From: Hugo Landau <hlandau@openssl.org>
Date: Fri, 4 Mar 2022 06:28:57 +0000 (+0000)
Subject: Document bug in openssl cms -binary
X-Git-Tag: OpenSSL_1_1_1n~12
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d3602088603605f39993f03781163df2decf85e3;p=thirdparty%2Fopenssl.git

Document bug in openssl cms -binary

Documents a bug in openssl cms -binary for 1.1 whereby it cannot process
input using LF line endings correctly. Binary input processing was
reworked substantially for 3.0 and backporting these changes doesn't
appear reasonable.

Fixes #17797.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17810)
---

diff --git a/doc/man1/cms.pod b/doc/man1/cms.pod
index 2caf3ef4d15..c2169950556 100644
--- a/doc/man1/cms.pod
+++ b/doc/man1/cms.pod
@@ -719,6 +719,9 @@ the list of permitted ciphers in a database and only use those.
 
 No revocation checking is done on the signer's certificate.
 
+The B<-binary> option does not work correctly when processing text input which
+(contrary to the S/MIME specification) uses LF rather than CRLF line endings.
+
 =head1 HISTORY
 
 The use of multiple B<-signer> options and the B<-resign> command were first