Hi. Thanks for the quick fix to RT #1664. I've run into two more bugs in the CMS code. I can provide isolated test cases if necessary, but the code that's currently producing these is buried deep in the guts of a Python extension module, so I'll start by just describing the problems in the hope that this will all be obvious to Steve.
1) CMS_final() and CMS_verify() both appear to be ignoring an EVP_R_COMMAND_NOT_SUPPORTED error. That is: both functions are giving me what I think are meant to be successful returns (non-zero return value for CMS_final(), return value greater than zero for CMS_verify()), but ERR_get_error() finds an unhandled error EVP_R_COMMAND_NOT_SUPPORTED that wasn't there before these calls. As far as I can tell, this error is harmless, other than confusing subsequent code. At least, I haven't seen any obvious bad side effects of ignoring the error, but of course I might have missed something. 2) CMS_add0_crl() dumps core. Due to the environment in which this is occuring I don't have a stack trace available, let me know if you need me to generate a test case that produces one. I don't see any code that exercises this particular function, so I don't know if it's ever been tested. If, in the process of fixing this, someone were to add CMS_add1_crl(), I wouldn't complain. :) Please let me know if you need more details or have trouble reproducing these problems. I'll be at the RIPE 56 meeting next week but will try to answer as promptly as circumstances allow. Thanks for all the good work on this. --Rob ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
