[Pkg-openssl-devel] Bug#397151: logic error in X509 policy checking
Kurt Roeckx
kurt at roeckx.be
Tue Nov 7 23:14:47 CET 2006
tags 397151 + upstream fixed-upstream
thanks
Hi,
It seems upstream already fixed this in HEAD/0.9.9:
revision 1.4.2.2
date: 2006-10-05 21:59:09 +0000; author: steve; state: Exp; lines: +1 -1; commitid: cdh3g8PgODGPJxPr;
Typo.
diff -u -r1.4.2.1 -r1.4.2.2
--- crypto/x509v3/pcy_tree.c 8 Feb 2006 19:16:26 -0000 1.4.2.1
+++ crypto/x509v3/pcy_tree.c 5 Oct 2006 21:59:09 -0000 1.4.2.2
@@ -197,7 +197,7 @@
/* Any matching allowed if certificate is self
* issued and not the last in the chain.
*/
- if (!(x->ex_flags && EXFLAG_SS) || (i == 0))
+ if (!(x->ex_flags & EXFLAG_SS) || (i == 0))
level->flags |= X509_V_FLAG_INHIBIT_ANY;
}
else
Kurt
More information about the Pkg-openssl-devel
mailing list