* Invalid signatures created by Alpine, when built with recent

     releases of the Openssl-1.1.1 series (but not in the Openssl-1.0.1
     series). Fix contributed by Bernd Edlinger.

2 files changed, 14 insertions, 6 deletions

diff --git a/pith/pine.hlp b/pith/pine.hlp
index 5b24327f..f7442139 100644
--- a/pith/pine.hlp
+++ b/pith/pine.hlp
@@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any
 reasonable place to be called from.
 Dummy change to get revision in pine.hlp
 ============= h_revision =================
-Alpine Commit 458 2020-06-26 12:28:12
+Alpine Commit 459 2020-06-27 13:36:43
 ============= h_news =================
 <HTML>
 <HEAD>
@@ -205,8 +205,12 @@ problems you find with this release.
 Bugs addressed:
 
 <UL>
-<LI>  When Alpine starts a PREAUTH connection, it might still ask the user
-to login. Reported by Frank Tobin.
+<LI> When Alpine starts a PREAUTH connection, it might still ask the user
+     to login. Reported by Frank Tobin.
+
+<UL> Invalid signatures created by Alpine, when built with recent
+     releases of the Openssl-1.1.1 series (but not in the Openssl-1.0.1 series).
+     Fix contributed by Bernd Edlinger.
 </UL>
 
 <P>
diff --git a/pith/smime.c b/pith/smime.c
index ccaf1066..a2a6a112 100644
--- a/pith/smime.c
+++ b/pith/smime.c
@@ -2488,10 +2488,14 @@ body_to_bio(BODY *body)
     if((len=BIO_ctrl_pending(bio)) > 1){
 	BUF_MEM *biobuf = NULL;
 
+	/* this code used to truncate without closing the bio, and 
+	   then resetting the memory, causing non validation in
+	   signatures. Fix contributed by Bernd Edlinger.
+	 */
 	BIO_get_mem_ptr(bio, &biobuf);
-	if(biobuf){
-	    BUF_MEM_grow(biobuf, len-2);	/* remove CRLF */
-	}
+	BIO_set_close(bio, 0);
+	BUF_MEM_grow(biobuf, len-2);	/* remove CRLF */
+	BIO_set_mem_buf(bio, biobuf, 1);
     }
 
     return bio;