projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6fd014f) | patch
Fix strict client chain check with TLS-1.3
authorTomas Mraz <tomas@openssl.org>
Tue, 29 Mar 2022 11:31:34 +0000 (13:31 +0200)
committerTomas Mraz <tomas@openssl.org>
Fri, 3 Jun 2022 13:52:02 +0000 (15:52 +0200)
commitb6f107088cc6f054fac5d0b563dec6fdfaa5a161
tree109243ce502cca4d6469ec816f5a78ab49d7b70ftree | snapshot
parent6fd014f32257b63a0b17e5793faab3e70c979851commit | diff
Fix strict client chain check with TLS-1.3

When TLS-1.3 is used and the server does not send any CA names
the ca_dn will be NULL. sk_X509_NAME_num() returns -1 on null
argument.

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17986)

(cherry picked from commit 89dd85430770d39cbfb15eb586c921958ca7687f)
ssl/t1_lib.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.