Hi Martin,
here is a patch for OpenSSL. I will send the patch today to OpenSSL'S RT.
Michael
--
_______________________________________________________________
Michael Bell Humboldt-Universitaet zu Berlin
Tel.: +49 (0)30-2093 2482 ZE Computer- und Medienservice
Fax: +49 (0)30-2093 2704 Unter den Linden 6
[EMAIL PROTECTED] D-10099 Berlin
_______________________________________________________________
--- openssl-0.9.7c/apps/ca.c 2003-04-03 20:50:48.000000000 +0200
+++ CRL_MD/apps/ca.c 2004-10-04 10:28:42.000000000 +0200
@@ -1544,7 +1544,14 @@
dgst=EVP_dss1();
else
#endif
- dgst=EVP_md5();
+ if ((md=NCONF_get_string(conf,
section,ENV_DEFAULT_MD)) == NULL)
+ dgst=EVP_md5();
+ else
+ if ((dgst=EVP_get_digestbyname(md)) == NULL)
+ {
+ BIO_printf(bio_err,"%s is an
unsupported message digest type\n",md);
+ goto err;
+ }
}
/* Add any extensions asked for */
