Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / pyopenssl / 7e8dab02ce8a8acf750153c46c19215223dcc67c^! / . / OpenSSL / crypto
commit7e8dab02ce8a8acf750153c46c19215223dcc67c[log] [tgz]
authorJean-Paul Calderone <exarkun@twistedmatrix.com>Fri Mar 09 15:25:48 2012 -0800
committerJean-Paul Calderone <exarkun@twistedmatrix.com>Fri Mar 09 15:25:48 2012 -0800
treea8a3aa790ee026158eaa1b502a8e56dd861545b9
parent15f3a8683af475c0fdd0ecddbaf6d3df5c1e8bf5 [diff]
Add a version check, since older versions of OpenSSL are missing ameth
diff --git a/OpenSSL/crypto/crl.c b/OpenSSL/crypto/crl.c
index 543708e..3f56d83 100644
--- a/OpenSSL/crypto/crl.c
+++ b/OpenSSL/crypto/crl.c

@@ -2,7 +2,6 @@
 #define crypto_MODULE
 #include "crypto.h"
 
-
 static X509_REVOKED * X509_REVOKED_dup(X509_REVOKED *orig) {
     X509_REVOKED *dupe = NULL;
 
@@ -138,15 +137,19 @@
         return NULL;
     }
 
-    /* Some versions of OpenSSL check for this, but more recent versions seem
-     * not to.
+
+#if OPENSSL_VERSION_NUMBER >= 0x01000000L
+    /* Older versions of OpenSSL had no problem with trying to export using an
+     * uninitialized key.  Newer versions segfault, instead.  We can only check
+     * on the new versions, though, because the old versions don't even have the
+     * field that the segfault is triggered by.
      */
     if (!key->pkey->ameth) {
         PyErr_SetString(
             crypto_Error, "Cannot export with an unitialized key");
         return NULL;
     }
-
+#endif
 
     bio = BIO_new(BIO_s_mem());
     tmptm = ASN1_TIME_new();