HTTP: Fix OCSP error path

If addition of a peer issuer certificate fails, the certs pointer would
be NULL when being passed to sk_X509_push() for peer issuer's issuer.
Fix this by skipping addition of issuer's issue if issuer addition
fails.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Subhani Shaik 2015-02-17 11:29:06 -08:00 committed by Jouni Malinen
parent 946572ca0e
commit bd7bb43784

View file

@ -1098,7 +1098,7 @@ static int ocsp_resp_cb(SSL *s, void *arg)
sk_X509_free(certs); sk_X509_free(certs);
certs = NULL; certs = NULL;
} }
if (ctx->peer_issuer_issuer) { if (certs && ctx->peer_issuer_issuer) {
cert = X509_dup(ctx->peer_issuer_issuer); cert = X509_dup(ctx->peer_issuer_issuer);
if (cert && !sk_X509_push(certs, cert)) { if (cert && !sk_X509_push(certs, cert)) {
tls_show_errors( tls_show_errors(