Commit 9d6daf99 authored by Andreas Karlsson's avatar Andreas Karlsson Committed by Rich Salz
Browse files

Fix broken loading of client CAs 



The SSL_load_client_CA_file() failed to load any CAs due to an
inccorrect assumption about the return value of lh_*_insert(). The
return value when inserting into a hash is the old value of the key.

The bug was introduced in 3c82e437.

Reviewed-by: default avatarKurt Roeckx <kurt@openssl.org>
Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1279)
parent 3426de22

ssl/ssl_cert.c

+1 −2
Original line number Diff line number Diff line
@@ -605,8 +605,7 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file) 
            X509_NAME_free(xn);

            xn = NULL;

        } else {

            if (!lh_X509_NAME_insert(name_hash, xn))

                goto err;

            lh_X509_NAME_insert(name_hash, xn);

            if (!sk_X509_NAME_push(ret, xn))

                goto err;

        }