This really cannot be ever called with NULL store_ctx
and the check confuses Coverity.
Fixes Coverity
1538865
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21755)
static int selfsigned_verify_cb(int ok, X509_STORE_CTX *store_ctx)
{
- if (ok == 0 && store_ctx != NULL
+ if (ok == 0
&& X509_STORE_CTX_get_error_depth(store_ctx) == 0
&& X509_STORE_CTX_get_error(store_ctx)
== X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) {