16 lines
790 B
Diff
16 lines
790 B
Diff
diff -rupN --no-dereference openssl-3.0.7-hobbled/crypto/asn1/a_verify.c openssl-3.0.7-hobbled-new/crypto/asn1/a_verify.c
|
|
--- openssl-3.0.7-hobbled/crypto/asn1/a_verify.c 2022-11-01 15:14:36.000000000 +0100
|
|
+++ openssl-3.0.7-hobbled-new/crypto/asn1/a_verify.c 2022-11-28 16:00:17.971828856 +0100
|
|
@@ -153,6 +153,11 @@ int ASN1_item_verify_ctx(const ASN1_ITEM
|
|
ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB);
|
|
if (ret <= 1)
|
|
goto err;
|
|
+ } else if ((mdnid == NID_md5
|
|
+ && ossl_safe_getenv("OPENSSL_ENABLE_MD5_VERIFY") == NULL) ||
|
|
+ mdnid == NID_md4 || mdnid == NID_md2 || mdnid == NID_sha) {
|
|
+ ERR_raise(ERR_LIB_ASN1, ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
|
|
+ goto err;
|
|
} else {
|
|
const EVP_MD *type = NULL;
|
|
|