Check value returned by X509_OBJECT_new()
Reported by Alexander Couzens, thanks to him !
This commit is contained in:
parent
e452c023ad
commit
2e81cca480
|
@ -1374,7 +1374,9 @@ static int bip_ssl_verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
|
|||
err == X509_V_ERR_CERT_HAS_EXPIRED ||
|
||||
err == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN)) {
|
||||
|
||||
xobj = X509_OBJECT_new();
|
||||
if (!(xobj = X509_OBJECT_new())) {
|
||||
result = 0;
|
||||
} else {
|
||||
if (X509_STORE_CTX_get_by_subject(ctx, X509_LU_X509,
|
||||
X509_get_subject_name(err_cert), xobj) > 0 &&
|
||||
!X509_cmp(X509_OBJECT_get0_X509(xobj), err_cert)) {
|
||||
|
@ -1399,6 +1401,7 @@ static int bip_ssl_verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
|
|||
}
|
||||
X509_OBJECT_free(xobj);
|
||||
}
|
||||
}
|
||||
|
||||
if (!result) {
|
||||
/* We have a verify error! Log it */
|
||||
|
|
Loading…
Reference in New Issue