From 2176e0cd52d68263d3d2ff39461442b734360fe1 Mon Sep 17 00:00:00 2001 From: simon Date: Thu, 1 Apr 2010 15:19:51 +0000 Subject: Merge OpenSSL 0.9.8n into head. This fixes CVE-2010-0740 which only affected -CURRENT (OpenSSL 0.9.8m) but not -STABLE branches. I have not yet been able to find out if CVE-2010-0433 impacts FreeBSD. This will be investigated further. Security: CVE-2010-0433, CVE-2010-0740 Security: http://www.openssl.org/news/secadv_20100324.txt --- crypto/openssl/engines/e_capi.c | 4 ++++ crypto/openssl/engines/e_chil.c | 11 +++++++++-- 2 files changed, 13 insertions(+), 2 deletions(-) (limited to 'crypto/openssl/engines') diff --git a/crypto/openssl/engines/e_capi.c b/crypto/openssl/engines/e_capi.c index fd7f13c..59b2ab7 100644 --- a/crypto/openssl/engines/e_capi.c +++ b/crypto/openssl/engines/e_capi.c @@ -83,6 +83,10 @@ #define CERT_STORE_CREATE_NEW_FLAG 0x00002000 #endif +#ifndef CERT_SYSTEM_STORE_CURRENT_USER +#define CERT_SYSTEM_STORE_CURRENT_USER 0x00010000 +#endif + #include #include #include diff --git a/crypto/openssl/engines/e_chil.c b/crypto/openssl/engines/e_chil.c index e184762..3a07076 100644 --- a/crypto/openssl/engines/e_chil.c +++ b/crypto/openssl/engines/e_chil.c @@ -1204,6 +1204,11 @@ static int hwcrhk_get_pass(const char *prompt_info, pem_password_cb *callback = NULL; void *callback_data = NULL; UI_METHOD *ui_method = NULL; + /* Despite what the documentation says prompt_info can be + * an empty string. + */ + if (prompt_info && !*prompt_info) + prompt_info = NULL; if (cactx) { @@ -1305,8 +1310,10 @@ static int hwcrhk_insert_card(const char *prompt_info, { char answer; char buf[BUFSIZ]; - - if (wrong_info) + /* Despite what the documentation says wrong_info can be + * an empty string. + */ + if (wrong_info && *wrong_info) BIO_snprintf(buf, sizeof(buf)-1, "Current card: \"%s\"\n", wrong_info); ok = UI_dup_info_string(ui, buf); -- cgit v1.1