Resolve swallowed returns codes
The recent updates to libssl to enforce stricter return code checking, left
a small number of instances behind where return codes were being swallowed
(typically because the function they were being called from was declared as
void). This commit fixes those instances to handle the return codes more
appropriately.
Reviewed-by: Richard Levitte <levitte@openssl.org>
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index b5eb4bf..40d6490 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -4157,13 +4157,12 @@
/* Set validity of certificates in an SSL structure */
void tls1_set_cert_validity(SSL *s)
{
- /* Deliberately ignore all return values */
- if(tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_RSA_ENC)
- || tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_RSA_SIGN)
- || tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_DSA_SIGN)
- || tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_DH_RSA)
- || tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_DH_DSA)
- || tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_ECC));
+ tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_RSA_ENC);
+ tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_RSA_SIGN);
+ tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_DSA_SIGN);
+ tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_DH_RSA);
+ tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_DH_DSA);
+ tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_ECC);
}
/* User level utiity function to check a chain is suitable */
