From: Dr. Stephen Henson <steve@openssl.org>
Date: Thu, 2 May 2013 11:18:46 +0000 (+0100)
Subject: Reencode certificates in X509_sign_ctx.
X-Git-Tag: OpenSSL_1_0_2-beta1~390
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=8659dc73f4186d18feda71ec17e3fe705c604738;ds=sidebyside

Reencode certificates in X509_sign_ctx.

Reencode certificates in X509_sign_ctx as well as X509_sign.

This was causing a problem in the x509 application when it modified an
existing certificate.
(cherry picked from commit c6d8adb8a45186617e0a8e2c09469bd164b92b31)
---

diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c
index bb64c34f50..51d23f7d62 100644
--- a/crypto/x509/x_all.c
+++ b/crypto/x509/x_all.c
@@ -98,6 +98,7 @@ int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
 
 int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx)
 	{
+	x->cert_info->enc.modified = 1;
 	return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CINF),
 		x->cert_info->signature,
 		x->sig_alg, x->signature, x->cert_info, ctx);