CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2021/11/10 02:00:21
Modified files:
lib/libcrypto/x509: by_file.c
Log message:
Merge two bug fixes from the OpenSSL 1.1.1 branch, which is still
under a free license:
1. If the three X509_load_*(3) functions are called with a NULL
file argument, do not return 1 to the caller because the return
value 1 means "i loaded one certificate or CRL into the store".
2. When calling PEM load functions, do not ask the user for a
password in an interactive manner.
This includes parts of the following commits:
commit c0452248ea1a59a41023a4765ef7d9825e80a62b
Author: Rich Salz <[email protected]>
Date: Thu Apr 20 15:33:42 2017 -0400
Message: [...] Remove NULL checks and allow a segv to occur. [...]
commit db854bb14a7010712cfc02861731399b1b587474
Author: Bernd Edlinger <[email protected]>
Date: Mon Aug 7 18:02:53 2017 +0200
Message: Avoid surpising password dialog in X509 file lookup.
OK tb@
