Store verify_result with sessions to avoid potential security hole.

1999-11-16 23:15:41 +00:00
parent 91895a5938
commit b1fe6ca175
9 changed files with 54 additions and 6 deletions
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1627,6 +1627,7 @@ static int ssl3_get_client_certificate(SSL *s)
 	if (s->session->peer != NULL) /* This should not be needed */
 		X509_free(s->session->peer);
 	s->session->peer=sk_X509_shift(sk);
+	s->session->verify_result = s->verify_result;

 	/* With the current implementation, sess_cert will always be NULL
 	 * when we arrive here. */