diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2008-06-03 11:37:52 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2008-06-03 11:37:52 +0000 |
commit | ca89fc1fb4457de749f65996ca130be0d1807887 (patch) | |
tree | a66ef9af58d6438698dfdce8885cbed44a07b39c /engines/e_capi.c | |
parent | 59d2d48f6470b6ef5e8c385c34dea1f253bfed62 (diff) |
Match empty CA list to anything for ssl client auth in CryptoAPI engine.
Diffstat (limited to 'engines/e_capi.c')
-rw-r--r-- | engines/e_capi.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/engines/e_capi.c b/engines/e_capi.c index a9768832ef..4245a37d5f 100644 --- a/engines/e_capi.c +++ b/engines/e_capi.c @@ -774,7 +774,6 @@ int capi_rsa_sign(int dtype, const unsigned char *m, unsigned int m_len, *siglen = slen; } - /* Now cleanup */ err: @@ -1475,6 +1474,9 @@ static int cert_issuer_match(STACK_OF(X509_NAME) *ca_dn, X509 *x) { int i; X509_NAME *nm; + /* Special case: empty list: match anything */ + if (sk_X509_NAME_num(ca_dn) <= 0) + return 1; for (i = 0; i < sk_X509_NAME_num(ca_dn); i++) { nm = sk_X509_NAME_value(ca_dn, i); |