Fix broken loading of client CAs

The SSL_load_client_CA_file() failed to load any CAs due to an inccorrect assumption about the return value of lh_*_insert(). The return value when inserting into a hash is the old value of the key. The bug was introduced in 3c82e437. Reviewed-by: N Kurt Roeckx <kurt@openssl.org> Reviewed-by: N Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1279)

Fix broken loading of client CAs
The SSL_load_client_CA_file() failed to load any CAs due to an inccorrect assumption about the return value of lh_*_insert(). The return value when inserting into a hash is the old value of the key. The bug was introduced in 3c82e437. Reviewed-by: N Kurt Roeckx <kurt@openssl.org> Reviewed-by: N Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1279)
9d6daf99 · Andreas Karlsson · Rich Salz · 3426de22 · 9d6daf99
隐藏空白更改
内联并排

Showing with 1 addition and 2 deletion

ssl/ssl_cert.c ssl/ssl_cert.c +1 -2

未找到文件。
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -605,8 +605,7 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file)
            X509_NAME_free(xn);
            xn = NULL;
        } else {
-            if (!lh_X509_NAME_insert(name_hash, xn))
-                goto err;
+            lh_X509_NAME_insert(name_hash, xn);
            if (!sk_X509_NAME_push(ret, xn))
                goto err;
        }