diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/pkcs7/pk7_smime.c | 11 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/pkcs7/pk7_smime.c | 11 |
2 files changed, 10 insertions, 12 deletions
diff --git a/src/lib/libcrypto/pkcs7/pk7_smime.c b/src/lib/libcrypto/pkcs7/pk7_smime.c index 576866f5c2..1c00e5914a 100644 --- a/src/lib/libcrypto/pkcs7/pk7_smime.c +++ b/src/lib/libcrypto/pkcs7/pk7_smime.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: pk7_smime.c,v 1.19 2014/11/09 19:17:13 miod Exp $ */ | 1 | /* $OpenBSD: pk7_smime.c,v 1.20 2015/02/07 14:21:41 doug Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| @@ -287,17 +287,16 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 287 | PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_CONTENT); | 287 | PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_CONTENT); |
| 288 | return 0; | 288 | return 0; |
| 289 | } | 289 | } |
| 290 | #if 0 | ||
| 291 | /* NB: this test commented out because some versions of Netscape | ||
| 292 | * illegally include zero length content when signing data. | ||
| 293 | */ | ||
| 294 | 290 | ||
| 291 | /* | ||
| 292 | * Very old Netscape illegally included empty content with | ||
| 293 | * a detached signature. Very old users should upgrade. | ||
| 294 | */ | ||
| 295 | /* Check for data and content: two sets of data */ | 295 | /* Check for data and content: two sets of data */ |
| 296 | if (!PKCS7_get_detached(p7) && indata) { | 296 | if (!PKCS7_get_detached(p7) && indata) { |
| 297 | PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_CONTENT_AND_DATA_PRESENT); | 297 | PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_CONTENT_AND_DATA_PRESENT); |
| 298 | return 0; | 298 | return 0; |
| 299 | } | 299 | } |
| 300 | #endif | ||
| 301 | 300 | ||
| 302 | sinfos = PKCS7_get_signer_info(p7); | 301 | sinfos = PKCS7_get_signer_info(p7); |
| 303 | 302 | ||
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c b/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c index 576866f5c2..1c00e5914a 100644 --- a/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c +++ b/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: pk7_smime.c,v 1.19 2014/11/09 19:17:13 miod Exp $ */ | 1 | /* $OpenBSD: pk7_smime.c,v 1.20 2015/02/07 14:21:41 doug Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| @@ -287,17 +287,16 @@ PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, | |||
| 287 | PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_CONTENT); | 287 | PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_CONTENT); |
| 288 | return 0; | 288 | return 0; |
| 289 | } | 289 | } |
| 290 | #if 0 | ||
| 291 | /* NB: this test commented out because some versions of Netscape | ||
| 292 | * illegally include zero length content when signing data. | ||
| 293 | */ | ||
| 294 | 290 | ||
| 291 | /* | ||
| 292 | * Very old Netscape illegally included empty content with | ||
| 293 | * a detached signature. Very old users should upgrade. | ||
| 294 | */ | ||
| 295 | /* Check for data and content: two sets of data */ | 295 | /* Check for data and content: two sets of data */ |
| 296 | if (!PKCS7_get_detached(p7) && indata) { | 296 | if (!PKCS7_get_detached(p7) && indata) { |
| 297 | PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_CONTENT_AND_DATA_PRESENT); | 297 | PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_CONTENT_AND_DATA_PRESENT); |
| 298 | return 0; | 298 | return 0; |
| 299 | } | 299 | } |
| 300 | #endif | ||
| 301 | 300 | ||
| 302 | sinfos = PKCS7_get_signer_info(p7); | 301 | sinfos = PKCS7_get_signer_info(p7); |
| 303 | 302 | ||