[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-tech
Subject:    Re: "openssl smime -sign" broken
From:       Joel Sing <joel () sing ! id ! au>
Date:       2014-06-29 15:57:08
Message-ID: 201406300157.11444.joel () sing ! id ! au
[Download RAW message or body]

On Mon, 30 Jun 2014, Joel Sing wrote:
> On Sun, 29 Jun 2014, Stuart Henderson wrote:
> > Does anyone have ideas about this before I start digging to find when
> > it got broken?
>
> Still digging, but it looks like it will be caused by
> crypto/pkcs7/pk7_doit.c. r1.20...

The following diff resolves the issue:

Index: pk7_doit.c
===================================================================
RCS file: /cvs/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c,v
retrieving revision 1.22
diff -u -p -r1.22 pk7_doit.c
--- pk7_doit.c	12 Jun 2014 15:49:30 -0000	1.22
+++ pk7_doit.c	29 Jun 2014 15:56:29 -0000
@@ -787,7 +787,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
 	case NID_pkcs7_signed:
 		si_sk=p7->d.sign->signer_info;
 		os=PKCS7_get_octet_string(p7->d.sign->contents);
-		if (os == NULL) {
+		if (os == NULL && !PKCS7_is_detached(p7)) {
 			PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_DECODE_ERROR);
 	        	goto err;
 		}
-- 

    "Action without study is fatal. Study without action is futile."
        -- Mary Ritter Beard

[prev in list] [next in list] [prev in thread] [next in thread]