Commit 1d42741a authored by Nils Larsch's avatar Nils Larsch
Browse files

clear error queue on success and return NULL if no cert could be read 

PR: 1088
parent 88737991

ssl/ssl_cert.c

+13 −3
Original line number Diff line number Diff line
@@ -635,14 +635,13 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file) 
	BIO *in;

	X509 *x=NULL;

	X509_NAME *xn=NULL;

	STACK_OF(X509_NAME) *ret,*sk;

	STACK_OF(X509_NAME) *ret = NULL,*sk;



	ret=sk_X509_NAME_new_null();

	sk=sk_X509_NAME_new(xname_cmp);



	in=BIO_new(BIO_s_file_internal());



	if ((ret == NULL) || (sk == NULL) || (in == NULL))

	if ((sk == NULL) || (in == NULL))

		{

		SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE);

		goto err;
@@ -655,6 +654,15 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file) 
		{

		if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL)

			break;

		if (ret == NULL)

			{

			ret = sk_X509_NAME_new_null();

			if (ret == NULL)

				{

				SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE);

				goto err;

				}

			}

		if ((xn=X509_get_subject_name(x)) == NULL) goto err;

		/* check for duplicates */

		xn=X509_NAME_dup(xn);
@@ -677,6 +685,8 @@ err: 
	if (sk != NULL) sk_X509_NAME_free(sk);

	if (in != NULL) BIO_free(in);

	if (x != NULL) X509_free(x);

	if (ret != NULL)

		ERR_clear_error();

	return(ret);

	}

#endif