aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2019-02-11 12:00:13 (GMT)
committerJouni Malinen <j@w1.fi>2019-02-11 12:02:17 (GMT)
commit91205c8eb4e63ccc712edb8024f53fee15acb58e (patch)
treeec40901cdf93b803ca9ee0cf0fe3a886e3ff4998
parent092a19222b1f10f4645c3f9b0e44129b17595f22 (diff)
downloadhostap-91205c8eb4e63ccc712edb8024f53fee15acb58e.zip
hostap-91205c8eb4e63ccc712edb8024f53fee15acb58e.tar.gz
hostap-91205c8eb4e63ccc712edb8024f53fee15acb58e.tar.bz2
OpenSSL: Fix uninitialized variable in CRL reloading corner case
The flags variable needs to be initialized to 0 if check_crl is 0 in the updated configuration. Fixes: 159a7fbdeafe ("crl_reload_interval: Add CRL reloading support") Signed-off-by: Jouni Malinen <j@w1.fi>
-rw-r--r--src/crypto/tls_openssl.c3
1 files changed, 1 insertions, 2 deletions
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index d8422d2..18d7673 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -329,8 +329,7 @@ static X509_STORE * tls_crl_cert_reload(const char *ca_cert, int check_crl)
return NULL;
}
- if (check_crl)
- flags = X509_V_FLAG_CRL_CHECK;
+ flags = check_crl ? X509_V_FLAG_CRL_CHECK : 0;
if (check_crl == 2)
flags |= X509_V_FLAG_CRL_CHECK_ALL;