The branch OpenSSL_1_0_2-stable has been updated via f36fedcc764bdcadef30fe214f51b18a17f3f08c (commit) from 3281f1eb65008c3c6176418f6c6f83b29d1e8482 (commit)
- Log ----------------------------------------------------------------- commit f36fedcc764bdcadef30fe214f51b18a17f3f08c Author: David von Oheimb <david.von.ohe...@siemens.com> Date: Thu Aug 17 21:45:06 2017 +0200 Fix OCSP_basic_verify() cert chain construction in case bs->certs is NULL (backport) Reviewed-by: Rich Salz <rs...@openssl.org> Reviewed-by: Matt Caswell <m...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4183) ----------------------------------------------------------------------- Summary of changes: crypto/ocsp/ocsp_vfy.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/crypto/ocsp/ocsp_vfy.c b/crypto/ocsp/ocsp_vfy.c index d4a257c..7a7d060 100644 --- a/crypto/ocsp/ocsp_vfy.c +++ b/crypto/ocsp/ocsp_vfy.c @@ -118,6 +118,8 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs, goto end; } } + } else if (certs != NULL) { + untrusted = certs; } else { untrusted = bs->certs; } _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits