From e3d623f190bc582e6058be12e3568424ca206d27 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 25 Sep 2009 18:09:38 +0000
Subject: - Chris Mumford filed bug report #2861587  
 (http://curl.haxx.se/bug/view.cgi?id=2861587) identifying that libcurl used  
 the OpenSSL function X509_load_crl_file() wrongly and failed if it would  
 load a CRL file with more than one certificate within. This is now fixed.

---
 lib/ssluse.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'lib')

diff --git a/lib/ssluse.c b/lib/ssluse.c
index 363c27a1e..2ea3b2f55 100644
--- a/lib/ssluse.c
+++ b/lib/ssluse.c
@@ -1536,8 +1536,8 @@ ossl_connect_step1(struct connectdata *conn,
      * revocation */
     lookup=X509_STORE_add_lookup(connssl->ctx->cert_store,X509_LOOKUP_file());
     if ( !lookup ||
-         (X509_load_crl_file(lookup,data->set.str[STRING_SSL_CRLFILE],
-                             X509_FILETYPE_PEM)!=1) ) {
+         (!X509_load_crl_file(lookup,data->set.str[STRING_SSL_CRLFILE],
+                              X509_FILETYPE_PEM)) ) {
       failf(data,"error loading CRL file :\n"
             "  CRLfile: %s\n",
             data->set.str[STRING_SSL_CRLFILE]?
-- 
cgit v1.2.3