From c35453897494d2b488961f7a446b4df8e24c6f31 Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Sun, 15 Jun 2014 22:21:10 +0200 Subject: Update OpenSSL to 1.0.1h --- main/openssl/crypto/cms/cms_env.c | 2 ++ main/openssl/crypto/cms/cms_sd.c | 4 ++-- main/openssl/crypto/cms/cms_smime.c | 5 +++-- 3 files changed, 7 insertions(+), 4 deletions(-) (limited to 'main/openssl/crypto/cms') diff --git a/main/openssl/crypto/cms/cms_env.c b/main/openssl/crypto/cms/cms_env.c index be20b1c0..add00bf9 100644 --- a/main/openssl/crypto/cms/cms_env.c +++ b/main/openssl/crypto/cms/cms_env.c @@ -185,6 +185,8 @@ CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms, if (flags & CMS_USE_KEYID) { ktri->version = 2; + if (env->version < 2) + env->version = 2; type = CMS_RECIPINFO_KEYIDENTIFIER; } else diff --git a/main/openssl/crypto/cms/cms_sd.c b/main/openssl/crypto/cms/cms_sd.c index 77fbd135..51dd33a1 100644 --- a/main/openssl/crypto/cms/cms_sd.c +++ b/main/openssl/crypto/cms/cms_sd.c @@ -158,8 +158,8 @@ static void cms_sd_set_version(CMS_SignedData *sd) if (sd->version < 3) sd->version = 3; } - else - sd->version = 1; + else if (si->version < 1) + si->version = 1; } if (sd->version < 1) diff --git a/main/openssl/crypto/cms/cms_smime.c b/main/openssl/crypto/cms/cms_smime.c index 8c56e3a8..1af9f3a6 100644 --- a/main/openssl/crypto/cms/cms_smime.c +++ b/main/openssl/crypto/cms/cms_smime.c @@ -611,7 +611,7 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert) STACK_OF(CMS_RecipientInfo) *ris; CMS_RecipientInfo *ri; int i, r; - int debug = 0; + int debug = 0, ri_match = 0; ris = CMS_get0_RecipientInfos(cms); if (ris) debug = cms->d.envelopedData->encryptedContentInfo->debug; @@ -620,6 +620,7 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert) ri = sk_CMS_RecipientInfo_value(ris, i); if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_TRANS) continue; + ri_match = 1; /* If we have a cert try matching RecipientInfo * otherwise try them all. */ @@ -655,7 +656,7 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert) } } /* If no cert and not debugging always return success */ - if (!cert && !debug) + if (ri_match && !cert && !debug) { ERR_clear_error(); return 1; -- cgit v1.2.3