Hi there openssl experts,
It appears as though callers expect param_cmp to return 1 on success
and zero otherwise. strcmp returns zero if the two strings match.
See patch below in between the lines with 60 "-" character.
------------------------------------------------------------
--- crypto/x509/x509_vpm.c.orig 2015-07-09 07:57:15.000000000 -0400
+++ crypto/x509/x509_vpm.c 2015-09-21 14:58:52.191117000 -0400
@@ -591,7 +591,7 @@
static int param_cmp(const X509_VERIFY_PARAM *const *a,
const X509_VERIFY_PARAM *const *b)
{
- return strcmp((*a)->name, (*b)->name);
+ return (0 == strcmp((*a)->name, (*b)->name));
}
int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param)
------------------------------------------------------------
Hi there FreeBSDers,
I've added this locally as files/patch-crypto_x509_x509_vpm.c in
/usr/ports/security/openssl. Please pick this up as a patch file in
the security/openssl port until fixed in openssl.
btw- I cc'd freebsd-ports in case anyone else runs into this and Cc'd
the port maintainer in case he doesn't read every message on that list
(very likely if he has a life and/or a job).
Curtis
_______________________________________________
freebsd-ports@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
