On Mon Jun 06 17:23:48 2011, tm...@redhat.com wrote:
> There is code error in s3_srvr.c function ssl3_get_cert_verify().
> The bug was found by Coverity scan.
Closing as resolved.
Andy committed fix across all branches.
https://github.com/openssl/openssl/commit/3b1fb1a0226e29c9d7c79ff7fbde21ef9ca
There is code error in s3_srvr.c function ssl3_get_cert_verify().
There is a condition if ((peer != NULL) && (type | EVP_PKT_SIGN))
- the second part of the condition is a no-op. The correct condition
should be if ((peer != NULL) && (type & EVP_PKT_SIGN)) although the
non-signing certificates with