mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-29 02:38:22 -05:00
HTTP: Fix OCSP error path
If addition of a peer issuer certificate fails, the certs pointer would be NULL when being passed to sk_X509_push() for peer issuer's issuer. Fix this by skipping addition of issuer's issue if issuer addition fails. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
946572ca0e
commit
bd7bb43784
@ -1098,7 +1098,7 @@ static int ocsp_resp_cb(SSL *s, void *arg)
|
|||||||
sk_X509_free(certs);
|
sk_X509_free(certs);
|
||||||
certs = NULL;
|
certs = NULL;
|
||||||
}
|
}
|
||||||
if (ctx->peer_issuer_issuer) {
|
if (certs && ctx->peer_issuer_issuer) {
|
||||||
cert = X509_dup(ctx->peer_issuer_issuer);
|
cert = X509_dup(ctx->peer_issuer_issuer);
|
||||||
if (cert && !sk_X509_push(certs, cert)) {
|
if (cert && !sk_X509_push(certs, cert)) {
|
||||||
tls_show_errors(
|
tls_show_errors(
|
||||||
|
Loading…
Reference in New Issue
Block a user