Missing Error Check in function SSL_CTX_use_PrivateKey()

[lc3412]

Function SSL_CTX_use_PrivateKey() returns 1 on success. Otherwise need to check out the error stack to find out the reason. However , the return value of function SSL_CTX_use_PrivateKey() is not checked on line 770. See the following code:

line: 770

sslsplit/pxyconn.c

Lines 770 to 775 in 19a16bd

	SSL_CTX_use_PrivateKey(sslctx, key);
	for (int i = 0; i < sk_X509_num(chain); i++) {
	X509 *c = sk_X509_value(chain, i);
	ssl_x509_refcount_inc(c); /* next call consumes a reference */
	SSL_CTX_add_extra_chain_cert(sslctx, c);
	}

=================================================================================

We find the return value of this call been checked in the same file
Such as,
line: 1150

sslsplit/pxyconn.c

Lines 1150 to 1151 in 19a16bd

	if (!SSL_CTX_use_PrivateKey(sslctx, ctx->opts->clientkey))
	log_dbg_printf("loading client key failed");

Chi Li, Zuxing Gu, Jiecheng Wu

[droe]

Thank you for reporting this issue.