Fix bug in copy_email() which would not
authorDr. Stephen Henson <steve@openssl.org>
Thu, 1 Mar 2001 13:32:11 +0000 (13:32 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 1 Mar 2001 13:32:11 +0000 (13:32 +0000)
find emailAddress at start of subject name.

CHANGES
crypto/x509v3/v3_alt.c

diff --git a/CHANGES b/CHANGES
index 753853c..3c45bc7 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,10 @@
 
  Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
 
+  *) In copy_email() check for >= 0 as a return value for
+     X509_NAME_get_index_by_NID() since 0 is a valid index.
+     [Steve Henson reported by Massimiliano Pala <madwolf@opensca.org>]
+
   *) In BN_div() keep a copy of the sign of 'num' before writing the
      result to 'rm' because if rm==num the value will be overwritten
      and produce the wrong result if 'num' is negative: this caused
index f7dabc4..0fc5c1f 100644 (file)
@@ -318,7 +318,7 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens)
        /* Now add any email address(es) to STACK */
        i = -1;
        while((i = X509_NAME_get_index_by_NID(nm,
-                                        NID_pkcs9_emailAddress, i)) > 0) {
+                                        NID_pkcs9_emailAddress, i)) >= 0) {
                ne = X509_NAME_get_entry(nm, i);
                email = M_ASN1_IA5STRING_dup(X509_NAME_ENTRY_get_data(ne));
                if(!email || !(gen = GENERAL_NAME_new())) {