X509_cmp(): Fix comparison in case x509v3_cache_extensions() failed to due to invalid cert

This is the backport of #13755 to v1.1.1. Fixes #13698 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13756)
author: Dr. David von Oheimb <David.von.Oheimb@siemens.com> 2020-12-30 09:57:49 +0100
committer: Dr. David von Oheimb <dev@ddvo.net> 2021-01-14 14:36:09 +0100
commit: fb1e2411042f0367c2560e4ec5e4b1189ca9cd45 (patch)
tree: 76ff10c7eecdbbddaeda44c71d0ede617c2db80c /crypto/x509/x_all.c
parent: 2a9785c252df6836da90da33aaeed8edb506e556 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c
index aa5ccba448..bec850af57 100644
--- a/crypto/x509/x_all.c
+++ b/crypto/x509/x_all.c
@@ -363,7 +363,7 @@ int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
                 unsigned int *len)
 {
     if (type == EVP_sha1() && (data->ex_flags & EXFLAG_SET) != 0
-            && (data->ex_flags & EXFLAG_INVALID) == 0) {
+            && (data->ex_flags & EXFLAG_NO_FINGERPRINT) == 0) {
         /* Asking for SHA1 and we already computed it. */
         if (len != NULL)
             *len = sizeof(data->sha1_hash);
author	Dr. David von Oheimb <David.von.Oheimb@siemens.com>	2020-12-30 09:57:49 +0100
committer	Dr. David von Oheimb <dev@ddvo.net>	2021-01-14 14:36:09 +0100
commit	fb1e2411042f0367c2560e4ec5e4b1189ca9cd45 (patch)
tree	76ff10c7eecdbbddaeda44c71d0ede617c2db80c /crypto/x509/x_all.c
parent	2a9785c252df6836da90da33aaeed8edb506e556 (diff)