Mercurial > dovecot > core-2.2

changeset 22915:087aeff6bd2a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
login-common: Fix boolean misuse in preverify_ok Fixes problem where dovecot does not accept revoked cert when CRL checking has been disabled.
author Aki Tuomi <aki.tuomi@dovecot.fi>
date Wed, 28 Feb 2018 13:29:51 +0200
parents 3edf73ffeb2e
children 432635b3ef52
files src/login-common/ssl-proxy-openssl.c
diffstat 1 files changed, 1 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/src/login-common/ssl-proxy-openssl.c	Tue Apr 17 15:46:41 2018 +0300
+++ b/src/login-common/ssl-proxy-openssl.c	Wed Feb 28 13:29:51 2018 +0200
@@ -921,7 +921,7 @@
 		/* no CRL given with the CA list. don't worry about it. */
 		preverify_ok = 1;
 	}
-	if (!preverify_ok)
+	if (preverify_ok == 0)
 		proxy->cert_broken = TRUE;
 
 	subject = X509_get_subject_name(X509_STORE_CTX_get_current_cert(ctx));