summaryrefslogtreecommitdiff
path: root/main/openssl/ssl/s2_srvr.c
diff options
context:
space:
mode:
authorArne Schwabe <arne@rfc2549.org>2014-04-23 09:56:37 +0200
committerArne Schwabe <arne@rfc2549.org>2014-04-23 09:56:37 +0200
commite436c963f0976b885a7db04681344779e26dd3b5 (patch)
tree240663106f32e02e1c34080656f4ef21a2e1776e /main/openssl/ssl/s2_srvr.c
parent6a99715a9b072fa249e79c98cd9f03991f0f1219 (diff)
Update OpenSSL to 1.0.1g and statically link OpenVPN with it
Diffstat (limited to 'main/openssl/ssl/s2_srvr.c')
-rw-r--r--main/openssl/ssl/s2_srvr.c16
1 files changed, 11 insertions, 5 deletions
diff --git a/main/openssl/ssl/s2_srvr.c b/main/openssl/ssl/s2_srvr.c
index bc885e8e..2cba426b 100644
--- a/main/openssl/ssl/s2_srvr.c
+++ b/main/openssl/ssl/s2_srvr.c
@@ -1059,10 +1059,12 @@ static int request_certificate(SSL *s)
EVP_PKEY *pkey=NULL;
EVP_MD_CTX_init(&ctx);
- EVP_VerifyInit_ex(&ctx,s->ctx->rsa_md5, NULL);
- EVP_VerifyUpdate(&ctx,s->s2->key_material,
- s->s2->key_material_length);
- EVP_VerifyUpdate(&ctx,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
+ if (!EVP_VerifyInit_ex(&ctx,s->ctx->rsa_md5, NULL)
+ || !EVP_VerifyUpdate(&ctx,s->s2->key_material,
+ s->s2->key_material_length)
+ || !EVP_VerifyUpdate(&ctx,ccd,
+ SSL2_MIN_CERT_CHALLENGE_LENGTH))
+ goto msg_end;
i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL);
buf2=OPENSSL_malloc((unsigned int)i);
@@ -1073,7 +1075,11 @@ static int request_certificate(SSL *s)
}
p2=buf2;
i=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&p2);
- EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i);
+ if (!EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i))
+ {
+ OPENSSL_free(buf2);
+ goto msg_end;
+ }
OPENSSL_free(buf2);
pkey=X509_get_pubkey(x509);