From 6195848b2eea627c47f74b63eb2ba3dc3d5b6436 Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Sat, 28 Jan 2017 17:43:17 +0100
Subject: X509_CRL_digest() - ensure precomputed sha1 hash before returning it

X509_CRL_digest() didn't check if the precomputed sha1 hash was actually
present.  This also makes sure there's an appropriate flag to check.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2314)
---
 crypto/x509/x_crl.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'crypto/x509/x_crl.c')

diff --git a/crypto/x509/x_crl.c b/crypto/x509/x_crl.c
index da9c6b6157..dbed850b37 100644
--- a/crypto/x509/x_crl.c
+++ b/crypto/x509/x_crl.c
@@ -226,6 +226,8 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
             if (crl->meth->crl_init(crl) == 0)
                 return 0;
         }
+
+        crl->flags |= EXFLAG_SET;
         break;
 
     case ASN1_OP_FREE_POST:
-- 
cgit v1.2.3