Workaround for OpenSSL CMS problem: pass NULL cert list to CMS_sign(),

call CMS_add1_cert() directly. svn path=/pow/POW-0.7/POW.c; revision=1673
author: Rob Austein <sra@hactrn.net> 2008-04-18 06:12:13 +0000
committer: Rob Austein <sra@hactrn.net> 2008-04-18 06:12:13 +0000
commit: b3307486817d264fc04af1e6989b2f486ad6a2c6 (patch)
tree: 75fb558a37d09cb89adf2b4e8c25f3786aafff8f
parent: dd8fadfbe3a8d10f91e399e658641b7236601f73 (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/pow/POW-0.7/POW.c b/pow/POW-0.7/POW.c
index 1e56bac7..cbe4f8a1 100644
--- a/pow/POW-0.7/POW.c
+++ b/pow/POW-0.7/POW.c
@@ -6747,7 +6747,7 @@ CMS_object_sign(cms_object *self, PyObject *args)
    STACK_OF(X509) *x509_stack = NULL;
    EVP_PKEY *pkey = NULL;
    char *buf = NULL, *oid = NULL;
-   int len, flags = CMS_BINARY | CMS_NOSMIMECAP | CMS_PARTIAL;
+   int i, len, flags = CMS_BINARY | CMS_NOSMIMECAP | CMS_PARTIAL;
    BIO *bio = NULL;
    CMS_ContentInfo *cms = NULL;
    ASN1_OBJECT *econtent_type = NULL;
@@ -6782,9 +6782,13 @@ CMS_object_sign(cms_object *self, PyObject *args)
    if ( no_certs == Py_True )
       flags |= CMS_NOCERTS;
 
-   if ( !(cms = CMS_sign(NULL, NULL, x509_stack, bio, flags)))
+   if ( !(cms = CMS_sign(NULL, NULL, NULL, bio, flags)))
       { set_openssl_pyerror( "could not create CMS message" ); goto error; }
 
+   for ( i = 0; i < sk_X509_num(x509_stack); i++ )
+      if ( !CMS_add1_cert(cms, sk_X509_value(x509_stack, i)))
+	 { set_openssl_pyerror( "could not add cert to CMS message" ); goto error; }
+
    if (econtent_type)
       CMS_set1_eContentType(cms, econtent_type);
author	Rob Austein <sra@hactrn.net>	2008-04-18 06:12:13 +0000
committer	Rob Austein <sra@hactrn.net>	2008-04-18 06:12:13 +0000
commit	b3307486817d264fc04af1e6989b2f486ad6a2c6 (patch)
tree	75fb558a37d09cb89adf2b4e8c25f3786aafff8f
parent	dd8fadfbe3a8d10f91e399e658641b7236601f73 (diff)