Correctly processing CMS reading from /dev/stdin

Resolves: rhbz#1986315
This commit is contained in:
Dmitry Belyavskiy 2021-08-23 10:45:49 +02:00
parent 49de59749c
commit ddd1eb3708
2 changed files with 77 additions and 1 deletions

70
0025-cms-stdin2.patch Normal file
View File

@ -0,0 +1,70 @@
From 9bdf6bb619543248c1bee1d8207b455c1ee40ab6 Mon Sep 17 00:00:00 2001
From: Dmitry Belyavskiy <beldmit@gmail.com>
Date: Fri, 20 Aug 2021 16:45:15 +0200
Subject: [PATCH] Get rid of warn_binary
Current implementation of warn_binary introduces a regression
when the content is passed in /dev/stdin as an explicit file name
and reads the file to be processed twice otherwise.
I suggest to reimplement this functionality after 3.0 if necessary.
Fixes #16359
---
apps/cms.c | 29 -----------------------------
1 file changed, 29 deletions(-)
diff --git a/apps/cms.c b/apps/cms.c
index c22027e3b198..b30273f1710d 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -272,31 +272,6 @@ static CMS_ContentInfo *load_content_info(int informat, BIO *in, int flags,
return NULL;
}
-static void warn_binary(const char *file)
-{
- BIO *bio;
- unsigned char linebuf[1024], *cur, *end;
- int len;
-
- if (file == NULL)
- return; /* cannot give a warning for stdin input */
- if ((bio = bio_open_default(file, 'r', FORMAT_BINARY)) == NULL)
- return; /* cannot give a proper warning since there is an error */
- while ((len = BIO_read(bio, linebuf, sizeof(linebuf))) > 0) {
- end = linebuf + len;
- for (cur = linebuf; cur < end; cur++) {
- if (*cur == '\0' || *cur >= 0x80) {
- BIO_printf(bio_err, "Warning: input file '%s' contains %s"
- " character; better use -binary option\n",
- file, *cur == '\0' ? "NUL" : "8-bit");
- goto end;
- }
- }
- }
- end:
- BIO_free(bio);
-}
-
int cms_main(int argc, char **argv)
{
CONF *conf = NULL;
@@ -911,8 +886,6 @@ int cms_main(int argc, char **argv)
goto end;
}
- if ((flags & CMS_BINARY) == 0)
- warn_binary(infile);
in = bio_open_default(infile, 'r',
binary_files ? FORMAT_BINARY : informat);
if (in == NULL)
@@ -924,8 +897,6 @@ int cms_main(int argc, char **argv)
goto end;
if (contfile != NULL) {
BIO_free(indata);
- if ((flags & CMS_BINARY) == 0)
- warn_binary(contfile);
if ((indata = BIO_new_file(contfile, "rb")) == NULL) {
BIO_printf(bio_err, "Can't read content file %s\n", contfile);
goto end;

View File

@ -15,7 +15,7 @@
Summary: Utilities from the general purpose cryptography library with TLS implementation
Name: openssl
Version: 3.0.0
Release: 0.beta2.5%{?dist}
Release: 0.beta2.6%{?dist}
Epoch: 1
# We have to remove certain patented algorithms from the openssl source
# tarball with the hobble-openssl script which is included below.
@ -64,6 +64,8 @@ Patch22: 0022-fix-openssl-req-password.patch
Patch23: 0023-cms-stdin.patch
# Instructions to load legacy provider in openssl.cnf
Patch24: 0024-load-legacy-prov.patch
# cms: don't read /dev/stdin twice
Patch25: 0025-cms-stdin2.patch
License: ASL 2.0
URL: http://www.openssl.org/
@ -386,6 +388,10 @@ install -m644 %{SOURCE9} \
%ldconfig_scriptlets libs
%changelog
* Mon Aug 23 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-0.beta2.6
- Correctly process CMS reading from /dev/stdin
- Resolves: rhbz#1986315
* Mon Aug 16 2021 Sahana Prasad <sahana@redhat.com> - 3.0.0-0.beta2.5
- Add instruction for loading legacy provider in openssl.cnf
- Resolves: rhbz#1975836