diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2017-02-19 21:16:46 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2017-02-21 17:41:44 +0000 |
commit | 38e8f3cd815f86b80d54892bb40ba67ab9fb83bd (patch) | |
tree | fb54e5d6ed1d6d52c9b20bd9f2acbcfb5a2df12e | |
parent | faadddc906b9f3ee2059a1a20d43d8f42e143939 (diff) | |
download | openssl-38e8f3cd815f86b80d54892bb40ba67ab9fb83bd.zip openssl-38e8f3cd815f86b80d54892bb40ba67ab9fb83bd.tar.gz openssl-38e8f3cd815f86b80d54892bb40ba67ab9fb83bd.tar.bz2 |
Check validity, not just signing for all certificates
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2679)
-rw-r--r-- | ssl/ssl_lib.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 48c37b8..dea2dac 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -2768,8 +2768,8 @@ void ssl_set_masks(SSL *s) #endif rsa_enc = pvalid[SSL_PKEY_RSA] & CERT_PKEY_VALID; - rsa_sign = pvalid[SSL_PKEY_RSA] & CERT_PKEY_SIGN; - dsa_sign = pvalid[SSL_PKEY_DSA_SIGN] & CERT_PKEY_SIGN; + rsa_sign = pvalid[SSL_PKEY_RSA] & CERT_PKEY_VALID; + dsa_sign = pvalid[SSL_PKEY_DSA_SIGN] & CERT_PKEY_VALID; #ifndef OPENSSL_NO_EC have_ecc_cert = pvalid[SSL_PKEY_ECC] & CERT_PKEY_VALID; #endif |