[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

Matt Caswell Fri, 18 Aug 2017 02:04:36 -0700

The branch OpenSSL_1_0_2-stable has been updated
       via  f36fedcc764bdcadef30fe214f51b18a17f3f08c (commit)
      from  3281f1eb65008c3c6176418f6c6f83b29d1e8482 (commit)



- Log -----------------------------------------------------------------
commit f36fedcc764bdcadef30fe214f51b18a17f3f08c
Author: David von Oheimb <david.von.ohe...@siemens.com>
Date:   Thu Aug 17 21:45:06 2017 +0200

    Fix OCSP_basic_verify() cert chain construction in case bs->certs is NULL 
(backport)
    
    Reviewed-by: Rich Salz <rs...@openssl.org>
    Reviewed-by: Matt Caswell <m...@openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/4183)

-----------------------------------------------------------------------

Summary of changes:
 crypto/ocsp/ocsp_vfy.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/crypto/ocsp/ocsp_vfy.c b/crypto/ocsp/ocsp_vfy.c
index d4a257c..7a7d060 100644
--- a/crypto/ocsp/ocsp_vfy.c
+++ b/crypto/ocsp/ocsp_vfy.c
@@ -118,6 +118,8 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) 
*certs,
                     goto end;
                 }
             }
+        } else if (certs != NULL) {
+            untrusted = certs;
         } else {
             untrusted = bs->certs;
         }
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

Reply via email to