Synchronise with 0.9.7-stable.

[openssl.git] / ssl / ssl_cert.c

diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index d78584715a7589a175a708b5c2a8a225c25ab04f..263a1dc34d909907f5208b1bb57c260168387117 100644 (file)
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -483,7 +483,11 @@ int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk)
                X509_STORE_CTX_set_verify_cb(&ctx, s->verify_callback);
 
        if (s->ctx->app_verify_callback != NULL)
+#if 1 /* new with OpenSSL 0.9.7 */
+               i=s->ctx->app_verify_callback(&ctx, s->ctx->app_verify_arg); 
+#else
                i=s->ctx->app_verify_callback(&ctx); /* should pass app_verify_arg */
+#endif
        else
                {
 #ifndef OPENSSL_NO_X509_VERIFY
@@ -769,6 +773,7 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
        ret = 1;
 
 err:   
+       if (d) closedir(d);
        CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
        return ret;
        }
@@ -794,7 +799,7 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
                SYSerr(SYS_F_OPENDIR, get_last_sys_error());
                ERR_add_error_data(3, "opendir('", dir, "')");
                SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB);
-               goto err;
+               goto err_noclose;
                }
        
        do 
@@ -815,10 +820,11 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
                        goto err;
                }
        while (FindNextFile(hFind, &FindFileData) != FALSE);
-       FindClose(hFind);
        ret = 1;
 
-err:   
+err:
+       FindClose(hFind);
+err_noclose:
        CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
        return ret;
        }