From 91205c8eb4e63ccc712edb8024f53fee15acb58e Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Mon, 11 Feb 2019 14:00:13 +0200 Subject: [PATCH] OpenSSL: Fix uninitialized variable in CRL reloading corner case The flags variable needs to be initialized to 0 if check_crl is 0 in the updated configuration. Fixes: 159a7fbdeafe ("crl_reload_interval: Add CRL reloading support") Signed-off-by: Jouni Malinen --- src/crypto/tls_openssl.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c index d8422d25d..18d76737e 100644 --- a/src/crypto/tls_openssl.c +++ b/src/crypto/tls_openssl.c @@ -329,8 +329,7 @@ static X509_STORE * tls_crl_cert_reload(const char *ca_cert, int check_crl) return NULL; } - if (check_crl) - flags = X509_V_FLAG_CRL_CHECK; + flags = check_crl ? X509_V_FLAG_CRL_CHECK : 0; if (check_crl == 2) flags |= X509_V_FLAG_CRL_CHECK_ALL;