Import a ``lingering "security" fix'' from the OpenSSL repository:
http://cvs.openssl.org/chngview?cn=16587
This commit is contained in:
Jukka Salmi
Thomas Klausner
parent
31ef93efe0
commit
f1831428bf
3 changed files with 48 additions and 2 deletions
|
|
@ -1,4 +1,4 @@
|
|||
# $NetBSD: Makefile,v 1.3 2007/08/04 18:07:54 tnn2 Exp $
|
||||
# $NetBSD: Makefile,v 1.4 2007/09/29 12:45:22 jukka Exp $
|
||||
|
||||
OPENSSL_SNAPSHOT?= # empty
|
||||
OPENSSL_STABLE?= # empty
|
||||
|
|
@ -24,6 +24,7 @@ MASTER_SITES= ftp://ftp.openssl.org/snapshot/
|
|||
. endif
|
||||
.endif
|
||||
|
||||
PKGREVISION= 1
|
||||
SVR4_PKGNAME= ossl
|
||||
CATEGORIES= security
|
||||
MAINTAINER= j+pkgsrc@salmi.ch
|
||||
|
|
|
|||
|
|
@ -1,9 +1,10 @@
|
|||
$NetBSD: distinfo,v 1.5 2007/08/04 20:11:04 tnn2 Exp $
|
||||
$NetBSD: distinfo,v 1.6 2007/09/29 12:45:22 jukka Exp $
|
||||
|
||||
SHA1 (openssl-0.9.8e.tar.gz) = b429872d2a287714ab37e42296e6a5fbe23d32ff
|
||||
RMD160 (openssl-0.9.8e.tar.gz) = c1a498606dc0fc7219376b950fab6b53687466db
|
||||
Size (openssl-0.9.8e.tar.gz) = 3341665 bytes
|
||||
SHA1 (patch-aa) = 95d8c8c65ef4c074159f7cfc2067eeec24145210
|
||||
SHA1 (patch-ab) = 3ab5b9d29e3912c32d3d959e5464450d332e2699
|
||||
SHA1 (patch-ac) = 06669a79ea92d4e09584c019e21e06e82ee3b217
|
||||
SHA1 (patch-ad) = bb86ac463fc4ab8b485df5f1a4fb9c13c1fc41c3
|
||||
SHA1 (patch-ae) = 7a58f1765a3761321dcc8dafc5fe2e33207be480
|
||||
|
|
|
|||
44
openssl/patches/patch-ab
Normal file
44
openssl/patches/patch-ab
Normal file
|
|
@ -0,0 +1,44 @@
|
|||
$NetBSD: patch-ab,v 1.1 2007/09/29 12:45:22 jukka Exp $
|
||||
|
||||
--- ssl/ssl_lib.c.orig 2006-11-29 21:47:15.000000000 +0100
|
||||
+++ ssl/ssl_lib.c 2007-09-29 14:07:40.000000000 +0200
|
||||
@@ -1201,7 +1201,6 @@ int SSL_set_cipher_list(SSL *s,const cha
|
||||
char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
|
||||
{
|
||||
char *p;
|
||||
- const char *cp;
|
||||
STACK_OF(SSL_CIPHER) *sk;
|
||||
SSL_CIPHER *c;
|
||||
int i;
|
||||
@@ -1214,20 +1213,21 @@ char *SSL_get_shared_ciphers(const SSL *
|
||||
sk=s->session->ciphers;
|
||||
for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
|
||||
{
|
||||
- /* Decrement for either the ':' or a '\0' */
|
||||
- len--;
|
||||
+ int n;
|
||||
+
|
||||
c=sk_SSL_CIPHER_value(sk,i);
|
||||
- for (cp=c->name; *cp; )
|
||||
+ n=strlen(c->name);
|
||||
+ if (n+1 > len)
|
||||
{
|
||||
- if (len-- <= 0)
|
||||
- {
|
||||
- *p='\0';
|
||||
- return(buf);
|
||||
- }
|
||||
- else
|
||||
- *(p++)= *(cp++);
|
||||
+ if (p != buf)
|
||||
+ --p;
|
||||
+ *p='\0';
|
||||
+ return buf;
|
||||
}
|
||||
+ strcpy(p,c->name);
|
||||
+ p+=n;
|
||||
*(p++)=':';
|
||||
+ len-=n+1;
|
||||
}
|
||||
p[-1]='\0';
|
||||
return(buf);
|
||||
Loading…
Reference in a new issue