1berry/MariaDB-server
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Bug#17201924 and Bug#18178997 : YASSL:MISSING CLOSEDIR()

Browse Source 
IN
                                SSL_CTX_LOAD_VERIFY_
                                LOCATIONS()
                                and
                                OFF-BY-ONE PROBLEM IN
                                VOID CERTDECODER::
                                GETDATE(DATETYPE DT)
                                IN ASN.CPP

Description : Fixes corner cases in yassl code.
              Refer to bug page for details.
This commit is contained in:
Harin Vadodaria 2014-05-22 14:26:09 +05:30
parent ab8bd02b9b
commit d36f1ec834
2 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
extra/yassl/src/ssl.cpp
View File

@ -1,5 +1,5 @@
/*
Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -790,7 +790,10 @@ int SSL_CTX_load_verify_locations(SSL_CTX* ctx, const char* file,
strncpy(name, path, MAX_PATH - 1 - HALF_PATH);
strncat(name, "/", 1);
strncat(name, entry->d_name, HALF_PATH);
if (stat(name, &buf) < 0) return SSL_BAD_STAT;
if (stat(name, &buf) < 0) {
closedir(dir);
return SSL_BAD_STAT;
}
if (S_ISREG(buf.st_mode))
ret = read_file(ctx, name, SSL_FILETYPE_PEM, CA);

8
extra/yassl/taocrypt/include/asn.hpp
View File

@ -1,5 +1,5 @@
/*
Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -294,9 +294,9 @@ private:
byte* signature_;
char issuer_[ASN_NAME_MAX]; // Names
char subject_[ASN_NAME_MAX]; // Names
char beforeDate_[MAX_DATE_SZ]; // valid before date
char afterDate_[MAX_DATE_SZ]; // valid after date
bool verify_; // Default to yes, but could be off
char beforeDate_[MAX_DATE_SZ+1]; // valid before date, +null term
char afterDate_[MAX_DATE_SZ+1]; // valid after date, +null term
bool verify_; // Default to yes, but could be off
void ReadHeader();
void Decode(SignerList*, CertType);