OpenSSL: Fix uninitialized variable in CRL reloading corner case

The flags variable needs to be initialized to 0 if check_crl is 0 in the updated configuration. Fixes: 159a7fbdea ("crl_reload_interval: Add CRL reloading support") Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 14:00:13 +02:00 · 2019-02-11 14:00:13 +02:00 · 91205c8eb4
parent 092a19222b
commit 91205c8eb4
1 changed files with 1 additions and 2 deletions
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@ -329,8 +329,7 @@ static X509_STORE * tls_crl_cert_reload(const char *ca_cert, int check_crl)
 		return NULL;
 	}

-	if (check_crl)
-		flags = X509_V_FLAG_CRL_CHECK;
+	flags = check_crl ? X509_V_FLAG_CRL_CHECK : 0;
 	if (check_crl == 2)
 		flags |= X509_V_FLAG_CRL_CHECK_ALL;