Properly check EVP_VerifyFinal() and similar return values

(CVE-2008-5077). Submitted by: Ben Laurie, Bodo Moeller, Google Security Team
author: Dr. Stephen Henson <steve@openssl.org> 2009-01-07 10:48:23 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2009-01-07 10:48:23 +0000
commit: a00c3c4019a4bc0fa938b7dd3c0cd8e95cdc6943 (patch)
tree: 97dc675154f89679d944819529935c988924a301 /ssl/s3_srvr.c
parent: f4677b79609a17b125c46a8bc9899be94ac65919 (diff)
download: openssl-new-a00c3c4019a4bc0fa938b7dd3c0cd8e95cdc6943.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 04f9f79ab2..80b45eb86f 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -2566,7 +2566,7 @@ int ssl3_get_client_certificate(SSL *s)
 	else
 		{
 		i=ssl_verify_cert_chain(s,sk);
-		if (!i)
+		if (i <= 0)
 			{
 			al=ssl_verify_alarm_type(s->verify_result);
 			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED);
author	Dr. Stephen Henson <steve@openssl.org>	2009-01-07 10:48:23 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2009-01-07 10:48:23 +0000
commit	a00c3c4019a4bc0fa938b7dd3c0cd8e95cdc6943 (patch)
tree	97dc675154f89679d944819529935c988924a301 /ssl/s3_srvr.c
parent	f4677b79609a17b125c46a8bc9899be94ac65919 (diff)
download	openssl-new-a00c3c4019a4bc0fa938b7dd3c0cd8e95cdc6943.tar.gz