diff options
| author | Steven Valdez <svaldez@google.com> | 2016-02-25 21:43:49 +0300 |
|---|---|---|
| committer | David Benjamin <davidben@google.com> | 2016-02-25 23:43:58 +0300 |
| commit | 3f81b607fee408fe8142442c6e654b0762d8f844 (patch) | |
| tree | 7f1fec54bc0522ea3f320fd1a1cbe9f8701dc754 /crypto/x509 | |
| parent | 06c5fb4512ecd9aeb74e7d438c257b9f606f67af (diff) | |
Fix missing ok=0 with cert verification.
Also avoid using "i" in X509_cert_verify as a loop counter, trust
outcome and as an error ordinal.
(Imported from upstream's a3baa171053547488475709c7197592c66e427cf)
Change-Id: I4b0b542ffacf7fa861c93c8124b334c0aacc3c17
Reviewed-on: https://boringssl-review.googlesource.com/7222
Reviewed-by: David Benjamin <davidben@google.com>
Diffstat (limited to 'crypto/x509')
| -rw-r--r-- | crypto/x509/x509_vfy.c | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 602c8fbc..e7f2103f 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -193,7 +193,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) int bad_chain = 0; X509_VERIFY_PARAM *param = ctx->param; int depth, i, ok = 0; - int num, j, retry; + int num, j, retry, trust; int (*cb) (int xok, X509_STORE_CTX *xctx); STACK_OF(X509) *sktmp = NULL; if (ctx->cert == NULL) { @@ -268,6 +268,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) if (xtmp != NULL) { if (!sk_X509_push(ctx->chain, xtmp)) { OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); + ok = 0; goto end; } X509_up_ref(xtmp); @@ -363,11 +364,13 @@ int X509_verify_cert(X509_STORE_CTX *ctx) } /* we now have our chain, lets check it... */ - i = check_trust(ctx); + trust = check_trust(ctx); /* If explicitly rejected error */ - if (i == X509_TRUST_REJECTED) + if (trust == X509_TRUST_REJECTED) { + ok = 0; goto end; + } /* * If it's not explicitly trusted then check if there is an alternative * chain that could be used. We only do this if we haven't already @@ -375,7 +378,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) * chain checking */ retry = 0; - if (i != X509_TRUST_TRUSTED + if (trust != X509_TRUST_TRUSTED && !(ctx->param->flags & X509_V_FLAG_TRUSTED_FIRST) && !(ctx->param->flags & X509_V_FLAG_NO_ALT_CHAINS)) { while (j-- > 1) { @@ -412,7 +415,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) * self signed certificate in which case we've indicated an error already * and set bad_chain == 1 */ - if (i != X509_TRUST_TRUSTED && !bad_chain) { + if (trust != X509_TRUST_TRUSTED && !bad_chain) { if ((chain_ss == NULL) || !ctx->check_issued(ctx, x, chain_ss)) { if (ctx->last_untrusted >= num) ctx->error = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY; @@ -463,10 +466,10 @@ int X509_verify_cert(X509_STORE_CTX *ctx) if (!ok) goto end; - i = X509_chain_check_suiteb(&ctx->error_depth, NULL, ctx->chain, - ctx->param->flags); - if (i != X509_V_OK) { - ctx->error = i; + int err = X509_chain_check_suiteb(&ctx->error_depth, NULL, ctx->chain, + ctx->param->flags); + if (err != X509_V_OK) { + ctx->error = err; ctx->current_cert = sk_X509_value(ctx->chain, ctx->error_depth); ok = cb(0, ctx); if (!ok) |