From: Samuel Meder <[EMAIL PROTECTED]>
meder> Saw that too. I realized my mistake btw and here is a updated
meder> patch. Is there any reason for doing
meder>
meder> a->data[w]=((a->data[w])&iv)|v
meder>
meder> instead of
meder>
meder> a->data[w]=(a->data[w])|v
Sure there is. Consider the following and you'll understand:
ASN1_BIT_STRING_set_bit(bstr, 1, 1);
ASN1_BIT_STRING_set_bit(bstr, 1, 0);
If the `&iv' part was removed, do you think the bit in question will
really be cleared?
In any case, the proper patch was to insert the following line right
after the assignment of iv:
if (!value) v=0;
I've commit that change. It should be visible in the snapshot and the
next release.
--
Richard Levitte \ Spannv�gen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
\ SWEDEN \ or +46-733-72 88 11
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Software Engineer, GemPlus: http://www.gemplus.com/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
