projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b7ce611) | patch
Fix strict client chain check with TLS-1.3
authorTomas Mraz <tomas@openssl.org>
Tue, 29 Mar 2022 11:31:34 +0000 (13:31 +0200)
committerTomas Mraz <tomas@openssl.org>
Fri, 3 Jun 2022 13:52:17 +0000 (15:52 +0200)
commit3bd976551e549c030bdbd150c7aa8a1980cb00fe
treeec46f43cc4f1d445e91fee945c1dcd699b1da0detree | snapshot
parentb7ce611887cfac633aacc052b2e71a7f195418b8commit | diff
Fix strict client chain check with TLS-1.3

When TLS-1.3 is used and the server does not send any CA names
the ca_dn will be NULL. sk_X509_NAME_num() returns -1 on null
argument.

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17986)

(cherry picked from commit 89dd85430770d39cbfb15eb586c921958ca7687f)
ssl/t1_lib.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.