projects
/
oweals
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Set next version.
[oweals/openssl.git]
/
ssl
/
s2_clnt.c
diff --git
a/ssl/s2_clnt.c
b/ssl/s2_clnt.c
index efb52485a71439e5807904eebca704d6b5dc331e..c13a640455114788a03844bb5b71170bbdc185d8 100644
(file)
--- a/
ssl/s2_clnt.c
+++ b/
ssl/s2_clnt.c
@@
-466,11
+466,11
@@
static int get_server_hello(SSL *s)
return(-1);
}
return(-1);
}
- sk_SSL_CIPHER_set_cmp_func(sk,ssl_cipher_ptr_id_cmp);
+
(void)
sk_SSL_CIPHER_set_cmp_func(sk,ssl_cipher_ptr_id_cmp);
/* get the array of ciphers we will accept */
cl=SSL_get_ciphers(s);
/* get the array of ciphers we will accept */
cl=SSL_get_ciphers(s);
- sk_SSL_CIPHER_set_cmp_func(cl,ssl_cipher_ptr_id_cmp);
+
(void)
sk_SSL_CIPHER_set_cmp_func(cl,ssl_cipher_ptr_id_cmp);
/*
* If server preference flag set, choose the first
/*
* If server preference flag set, choose the first
@@
-520,7
+520,8
@@
static int get_server_hello(SSL *s)
CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509);
}
CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509);
}
- if (s->session->peer != s->session->sess_cert->peer_key->x509)
+ if (s->session->sess_cert == NULL
+ || s->session->peer != s->session->sess_cert->peer_key->x509)
/* can't happen */
{
ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
/* can't happen */
{
ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
@@
-934,7
+935,7
@@
static int get_server_verify(SSL *s)
s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */
p += 1;
s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */
p += 1;
- if (memcmp(p,s->s2->challenge,s->s2->challenge_length) != 0)
+ if (
CRYPTO_
memcmp(p,s->s2->challenge,s->s2->challenge_length) != 0)
{
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_CHALLENGE_IS_DIFFERENT);
{
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_CHALLENGE_IS_DIFFERENT);
@@
-1043,7
+1044,7
@@
int ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data)
i=ssl_verify_cert_chain(s,sk);
i=ssl_verify_cert_chain(s,sk);
- if ((s->verify_mode != SSL_VERIFY_NONE) && (
!i
))
+ if ((s->verify_mode != SSL_VERIFY_NONE) && (
i <= 0
))
{
SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
goto err;
{
SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
goto err;