diff options
| -rw-r--r-- | src/lib/libcrypto/cms/cms_smime.c | 7 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/cms/cms_smime.c | 7 |
2 files changed, 8 insertions, 6 deletions
diff --git a/src/lib/libcrypto/cms/cms_smime.c b/src/lib/libcrypto/cms/cms_smime.c index 4f80561e5d..712f08c32f 100644 --- a/src/lib/libcrypto/cms/cms_smime.c +++ b/src/lib/libcrypto/cms/cms_smime.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: cms_smime.c,v 1.11 2014/07/11 08:44:48 jsing Exp $ */ | 1 | /* $OpenBSD: cms_smime.c,v 1.12 2014/07/11 12:12:39 miod Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| @@ -586,7 +586,7 @@ CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert) | |||
| 586 | STACK_OF(CMS_RecipientInfo) *ris; | 586 | STACK_OF(CMS_RecipientInfo) *ris; |
| 587 | CMS_RecipientInfo *ri; | 587 | CMS_RecipientInfo *ri; |
| 588 | int i, r; | 588 | int i, r; |
| 589 | int debug = 0; | 589 | int debug = 0, match_ri = 0; |
| 590 | 590 | ||
| 591 | ris = CMS_get0_RecipientInfos(cms); | 591 | ris = CMS_get0_RecipientInfos(cms); |
| 592 | if (ris) | 592 | if (ris) |
| @@ -595,6 +595,7 @@ CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert) | |||
| 595 | ri = sk_CMS_RecipientInfo_value(ris, i); | 595 | ri = sk_CMS_RecipientInfo_value(ris, i); |
| 596 | if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_TRANS) | 596 | if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_TRANS) |
| 597 | continue; | 597 | continue; |
| 598 | match_ri = 1; | ||
| 598 | /* If we have a cert try matching RecipientInfo | 599 | /* If we have a cert try matching RecipientInfo |
| 599 | * otherwise try them all. | 600 | * otherwise try them all. |
| 600 | */ | 601 | */ |
| @@ -627,7 +628,7 @@ CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert) | |||
| 627 | } | 628 | } |
| 628 | } | 629 | } |
| 629 | /* If no cert and not debugging always return success */ | 630 | /* If no cert and not debugging always return success */ |
| 630 | if (!cert && !debug) { | 631 | if (match_ri && !cert && !debug) { |
| 631 | ERR_clear_error(); | 632 | ERR_clear_error(); |
| 632 | return 1; | 633 | return 1; |
| 633 | } | 634 | } |
diff --git a/src/lib/libssl/src/crypto/cms/cms_smime.c b/src/lib/libssl/src/crypto/cms/cms_smime.c index 4f80561e5d..712f08c32f 100644 --- a/src/lib/libssl/src/crypto/cms/cms_smime.c +++ b/src/lib/libssl/src/crypto/cms/cms_smime.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: cms_smime.c,v 1.11 2014/07/11 08:44:48 jsing Exp $ */ | 1 | /* $OpenBSD: cms_smime.c,v 1.12 2014/07/11 12:12:39 miod Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| @@ -586,7 +586,7 @@ CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert) | |||
| 586 | STACK_OF(CMS_RecipientInfo) *ris; | 586 | STACK_OF(CMS_RecipientInfo) *ris; |
| 587 | CMS_RecipientInfo *ri; | 587 | CMS_RecipientInfo *ri; |
| 588 | int i, r; | 588 | int i, r; |
| 589 | int debug = 0; | 589 | int debug = 0, match_ri = 0; |
| 590 | 590 | ||
| 591 | ris = CMS_get0_RecipientInfos(cms); | 591 | ris = CMS_get0_RecipientInfos(cms); |
| 592 | if (ris) | 592 | if (ris) |
| @@ -595,6 +595,7 @@ CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert) | |||
| 595 | ri = sk_CMS_RecipientInfo_value(ris, i); | 595 | ri = sk_CMS_RecipientInfo_value(ris, i); |
| 596 | if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_TRANS) | 596 | if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_TRANS) |
| 597 | continue; | 597 | continue; |
| 598 | match_ri = 1; | ||
| 598 | /* If we have a cert try matching RecipientInfo | 599 | /* If we have a cert try matching RecipientInfo |
| 599 | * otherwise try them all. | 600 | * otherwise try them all. |
| 600 | */ | 601 | */ |
| @@ -627,7 +628,7 @@ CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert) | |||
| 627 | } | 628 | } |
| 628 | } | 629 | } |
| 629 | /* If no cert and not debugging always return success */ | 630 | /* If no cert and not debugging always return success */ |
| 630 | if (!cert && !debug) { | 631 | if (match_ri && !cert && !debug) { |
| 631 | ERR_clear_error(); | 632 | ERR_clear_error(); |
| 632 | return 1; | 633 | return 1; |
| 633 | } | 634 | } |