projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Store verify_result with sessions to avoid potential security hole.
[openssl.git] / ssl / s2_clnt.c
diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c
index 47dd09c286f398922daf505534394f67b0f66395..28d6d652961684101c317392e42a75a8d29413f0 100644 (file)
--- a/ssl/s2_clnt.c
+++ b/ssl/s2_clnt.c
@@ -921,6 +921,7 @@ int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data)
                goto err;
                }
        ERR_clear_error(); /* but we keep s->verify_result */
+       s->session->verify_result = s->verify_result;
 
        /* server's cert for this session */
        sc=ssl_sess_cert_new();
Unnamed repository; edit this file 'description' to name the repository.