REGRESSION: CMS_final: do not ignore CMS_dataFinal result

The CMS_dataFinal result is important as signature may fail, however, it
is ignored while returning success from CMS_final.

The SMIME_crlf_copy result is returned while it is ignored in the rest
of the openssl code.

Prefer the CMS_dataFinal result.

This is regression from openssl-1.

Blame finds c1669f41ei as root cause of regression.

Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18876)

diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c
index 2123875f1cd898dec52dbf8ac7a6fb5fe4e3e4c2..4f5d626fb6627bbdefc811873e9eb893b2e6fdfb 100644 (file)
--- a/crypto/cms/cms_smime.c
+++ b/crypto/cms/cms_smime.c
@@ -882,7 +882,7 @@ int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags)
         return 0;
     }
 
-    ret = SMIME_crlf_copy(data, cmsbio, flags);
+    SMIME_crlf_copy(data, cmsbio, flags);
 
     (void)BIO_flush(cmsbio);
 
@@ -890,6 +890,9 @@ int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags)
         ERR_raise(ERR_LIB_CMS, CMS_R_CMS_DATAFINAL_ERROR);
         goto err;
     }
+
+    ret = 1;
+
 err:
     do_free_upto(cmsbio, dcont);