openssl: fix incorrect CURLE_OUT_OF_MEMORY error

... on CN check failure, which was breaking the test-suite of pycurl.

Reported-by: Lukas Zaoral
This commit is contained in:
Kamil Dudka 2022-03-15 12:53:45 +01:00
parent 4f4da0817d
commit cbc7b73e10
2 changed files with 43 additions and 0 deletions

View File

@ -0,0 +1,36 @@
From 58781adaaff911303f69876236918b9049dde926 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 8 Mar 2022 13:38:13 +0100
Subject: [PATCH] openssl: fix CN check error code
Due to a missing 'else' this returns error too easily.
Regressed in: d15692ebb
Reported-by: Kristoffer Gleditsch
Fixes #8559
Closes #8560
Upstream-commit: 911714d617c106ed5d553bf003e34ec94ab6a136
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
lib/vtls/openssl.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 616a510..1bafe96 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -1808,7 +1808,8 @@ CURLcode Curl_ossl_verifyhost(struct Curl_easy *data, struct connectdata *conn,
memcpy(peer_CN, ASN1_STRING_get0_data(tmp), peerlen);
peer_CN[peerlen] = '\0';
}
- result = CURLE_OUT_OF_MEMORY;
+ else
+ result = CURLE_OUT_OF_MEMORY;
}
}
else /* not a UTF8 name */
--
2.34.1

View File

@ -10,6 +10,9 @@ Source1: https://curl.se/download/%{name}-%{version}.tar.xz.asc
# which points to the GPG key as of April 7th 2016 of https://daniel.haxx.se/mykey.asc
Source2: mykey.asc
# openssl: fix incorrect CURLE_OUT_OF_MEMORY error on CN check failure
Patch1: 0001-curl-7.82.0-openssl-spurious-oom.patch
# patch making libcurl multilib ready
Patch101: 0101-curl-7.32.0-multilib.patch
@ -185,6 +188,7 @@ be installed.
%setup -q
# upstream patches
%patch1 -p1
# Fedora patches
%patch101 -p1
@ -411,6 +415,9 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
%{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
%changelog
* Tue Mar 15 2022 Kamil Dudka <kdudka@redhat.com> - 7.82.0-2
- openssl: fix incorrect CURLE_OUT_OF_MEMORY error on CN check failure
* Sat Mar 05 2022 Kamil Dudka <kdudka@redhat.com> - 7.82.0-1
- new upstream release