CVSROOT:        /cvs
Module name:    src
Changes by:    2023/06/01 01:29:15

Modified files:
        lib/libtls     : tls_verify.c 

Log message:
Check for X509_get_ext_d2i() failure

X509_get_ext_d2i() (or rather X509V3_get_d2i()) can return NULL for
various reasons. If it fails because the extension wasn't found, it
sets *crit = -1. In any other case, e.g., the cert is bad or we ran
out of memory in X509V3_EXT_d2i(), crit is set to something else, so
we should actually error.

ok jsing

Reply via email to