40 lines
1.1 KiB
Plaintext
40 lines
1.1 KiB
Plaintext
$OpenBSD: patch-source_helpers_pkcs7_pkcs7-openssl_c,v 1.4 2020/06/13 15:53:36 sthen Exp $
|
|
|
|
- add default_paths to STORE for checking signatures (aka /etc/ssl/cert.pem)
|
|
- avoid OpenSSL 1.1.0 methods
|
|
|
|
XXX source/helpers/pkcs7/pkcs7-openssl.c:194:39: warning: incompatible pointer types
|
|
(but should be harmless)
|
|
|
|
Index: source/helpers/pkcs7/pkcs7-openssl.c
|
|
--- source/helpers/pkcs7/pkcs7-openssl.c.orig
|
|
+++ source/helpers/pkcs7/pkcs7-openssl.c
|
|
@@ -492,6 +492,9 @@ check_certificate(fz_context *ctx, pdf_pkcs7_verifier
|
|
}
|
|
}
|
|
|
|
+ /* Add default paths */
|
|
+ X509_STORE_set_default_paths(st);
|
|
+
|
|
res = pk7_verify_cert(st, pk7sig);
|
|
|
|
exit:
|
|
@@ -533,7 +536,7 @@ static void add_from_bag(X509 **pX509, EVP_PKEY **pPke
|
|
{
|
|
case NID_keyBag:
|
|
{
|
|
- const PKCS8_PRIV_KEY_INFO *p8 = PKCS12_SAFEBAG_get0_p8inf(bag);
|
|
+ const PKCS8_PRIV_KEY_INFO *p8 = bag->value.keybag;
|
|
pkey = EVP_PKCS82PKEY(p8);
|
|
}
|
|
break;
|
|
@@ -555,7 +558,7 @@ static void add_from_bag(X509 **pX509, EVP_PKEY **pPke
|
|
break;
|
|
|
|
case NID_safeContentsBag:
|
|
- add_from_bags(pX509, pPkey, PKCS12_SAFEBAG_get0_safes(bag), pw);
|
|
+ add_from_bags(pX509, pPkey, bag->value.safes, pw);
|
|
break;
|
|
}
|
|
|