OpenSSL 1.0.1f 6 Jan 2014 built on: Tue Jan 21 21:28:48 2014 platform: VC-WIN32 options: bn(64,32) rc4(8x,mmx) des(idx,cisc,2,long) idea(int) blowfish(idx) compiler: cl /MDd /Od -DDEBUG -D_DEBUG -DOPENSSL_THREADS -DDSO_WIN32 -W3 -WX -Gs0 -GF -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DOPENSSL_USE_APPLINK -I. -DOPENSSL_NO_RC5 -DOPENSSL_NO_MD2 -DOPENSSL_NO_KRB5 -DOPENSSL_NO_JPAKE -DOPENSSL_NO_STATIC_ENGINE OPENSSLDIR: "C:\openssl-vc-32-dbg/ssl"
OS: Windows 7 CC: Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 16.00.40219.01 for 80x86 Problem description: On windows systems, SSL_add_dir_cert_subjects_to_stack() does not work. This problem exists in all releases of 1.0.0, 1.0.1, and 1.0.2. The implementation LP_find_file () incorrectly assumes that the win32 api call FindFirstFile () works the same as opendir. It does not, rather it is more like grep in that it treats the argument as a regular expression. Given a path such as "./certs" in which there are 1 or more *.pem files that are valid certificate files, LP_find_file () will return a single entry "./certs" which of course is not a valid certificate file. When provided an expression such as "./certs/*", FindFirstFile () and its companion FindNextFile() step through all entries. Since the returned name may be a directory, it is necessary to verify the entry type and skip over directories. Attached is a patch for LPdir_win.c which does just that - first it ensures the supplied directory name is suitable to be searchable, then it skips entries that are directories by recursing. Best regards, Phil -- Phil Mesnier Principal Software Engineer and Partner, http://www.ociweb.com Object Computing, Inc. +01.314.579.0066 x225
ossl.diff
Description: Binary data
