Loading CHANGES +5 −1 Original line number Diff line number Diff line Loading @@ -727,7 +727,11 @@ *) Change 'Configure' script to enable Camellia by default. [NTT] Changes between 0.9.8i and 0.9.8j [xx XXX xxxx] Changes between 0.9.8i and 0.9.8j [07 Jan 2009] *) Properly check EVP_VerifyFinal() and similar return values (CVE-2008-5077). [Ben Laurie, Bodo Moeller, Google Security Team] *) Allow the CHIL engine to be loaded, whether the application is multithreaded or not. (This does not release the developer from the Loading apps/speed.c +1 −1 Original line number Diff line number Diff line Loading @@ -1994,7 +1994,7 @@ int MAIN(int argc, char **argv) { ret=RSA_verify(NID_md5_sha1, buf,36, buf2, rsa_num, rsa_key[j]); if (ret == 0) if (ret <= 0) { BIO_printf(bio_err, "RSA verify failure\n"); Loading apps/spkac.c +1 −1 Original line number Diff line number Diff line Loading @@ -285,7 +285,7 @@ bad: pkey = NETSCAPE_SPKI_get_pubkey(spki); if(verify) { i = NETSCAPE_SPKI_verify(spki, pkey); if(i) BIO_printf(bio_err, "Signature OK\n"); if (i > 0) BIO_printf(bio_err, "Signature OK\n"); else { BIO_printf(bio_err, "Signature Failure\n"); ERR_print_errors(bio_err); Loading apps/verify.c +1 −2 Original line number Diff line number Diff line Loading @@ -266,7 +266,7 @@ static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, STACK_OF(X ret=0; end: if (i) if (i > 0) { fprintf(stdout,"OK\n"); ret=1; Loading Loading @@ -367,4 +367,3 @@ static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx) ERR_clear_error(); return(ok); } apps/x509.c +1 −1 Original line number Diff line number Diff line Loading @@ -1130,7 +1130,7 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest, /* NOTE: this certificate can/should be self signed, unless it was * a certificate request in which case it is not. */ X509_STORE_CTX_set_cert(&xsc,x); if (!reqfile && !X509_verify_cert(&xsc)) if (!reqfile && X509_verify_cert(&xsc) <= 0) goto end; if (!X509_check_private_key(xca,pkey)) Loading Loading
CHANGES +5 −1 Original line number Diff line number Diff line Loading @@ -727,7 +727,11 @@ *) Change 'Configure' script to enable Camellia by default. [NTT] Changes between 0.9.8i and 0.9.8j [xx XXX xxxx] Changes between 0.9.8i and 0.9.8j [07 Jan 2009] *) Properly check EVP_VerifyFinal() and similar return values (CVE-2008-5077). [Ben Laurie, Bodo Moeller, Google Security Team] *) Allow the CHIL engine to be loaded, whether the application is multithreaded or not. (This does not release the developer from the Loading
apps/speed.c +1 −1 Original line number Diff line number Diff line Loading @@ -1994,7 +1994,7 @@ int MAIN(int argc, char **argv) { ret=RSA_verify(NID_md5_sha1, buf,36, buf2, rsa_num, rsa_key[j]); if (ret == 0) if (ret <= 0) { BIO_printf(bio_err, "RSA verify failure\n"); Loading
apps/spkac.c +1 −1 Original line number Diff line number Diff line Loading @@ -285,7 +285,7 @@ bad: pkey = NETSCAPE_SPKI_get_pubkey(spki); if(verify) { i = NETSCAPE_SPKI_verify(spki, pkey); if(i) BIO_printf(bio_err, "Signature OK\n"); if (i > 0) BIO_printf(bio_err, "Signature OK\n"); else { BIO_printf(bio_err, "Signature Failure\n"); ERR_print_errors(bio_err); Loading
apps/verify.c +1 −2 Original line number Diff line number Diff line Loading @@ -266,7 +266,7 @@ static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, STACK_OF(X ret=0; end: if (i) if (i > 0) { fprintf(stdout,"OK\n"); ret=1; Loading Loading @@ -367,4 +367,3 @@ static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx) ERR_clear_error(); return(ok); }
apps/x509.c +1 −1 Original line number Diff line number Diff line Loading @@ -1130,7 +1130,7 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest, /* NOTE: this certificate can/should be self signed, unless it was * a certificate request in which case it is not. */ X509_STORE_CTX_set_cert(&xsc,x); if (!reqfile && !X509_verify_cert(&xsc)) if (!reqfile && X509_verify_cert(&xsc) <= 0) goto end; if (!X509_check_private_key(xca,pkey)) Loading
