From e19f76c0058c79feaa9abea5dd0729032c56cb53 Mon Sep 17 00:00:00 2001 From: beck Date: Tue, 28 Jun 2022 16:05:42 +0000 Subject: [PATCH] Take away bogus error assignment before callback call. Keep the depth which was needed. This went an error too far, and broke openssl-ruby's callback and error code sensitivity in it's tests. With this removed, both my newly committed regress to verify the same error codes and depths in the callback, and openssl-ruby's tests pass again. ok tb@ --- lib/libcrypto/x509/x509_verify.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/libcrypto/x509/x509_verify.c b/lib/libcrypto/x509/x509_verify.c index aa14bc1933b..a9c54e664f7 100644 --- a/lib/libcrypto/x509/x509_verify.c +++ b/lib/libcrypto/x509/x509_verify.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_verify.c,v 1.58 2022/06/28 07:56:34 beck Exp $ */ +/* $OpenBSD: x509_verify.c,v 1.59 2022/06/28 16:05:42 beck Exp $ */ /* * Copyright (c) 2020-2021 Bob Beck * @@ -1193,7 +1193,6 @@ x509_verify(struct x509_verify_ctx *ctx, X509 *leaf, char *name) * on failure and will be needed for * that. */ - ctx->xsc->error = ctx->error; ctx->xsc->error_depth = ctx->error_depth; if (!x509_verify_ctx_save_xsc_error(ctx)) { x509_verify_chain_free(current_chain); -- 2.20.1