mirror of https://github.com/openssl/openssl
s_cb.c: Add missing return value checks
Return value of function 'SSL_CTX_ctrl', that is called from SSL_CTX_set1_verify_cert_store() and SSL_CTX_set1_chain_cert_store(), is not checked, but it is usually checked for this function. CLA: trivial Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23647)
This commit is contained in:
parent
d3457f990c
commit
6f794b461c
|
@ -1318,7 +1318,8 @@ int ssl_load_stores(SSL_CTX *ctx,
|
|||
if (vfyCAstore != NULL && !X509_STORE_load_store(vfy, vfyCAstore))
|
||||
goto err;
|
||||
add_crls_store(vfy, crls);
|
||||
SSL_CTX_set1_verify_cert_store(ctx, vfy);
|
||||
if (SSL_CTX_set1_verify_cert_store(ctx, vfy) == 0)
|
||||
goto err;
|
||||
if (crl_download)
|
||||
store_setup_crl_download(vfy);
|
||||
}
|
||||
|
@ -1332,7 +1333,8 @@ int ssl_load_stores(SSL_CTX *ctx,
|
|||
goto err;
|
||||
if (chCAstore != NULL && !X509_STORE_load_store(ch, chCAstore))
|
||||
goto err;
|
||||
SSL_CTX_set1_chain_cert_store(ctx, ch);
|
||||
if (SSL_CTX_set1_chain_cert_store(ctx, ch) == 0)
|
||||
goto err;
|
||||
}
|
||||
rv = 1;
|
||||
err:
|
||||
|
|
Loading…
Reference in New Issue