openbsd.org>
	Sun, 9 Jan 2022 15:55:37 +0000 (15:55 +0000)