[src/netbsd-2-1]: src/crypto/dist/openssl/crypto/rsa Pull up following revisi...

[tron <tron%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/3b40a083f519
branches:  netbsd-2-1
changeset: 564215:3b40a083f519
user:      tron <tron%NetBSD.org@localhost>
date:      Fri Sep 08 17:09:45 2006 +0000

description:
Pull up following revision(s) (requested by adrianp in ticket #10690):
        crypto/dist/openssl/crypto/rsa/rsa_sign.c: revision 1.3
Apply the third version of the patch from OpenSSL to address this issue.
- Rollback the updates for rsa.h, rsa_eay.c and rsa_err.c as they were
  not necessary to address this vulnerability.
- Small update to the patch for rsa_sign.c for backward compatability so
  the same patch can be applied to 0.9.[6-9]

diffstat:

 crypto/dist/openssl/crypto/rsa/rsa_sign.c |  2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diffs (12 lines):

diff -r d138e6421c48 -r 3b40a083f519 crypto/dist/openssl/crypto/rsa/rsa_sign.c
--- a/crypto/dist/openssl/crypto/rsa/rsa_sign.c Fri Sep 08 17:06:18 2006 +0000
+++ b/crypto/dist/openssl/crypto/rsa/rsa_sign.c Fri Sep 08 17:09:45 2006 +0000
@@ -196,7 +196,7 @@
                /* Parameters to the signature algorithm can also be used to
                   create forgeries */
                if(sig->algor->parameter
-                  && ASN1_TYPE_get(sig->algor->parameter) != V_ASN1_NULL)
+                  && sig->algor->parameter->type != V_ASN1_NULL)
                        {
                        RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
                        goto err;