luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

wolfssl: avoid taking cached x509 store ref if sslctx already using it

Browse Source 
Closes #14442
This commit is contained in:
Alex Snast 2024-08-07 17:22:22 +03:00 committed by Daniel Stenberg
parent 3ac1569c16
commit 63e9e06794
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/vtls/wolfssl.c
View File

@ -596,7 +596,10 @@ CURLcode Curl_wssl_setup_x509_store(struct Curl_cfilter *cf,
!ssl_config->native_ca_store;
cached_store = cache_criteria_met ? get_cached_x509_store(cf, data) : NULL;
if(cached_store && wolfSSL_X509_STORE_up_ref(cached_store)) {
if(cached_store && wolfSSL_CTX_get_cert_store(wssl->ctx) == cached_store) {
/* The cached store is already in use, do nothing. */
}
else if(cached_store && wolfSSL_X509_STORE_up_ref(cached_store)) {
wolfSSL_CTX_set_cert_store(wssl->ctx, cached_store);
}
else if(cache_criteria_met) {