From 2dac2667d1ec0ffd9f5609cc07f7e1221624e152 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Fri, 14 Feb 2014 14:52:23 +0000
Subject: [PATCH] Don't do loop detection for self signed check.

---
 crypto/x509/x509_vfy.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index b7e3f6e996..8129fa084d 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -481,6 +481,8 @@ static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x)
 static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer)
 {
 	int ret;
+	if (x == issuer)
+		return cert_self_signed(x);
 	ret = X509_check_issued(issuer, x);
 	if (ret == X509_V_OK)
 		{
-- 
2.25.1