Skip to content

Commit 80f4b85

Browse files
headiusheadius
committedNov 2, 2017
Try to compare certs before replacement.
1 parent affc285 commit 80f4b85

File tree

1 file changed

+8
-4
lines changed

1 file changed

+8
-4
lines changed
 

Diff for: ‎src/main/java/org/jruby/ext/openssl/x509store/StoreContext.java

+8-4
Original file line numberDiff line numberDiff line change
@@ -674,10 +674,14 @@ public int verifyCertificate() throws Exception {
674674
int ok = getBySubject(X509Utils.X509_LU_X509, new Name(principal), objTmp);
675675
if (ok == X509Utils.X509_LU_X509) {
676676
// replace old with new and clear rest of untrusted
677-
iter.set(((Certificate) objTmp[0]).x509);
678-
while (iter.hasNext()) {
679-
iter.next();
680-
iter.remove();
677+
Certificate certificate = (Certificate) objTmp[0];
678+
if (certificate.x509.equals(skCert)) {
679+
iter.set(certificate.x509);
680+
while (iter.hasNext()) {
681+
iter.next();
682+
iter.remove();
683+
}
684+
break;
681685
}
682686
}
683687
}

0 commit comments

Comments
 (0)
Please sign in to comment.