Mercurial > dovecot > core-2.2
changeset 22915:087aeff6bd2a
login-common: Fix boolean misuse in preverify_ok
Fixes problem where dovecot does not accept revoked cert
when CRL checking has been disabled.
author | Aki Tuomi <aki.tuomi@dovecot.fi> |
---|---|
date | Wed, 28 Feb 2018 13:29:51 +0200 |
parents | 3edf73ffeb2e |
children | 432635b3ef52 |
files | src/login-common/ssl-proxy-openssl.c |
diffstat | 1 files changed, 1 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/src/login-common/ssl-proxy-openssl.c Tue Apr 17 15:46:41 2018 +0300 +++ b/src/login-common/ssl-proxy-openssl.c Wed Feb 28 13:29:51 2018 +0200 @@ -921,7 +921,7 @@ /* no CRL given with the CA list. don't worry about it. */ preverify_ok = 1; } - if (!preverify_ok) + if (preverify_ok == 0) proxy->cert_broken = TRUE; subject = X509_get_subject_name(X509_STORE_CTX_get_current_cert(ctx));