diff options
| -rw-r--r-- | pith/pine.hlp | 10 | ||||
| -rw-r--r-- | pith/smime.c | 10 |
2 files changed, 14 insertions, 6 deletions
diff --git a/pith/pine.hlp b/pith/pine.hlp index 5b24327f..f7442139 100644 --- a/pith/pine.hlp +++ b/pith/pine.hlp @@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any reasonable place to be called from. Dummy change to get revision in pine.hlp ============= h_revision ================= -Alpine Commit 458 2020-06-26 12:28:12 +Alpine Commit 459 2020-06-27 13:36:43 ============= h_news ================= <HTML> <HEAD> @@ -205,8 +205,12 @@ problems you find with this release. Bugs addressed: <UL> -<LI> When Alpine starts a PREAUTH connection, it might still ask the user -to login. Reported by Frank Tobin. +<LI> When Alpine starts a PREAUTH connection, it might still ask the user + to login. Reported by Frank Tobin. + +<UL> Invalid signatures created by Alpine, when built with recent + releases of the Openssl-1.1.1 series (but not in the Openssl-1.0.1 series). + Fix contributed by Bernd Edlinger. </UL> <P> diff --git a/pith/smime.c b/pith/smime.c index ccaf1066..a2a6a112 100644 --- a/pith/smime.c +++ b/pith/smime.c @@ -2488,10 +2488,14 @@ body_to_bio(BODY *body) if((len=BIO_ctrl_pending(bio)) > 1){ BUF_MEM *biobuf = NULL; + /* this code used to truncate without closing the bio, and + then resetting the memory, causing non validation in + signatures. Fix contributed by Bernd Edlinger. + */ BIO_get_mem_ptr(bio, &biobuf); - if(biobuf){ - BUF_MEM_grow(biobuf, len-2); /* remove CRLF */ - } + BIO_set_close(bio, 0); + BUF_MEM_grow(biobuf, len-2); /* remove CRLF */ + BIO_set_mem_buf(bio, biobuf, 1); } return bio; |