Fix doc example, and fix BIO_find_type().
Fix PKCS7_verify(). It was using 'i' for both the
loop variable and the verify return value.
Changes between 0.9.5a and 0.9.6 [xx XXX 2000]
+ *) Fix bug in PKCS7_verify() which caused an infinite loop
+ if there was more than one signature.
+ [Sven Uszpelkat <su@celocom.de>]
+
*) Major change in util/mkdef.pl to include extra information
about each symbol, as well as presentig variables as well
as functions. This change means that there's n more need
{
int mt,mask;
+ if(!bio) return NULL;
mask=type&0xff;
do {
if (bio->method != NULL)
PKCS7_SIGNER_INFO *si;
X509_STORE_CTX cert_ctx;
char buf[4096];
- int i, j=0;
+ int i, j=0, k;
BIO *p7bio;
BIO *tmpout;
/* Now verify the certificates */
- if (!(flags & PKCS7_NOVERIFY)) for (i = 0; i < sk_X509_num(signers); i++) {
- signer = sk_X509_value (signers, i);
+ if (!(flags & PKCS7_NOVERIFY)) for (k = 0; k < sk_X509_num(signers); k++) {
+ signer = sk_X509_value (signers, k);
if (!(flags & PKCS7_NOCHAIN)) {
X509_STORE_CTX_init(&cert_ctx, store, signer,
p7->d.sign->cert);
next = bio->next_bio;
+=head1 BUGS
+
+BIO_find_type() in OpenSSL 0.9.5a and earlier could not be safely passed a
+NULL pointer for the B<b> argument.
+
=head1 EXAMPLE
Traverse a chain looking for digest BIOs:
BIO *btmp;
btmp = in_bio; /* in_bio is chain to search through */
- for(;;) {
+ do {
btmp = BIO_find_type(btmp, BIO_TYPE_MD);
if(btmp == NULL) break; /* Not found */
/* btmp is a digest BIO, do something with it ...*/
...
btmp = BIO_next(btmp);
- }
+ } while(btmp);
=head1 SEE ALSO
projects / openssl.git / commitdiff