Remove pointless MD5 hash.
authorBen Laurie <ben@openssl.org>
Sun, 17 Jan 1999 14:14:41 +0000 (14:14 +0000)
committerBen Laurie <ben@openssl.org>
Sun, 17 Jan 1999 14:14:41 +0000 (14:14 +0000)
Contributed by: Anonymous <nobody@replay.com>

CHANGES
apps/ca.c

diff --git a/CHANGES b/CHANGES
index c3f7f18..d117eb6 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,9 @@
 
  Changes between 0.9.1c and 0.9.2
 
+  *) Remove pointless MD5 hash when using DSA keys in ca.
+     [Anonymous <nobody@replay.com>]
+
   *) Generate an error if given an empty string as a cert directory. Also
      generate an error if handed NULL (previously returned 0 to indicate an
      error, but didn't set one).
index 7a14285..1ea90aa 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1023,11 +1023,15 @@ bad:
                                }
                        }
                else
-                       dgst=EVP_md5();
+                   {
 #ifndef NO_DSA
-               if (pkey->type == EVP_PKEY_DSA) 
-                   dgst = EVP_dss1() ;
+                   if (pkey->type == EVP_PKEY_DSA) 
+                       dgst=EVP_dss1();
+                   else
 #endif
+                       dgst=EVP_md5();
+                   }
+
                if (!X509_CRL_sign(crl,pkey,dgst)) goto err;
 
                PEM_write_bio_X509_CRL(Sout,crl);