From 53a5b95c215860e3c392b011f2645e2bdd70246c Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sun, 4 May 2014 23:53:38 +0200
Subject: [PATCH] CURLINFO_SSL_VERIFYRESULT: assign at first connect call

The variable wasn't assigned at all until step3 which would lead to a
failed connect never assigning the variable and thus returning a bad
value.

Reported-by: Larry Lin
Bug: http://curl.haxx.se/mail/lib-2014-04/0203.html
---
 lib/vtls/openssl.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index d13436d913..68c10678af 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -1501,6 +1501,8 @@ ossl_connect_step1(struct connectdata *conn,
   /* Make funny stuff to get random input */
   Curl_ossl_seed(data);
 
+  data->set.ssl.certverifyresult = !X509_V_OK;
+
   /* check to see if we've been told to use an explicit SSL/TLS version */
 
   switch(data->set.ssl.version) {
@@ -2363,8 +2365,6 @@ static CURLcode servercert(struct connectdata *conn,
     /* we've been asked to gather certificate info! */
     (void)get_cert_chain(conn, connssl);
 
-  data->set.ssl.certverifyresult = !X509_V_OK;
-
   connssl->server_cert = SSL_get_peer_certificate(connssl->handle);
   if(!connssl->server_cert) {
     if(strict)
-- 
GitLab