commit c68f3e02b0060190caccc6f8b8d1f398f041fb79
author Adam Langley <agl@chromium.org> Wed Feb 11 12:09:10 2015 -0800
committer Adam Langley <agl@chromium.org> Fri Feb 13 10:58:55 2015 -0800
tree 7eb675ae19ca3cdff82ff1b5366abf70f651ad32
parent fcd34624a14a3bfe8b445b57cbfa81b945b3706e

X509_check_mumble() failure is <= 0, not just 0.

(This change is for a future change that increases the range of the
return values.)

(Imported from upstream's 3fc0b1edad0c75d7beb51fa77f63ffe817295e2c.)

Change-Id: I221d4ee0e90586f89f731e01ff4d813058173211

crypto/x509/x509_vfy.c

diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 3c492ab..1650b77 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -709,17 +709,17 @@
 	X509_VERIFY_PARAM *vpm = ctx->param;
 	X509_VERIFY_PARAM_ID *id = vpm->id;
 	X509 *x = ctx->cert;
-	if (id->host && !X509_check_host(x, id->host, strlen((const char*) id->host), id->hostflags))
+	if (id->host && X509_check_host(x, id->host, strlen((const char*) id->host), id->hostflags) <= 0)
 		{
 		if (!check_id_error(ctx, X509_V_ERR_HOSTNAME_MISMATCH))
 			return 0;
 		}
-	if (id->email && !X509_check_email(x, id->email, id->emaillen, 0))
+	if (id->email && X509_check_email(x, id->email, id->emaillen, 0) <= 0)
 		{
 		if (!check_id_error(ctx, X509_V_ERR_EMAIL_MISMATCH))
 			return 0;
 		}
-	if (id->ip && !X509_check_ip(x, id->ip, id->iplen, 0))
+	if (id->ip && X509_check_ip(x, id->ip, id->iplen, 0) <= 0)
 		{
 		if (!check_id_error(ctx, X509_V_ERR_IP_ADDRESS_MISMATCH))
 			return 0;