projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Match empty CA list to anything for ssl client auth in CryptoAPI engine.
[openssl.git] / engines / e_capi.c
diff --git a/engines/e_capi.c b/engines/e_capi.c
index a9768832ef900c7862d7eb7ce476b0d3df63160d..4245a37d5f3c7a586f2f7eb6e8dfe2f69c4dc0f2 100644 (file)
--- a/engines/e_capi.c
+++ b/engines/e_capi.c
@@ -774,7 +774,6 @@ int capi_rsa_sign(int dtype, const unsigned char *m, unsigned int m_len,
                *siglen = slen;
                }
 
-
        /* Now cleanup */
 
 err:
@@ -1475,6 +1474,9 @@ static int cert_issuer_match(STACK_OF(X509_NAME) *ca_dn, X509 *x)
        {
        int i;
        X509_NAME *nm;
+       /* Special case: empty list: match anything */
+       if (sk_X509_NAME_num(ca_dn) <= 0)
+               return 1;
        for (i = 0; i < sk_X509_NAME_num(ca_dn); i++)
                {
                nm = sk_X509_NAME_value(ca_dn, i);
Unnamed repository; edit this file 'description' to name the repository.