Fix broken loading of client CAs

The SSL_load_client_CA_file() failed to load any CAs due to an inccorrect assumption about the return value of lh_*_insert(). The return value when inserting into a hash is the old value of the key. The bug was introduced in 3c82e437bb3af822ea13cd5a24bab0745c556246. Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1279)
author: Andreas Karlsson <andreas@proxel.se> 2016-07-02 01:19:39 +0200
committer: Rich Salz <rsalz@openssl.org> 2016-07-02 21:30:13 +0200
commit: 9d6daf99c286d260e50278f63ddb7d164462256e (patch)
tree: 6e1f87e2da166a1cce848c4421f6f75053317a9e /ssl/ssl_cert.c
parent: VMS: Add installation verification procedure (diff)
download: openssl-9d6daf99c286d260e50278f63ddb7d164462256e.tar.xz
openssl-9d6daf99c286d260e50278f63ddb7d164462256e.zip
1 files changed, 1 insertions, 2 deletions
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index c6e2d09eb7..2a07ee6910 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -605,8 +605,7 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file)
             X509_NAME_free(xn);
             xn = NULL;
         } else {
-            if (!lh_X509_NAME_insert(name_hash, xn))
-                goto err;
+            lh_X509_NAME_insert(name_hash, xn);
             if (!sk_X509_NAME_push(ret, xn))
                 goto err;
         }
author	Andreas Karlsson <andreas@proxel.se>	2016-07-02 01:19:39 +0200
committer	Rich Salz <rsalz@openssl.org>	2016-07-02 21:30:13 +0200
commit	9d6daf99c286d260e50278f63ddb7d164462256e (patch)
tree	6e1f87e2da166a1cce848c4421f6f75053317a9e /ssl/ssl_cert.c
parent	VMS: Add installation verification procedure (diff)
download	openssl-9d6daf99c286d260e50278f63ddb7d164462256e.tar.xz openssl-9d6daf99c286d260e50278f63ddb7d164462256e.zip