projects / oweals / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
1024 is the export key bits limit according to current regulations, not 512.
[oweals/openssl.git] / crypto / x509 / x509_vfy.c
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index f60054bd398dff568da2b80f9e580bd06cecae1c..2bb21b443ec0674b9738935302ad2173a5066e81 100644 (file)
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -674,7 +674,7 @@ static int internal_verify(X509_STORE_CTX *ctx)
                                ok=(*cb)(0,ctx);
                                if (!ok) goto end;
                                }
-                       if (X509_verify(xs,pkey) <= 0)
+                       else if (X509_verify(xs,pkey) <= 0)
                                /* XXX  For the final trusted self-signed cert,
                                 * this is a waste of time.  That check should
                                 * optional so that e.g. 'openssl x509' can be
Unnamed repository; edit this file 'description' to name the repository.