From da4034c084e35db0f8c561294d6b99b21f3770bf Mon Sep 17 00:00:00 2001
From: tb <>
Date: Fri, 10 Apr 2020 07:05:24 +0000
Subject: When printing the serialNumber, fall back to the colon separated hex
 bytes in case ASN1_INTEGER_get() failed. This happens more often since
 asn1/a_int.c -r1.34. Matches OpenSSL behavior.

Issue in openssl x509 -text output reported by sthen

ok jsing sthen
---
 src/lib/libcrypto/asn1/t_x509.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libcrypto/asn1/t_x509.c b/src/lib/libcrypto/asn1/t_x509.c
index e287a6cf6a..73a0491c00 100644
--- a/src/lib/libcrypto/asn1/t_x509.c
+++ b/src/lib/libcrypto/asn1/t_x509.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t_x509.c,v 1.31 2018/05/18 18:23:24 tb Exp $ */
+/* $OpenBSD: t_x509.c,v 1.32 2020/04/10 07:05:24 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -145,8 +145,10 @@ X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
 			goto err;
 
 		bs = X509_get_serialNumber(x);
-		if (bs->length <= (int)sizeof(long)) {
+		l = -1;
+		if (bs->length <= (int)sizeof(long))
 			l = ASN1_INTEGER_get(bs);
+		if (l != -1) {
 			if (bs->type == V_ASN1_NEG_INTEGER) {
 				l = -l;
 				neg = "-";
-- 
cgit v1.2.3-55-g6feb