yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-25 16:05:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'mbedtls-1.3' into development

Browse Source 
* mbedtls-1.3:
  fix bug in ssl_mail_client
  Adapt compat.sh to GnuTLS 3.4
  Fix undefined behaviour in x509

Conflicts:
	programs/ssl/ssl_mail_client.c
	tests/compat.sh
This commit is contained in:
Manuel Pégourié-Gonnard 2015-04-30 13:52:25 +02:00
commit e36d56419e
5 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -117,6 +117,10 @@ Features
errors on use of deprecated functions.
Bugfix
* Fix bug in ssl_mail_client when password is longer that username (found
by Bruno Pape).
* Fix undefined behaviour (memcmp( NULL, NULL, 0 );) in X.509 modules
(detected by Clang's 3.6 UBSan).
* mpi_size() and mpi_msb() would segfault when called on an mpi that is
initialized but not set (found by pravic).
* Fix detection of support for getrandom() on Linux (reported by syzzer) by

3
library/x509_crl.c
View File

@ -463,7 +463,8 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,
if( crl->sig_oid.len != sig_oid2.len ||
memcmp( crl->sig_oid.p, sig_oid2.p, crl->sig_oid.len ) != 0 ||
sig_params1.len != sig_params2.len ||
memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 )
( sig_params1.len != 0 &&
memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 ) )
{
mbedtls_x509_crl_free( crl );
return( MBEDTLS_ERR_X509_SIG_MISMATCH );

3
library/x509_crt.c
View File

@ -758,7 +758,8 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, const unsigned char *
if( crt->sig_oid.len != sig_oid2.len ||
memcmp( crt->sig_oid.p, sig_oid2.p, crt->sig_oid.len ) != 0 ||
sig_params1.len != sig_params2.len ||
memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 )
( sig_params1.len != 0 &&
memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 ) )
{
mbedtls_x509_crt_free( crt );
return( MBEDTLS_ERR_X509_SIG_MISMATCH );

3
programs/ssl/ssl_mail_client.c
View File

@ -711,7 +711,7 @@ int main( int argc, char *argv[] )
mbedtls_printf( " > Write username to server: %s", opt.user_name );
fflush( stdout );
n = sizeof( buf );
n = sizeof( base );
ret = mbedtls_base64_encode( base, &n, (const unsigned char *) opt.user_name,
strlen( opt.user_name ) );
@ -732,6 +732,7 @@ int main( int argc, char *argv[] )
mbedtls_printf( " > Write password to server: %s", opt.user_pwd );
fflush( stdout );
n = sizeof( base );
ret = mbedtls_base64_encode( base, &n, (const unsigned char *) opt.user_pwd,
strlen( opt.user_pwd ) );

2
tests/compat.sh
View File

@ -751,7 +751,7 @@ setup_arguments()
P_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE arc4=1"
O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$MODE"
G_SERVER_ARGS="-p $PORT --http $G_MODE"
G_SERVER_PRIO="EXPORT:+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE"
G_SERVER_PRIO="NORMAL:+ARCFOUR-128:+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE"
# with OpenSSL 1.0.1h, -www, -WWW and -HTTP break DTLS handshakes
if is_dtls "$MODE"; then