diff options
-rw-r--r-- | CHANGES | 5 | ||||
-rw-r--r-- | crypto/x509/x509_cmp.c | 15 |
2 files changed, 8 insertions, 12 deletions
@@ -3,6 +3,11 @@ Changes between 0.9.6 and 0.9.7 [xx XXX 2000] + *) Use the cached encoding of an X509_NAME structure rather than + copying it. This is apparently the reason for the libsafe "errors" + but the code is actually correct. + [Steve Henson] + *) Disable stdin buffering in load_cert (apps/apps.c) so that no certs are skipped when using openssl x509 multiple times on a single input file, e.g. "(openssl x509 -out cert1; openssl x509 -out cert2) <certs". diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c index 7927155791..1698623171 100644 --- a/crypto/x509/x509_cmp.c +++ b/crypto/x509/x509_cmp.c @@ -199,19 +199,10 @@ unsigned long X509_NAME_hash(X509_NAME *x) { unsigned long ret=0; unsigned char md[16]; - unsigned char str[256],*p,*pp; - int i; - - i=i2d_X509_NAME(x,NULL); - if (i > sizeof(str)) - p=OPENSSL_malloc(i); - else - p=str; - pp=p; - i2d_X509_NAME(x,&pp); - MD5((unsigned char *)p,i,&(md[0])); - if (p != str) OPENSSL_free(p); + /* Make sure X509_NAME structure contains valid cached encoding */ + i2d_X509_NAME(x,NULL); + EVP_Digest(x->bytes->data, x->bytes->length, md, NULL, EVP_md5()); ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) |