fix uninitialized variable read
this is basically a security fix for nonsensical configurations: if the specified CertificateFile did not contain any certificates, we *might* have accepted an arbitrary server certificate.
This commit is contained in:
parent
516c3bfa99
commit
db2bbbfef8
|
@ -255,6 +255,7 @@ verify_cert( imap_store_t *ctx )
|
||||||
srvc->cert_file, strerror( errno ) );
|
srvc->cert_file, strerror( errno ) );
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
err = -1;
|
||||||
for (lcert = 0; READ_X509_KEY( fp, &lcert ); )
|
for (lcert = 0; READ_X509_KEY( fp, &lcert ); )
|
||||||
if (!(err = compare_certificates( lcert, cert, md, n )))
|
if (!(err = compare_certificates( lcert, cert, md, n )))
|
||||||
break;
|
break;
|
||||||
|
|
Loading…
Reference in New Issue
Block a user