diff options
author | Ben Laurie <ben@openssl.org> | 2008-12-29 16:11:58 +0000 |
---|---|---|
committer | Ben Laurie <ben@openssl.org> | 2008-12-29 16:11:58 +0000 |
commit | 0eab41fb78cf4d7c76e563fd677ab6c32fc28bb0 (patch) | |
tree | da848c7424ced86fc60823f4948b0fc79e52a381 /ssl/s3_srvr.c | |
parent | 8aa02e97a782a4229936d5df6da42db3efe4acd1 (diff) |
If we're going to return errors (no matter how stupid), then we should
test for them!
Diffstat (limited to 'ssl/s3_srvr.c')
-rw-r--r-- | ssl/s3_srvr.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 5cc3a196d7..d7327649d5 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -522,6 +522,7 @@ int ssl3_accept(SSL *s) { int offset=0; int dgst_num; + s->state=SSL3_ST_SR_CERT_VRFY_A; s->init_num=0; @@ -536,8 +537,16 @@ int ssl3_accept(SSL *s) for (dgst_num=0; dgst_num<SSL_MAX_DIGEST;dgst_num++) if (s->s3->handshake_dgst[dgst_num]) { + int dgst_size; + s->method->ssl3_enc->cert_verify_mac(s,EVP_MD_CTX_type(s->s3->handshake_dgst[dgst_num]),&(s->s3->tmp.cert_verify_md[offset])); - offset+=EVP_MD_CTX_size(s->s3->handshake_dgst[dgst_num]); + dgst_size=EVP_MD_CTX_size(s->s3->handshake_dgst[dgst_num]); + if (dgst_size < 0) + { + ret = -1; + goto end; + } + offset+=dgst_size; } } break; |