From 0fdcebdbb7db59cd901735b7fd71afcaf05c0583 Mon Sep 17 00:00:00 2001
From: Michael M Slusarz <slusarz@curecanti.org>
Date: Mon, 14 Dec 2009 12:38:18 -0700
Subject: [PATCH] Bug #8751: Fix parsing old x.509 certs

---
 framework/Crypt/lib/Horde/Crypt/Smime.php | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/framework/Crypt/lib/Horde/Crypt/Smime.php b/framework/Crypt/lib/Horde/Crypt/Smime.php
index e035e0fa4..737e00d95 100644
--- a/framework/Crypt/lib/Horde/Crypt/Smime.php
+++ b/framework/Crypt/lib/Horde/Crypt/Smime.php
@@ -659,7 +659,14 @@ class Horde_Crypt_Smime extends Horde_Crypt
         $cert_data = $this->_parseASN($raw_cert);
         if (!is_array($cert_data) ||
             ($cert_data[0] == 'UNKNOWN') ||
-            ($cert_data[1][0] == 'UNKNOWN')) {
+            ($cert_data[1][0] == 'UNKNOWN') ||
+            /* Bug #8751: Check for required number of fields. The ASN
+             * parsing code doesn't seem to be able to handle v1 data - it
+             * combines the version and serial number fields.
+             * openssl_x509_parse() works, but doesn't have a stable API.
+             * Since v1 is such an old standard anyway, best just to abort
+             * here. */
+            (count($cert_data[1][0][1]) != 7)) {
             return false;
         }
 
-- 
2.11.0