projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Added comment for the frag->reassembly == NULL case as per feedback from Emilia
[openssl.git]
/
ssl
/
ssl_rsa.c
diff --git
a/ssl/ssl_rsa.c
b/ssl/ssl_rsa.c
index fc42dfa1ec6643fe0e73a1440b8b92c994c84bc0..60e7b66859dbe3db21d9f4fa4404601537117dba 100644
(file)
--- a/
ssl/ssl_rsa.c
+++ b/
ssl/ssl_rsa.c
@@
-708,7
+708,9
@@
int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
int ret=0;
X509 *x=NULL;
int ret=0;
X509 *x=NULL;
- in=BIO_new(BIO_s_file_internal());
+ ERR_clear_error(); /* clear error stack for SSL_CTX_use_certificate() */
+
+ in = BIO_new(BIO_s_file_internal());
if (in == NULL)
{
SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_BUF_LIB);
if (in == NULL)
{
SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_BUF_LIB);
@@
-721,14
+723,16
@@
int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
goto end;
}
goto end;
}
- x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
+ x=PEM_read_bio_X509_AUX(in,NULL,ctx->default_passwd_callback,
+ ctx->default_passwd_callback_userdata);
if (x == NULL)
{
SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_PEM_LIB);
goto end;
}
if (x == NULL)
{
SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_PEM_LIB);
goto end;
}
- ret=SSL_CTX_use_certificate(ctx,x);
+ ret = SSL_CTX_use_certificate(ctx, x);
+
if (ERR_peek_error() != 0)
ret = 0; /* Key/certificate mismatch doesn't imply ret==0 ... */
if (ret)
if (ERR_peek_error() != 0)
ret = 0; /* Key/certificate mismatch doesn't imply ret==0 ... */
if (ret)
@@
-740,13
+744,15
@@
int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
int r;
unsigned long err;
int r;
unsigned long err;
- if (ctx->extra_certs != NULL)
+ if (ctx->extra_certs != NULL)
{
sk_X509_pop_free(ctx->extra_certs, X509_free);
ctx->extra_certs = NULL;
}
{
sk_X509_pop_free(ctx->extra_certs, X509_free);
ctx->extra_certs = NULL;
}
- while ((ca = PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata))
+ while ((ca = PEM_read_bio_X509(in, NULL,
+ ctx->default_passwd_callback,
+ ctx->default_passwd_callback_userdata))
!= NULL)
{
r = SSL_CTX_add_extra_chain_cert(ctx, ca);
!= NULL)
{
r = SSL_CTX_add_extra_chain_cert(ctx, ca);