Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update error checking for OpenSSL CMS_verify
The code for CMS data verification was initially written for OpenSSL's PKCS7_verify() function. It now uses CMS_verify(), but error handling is still done using PKCS7_verify() error identifiers. Update the recognized error codes so that the KDC generates KDC_ERR_DIGEST_IN_SIGNED_DATA_NOT_ACCEPTED errors when appropriate. Use ERR_peek_last_error() to observe the error generated closest to the API surface. [ghudson@mit.edu: edited commit message] (cherry picked from commit 70f61d4) ticket: 9069 version_fixed: 1.20.2
- Loading branch information