]> granicus.if.org Git - openssl/commitdiff
Reencode certificates in X509_sign_ctx.
authorDr. Stephen Henson <steve@openssl.org>
Thu, 2 May 2013 11:18:46 +0000 (12:18 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 2 May 2013 11:24:56 +0000 (12:24 +0100)
Reencode certificates in X509_sign_ctx as well as X509_sign.

This was causing a problem in the x509 application when it modified an
existing certificate.
(cherry picked from commit c6d8adb8a45186617e0a8e2c09469bd164b92b31)

crypto/x509/x_all.c

index b94aeeb873fddf4408129e2d269bf9111478a508..27dc215c756891c1c80c01297b9b88249d38cb31 100644 (file)
@@ -97,6 +97,7 @@ int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
 
 int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx)
        {
+       x->cert_info->enc.modified = 1;
        return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CINF),
                x->cert_info->signature,
                x->sig_alg, x->signature, x->cert_info, ctx);