Commit 7486fb65 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Updates from stable branch.

parent 5786b6c9

crypto/asn1/asn_mime.c

+2 −0
Original line number Diff line number Diff line
@@ -526,6 +526,8 @@ int SMIME_text(BIO *in, BIO *out) 
	sk_MIME_HEADER_pop_free(headers, mime_hdr_free);

	while ((len = BIO_read(in, iobuf, sizeof(iobuf))) > 0)

						BIO_write(out, iobuf, len);

	if (len < 0)

		return 0;

	return 1;

}

crypto/asn1/t_x509.c

+6 −5
Original line number Diff line number Diff line
@@ -393,7 +393,8 @@ int ASN1_GENERALIZEDTIME_print(BIO *bp, ASN1_GENERALIZEDTIME *tm) 
	d= (v[6]-'0')*10+(v[7]-'0');

	h= (v[8]-'0')*10+(v[9]-'0');

	m=  (v[10]-'0')*10+(v[11]-'0');

	if (	(v[12] >= '0') && (v[12] <= '9') &&

	if (i >= 14 &&

	    (v[12] >= '0') && (v[12] <= '9') &&

	    (v[13] >= '0') && (v[13] <= '9'))

		s=  (v[12]-'0')*10+(v[13]-'0');
@@ -428,7 +429,8 @@ int ASN1_UTCTIME_print(BIO *bp, ASN1_UTCTIME *tm) 
	d= (v[4]-'0')*10+(v[5]-'0');

	h= (v[6]-'0')*10+(v[7]-'0');

	m=  (v[8]-'0')*10+(v[9]-'0');

	if (	(v[10] >= '0') && (v[10] <= '9') &&

	if (i >=12 &&

	    (v[10] >= '0') && (v[10] <= '9') &&

	    (v[11] >= '0') && (v[11] <= '9'))

		s=  (v[10]-'0')*10+(v[11]-'0');
@@ -501,4 +503,3 @@ err: 
	OPENSSL_free(b);

	return(ret);

	}

crypto/cms/cms_smime.c

+4 −2
Original line number Diff line number Diff line
@@ -89,11 +89,13 @@ static int cms_copy_content(BIO *out, BIO *in, unsigned int flags) 
				if (!BIO_get_cipher_status(in))

					goto err;

				}

			if (i < 0)

				goto err;

			break;

			}

				

		if (tmpout)

			BIO_write(tmpout, buf, i);

		if (tmpout && (BIO_write(tmpout, buf, i) != i))

			goto err;

	}



	if(flags & CMS_TEXT)

crypto/x509/x509_vfy.c

+8 −4
Original line number Diff line number Diff line
@@ -394,7 +394,7 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) 
#ifdef OPENSSL_NO_CHAIN_VERIFY

	return 1;

#else

	int i, ok=0, must_be_ca;

	int i, ok=0, must_be_ca, plen = 0;

	X509 *x;

	int (*cb)(int xok,X509_STORE_CTX *xctx);

	int proxy_path_length = 0;
@@ -495,9 +495,10 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) 
				if (!ok) goto end;

				}

			}

		/* Check pathlen */

		if ((i > 1) && (x->ex_pathlen != -1)

			   && (i > (x->ex_pathlen + proxy_path_length + 1)))

		/* Check pathlen if not self issued */

		if ((i > 1) && !(x->ex_flags & EXFLAG_SI)

			   && (x->ex_pathlen != -1)

			   && (plen > (x->ex_pathlen + proxy_path_length + 1)))

			{

			ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED;

			ctx->error_depth = i;
@@ -505,6 +506,9 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) 
			ok=cb(0,ctx);

			if (!ok) goto end;

			}

		/* Increment path length if not self issued */

		if (!(x->ex_flags & EXFLAG_SI))

			plen++;

		/* If this certificate is a proxy certificate, the next

		   certificate must be another proxy certificate or a EE

		   certificate.  If not, the next certificate must be a

crypto/x509v3/pcy_data.c

+8 −0
Original line number Diff line number Diff line
@@ -87,6 +87,12 @@ X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, ASN1_OBJECT *id, int crit) 
	X509_POLICY_DATA *ret;

	if (!policy && !id)

		return NULL;

	if (id)

		{

		id = OBJ_dup(id);

		if (!id)

			return NULL;

		}

	ret = OPENSSL_malloc(sizeof(X509_POLICY_DATA));

	if (!ret)

		return NULL;
@@ -94,6 +100,8 @@ X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, ASN1_OBJECT *id, int crit) 
	if (!ret->expected_policy_set)

		{

		OPENSSL_free(ret);

		if (id)

			ASN1_OBJECT_free(id);

		return NULL;

		}