Fix error causing ldns to sometimes produce faulty DSA sign (#1077776)
Signed-off-by: Tomas Hozza <thozza@redhat.com>
This commit is contained in:
Tomas Hozza
parent
b0ea93106b
commit
182a4339fe
28
ldns-1.6.16-dsa-key-failures.patch
Normal file
28
ldns-1.6.16-dsa-key-failures.patch
Normal file
@ -0,0 +1,28 @@
|
||||
diff -up ldns-1.6.17/keys.c.dsa ldns-1.6.17/keys.c
|
||||
--- ldns-1.6.17/keys.c.dsa 2014-01-10 22:04:41.000000000 +0100
|
||||
+++ ldns-1.6.17/keys.c 2014-03-18 17:54:34.751742493 +0100
|
||||
@@ -1324,7 +1324,6 @@ ldns_key_dsa2bin(unsigned char *data, DS
|
||||
/* See RFC2536 */
|
||||
*size = (uint16_t)BN_num_bytes(k->p);
|
||||
T = (*size - 64) / 8;
|
||||
- memcpy(data, &T, 1);
|
||||
|
||||
if (T > 8) {
|
||||
#ifdef STDERR_MSGS
|
||||
@@ -1335,12 +1334,13 @@ ldns_key_dsa2bin(unsigned char *data, DS
|
||||
}
|
||||
|
||||
/* size = 64 + (T * 8); */
|
||||
+ memset(data, 0, 21 + *size * 3);
|
||||
data[0] = (unsigned char)T;
|
||||
BN_bn2bin(k->q, data + 1 ); /* 20 octects */
|
||||
BN_bn2bin(k->p, data + 21 ); /* offset octects */
|
||||
- BN_bn2bin(k->g, data + 21 + *size); /* offset octets */
|
||||
- BN_bn2bin(k->pub_key, data + 21 + *size + *size); /* offset octets */
|
||||
- *size = 21 + (*size * 3);
|
||||
+ BN_bn2bin(k->g, data + 21 + *size * 2 - BN_num_bytes(k->g));
|
||||
+ BN_bn2bin(k->pub_key,data + 21 + *size * 3 - BN_num_bytes(k->pub_key));
|
||||
+ *size = 21 + *size * 3;
|
||||
return true;
|
||||
}
|
||||
|
||||
@ -14,11 +14,12 @@
|
||||
Summary: Low-level DNS(SEC) library with API
|
||||
Name: ldns
|
||||
Version: 1.6.17
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
License: BSD
|
||||
Url: http://www.nlnetlabs.nl/%{name}/
|
||||
Source: http://www.nlnetlabs.nl/downloads/%{name}/%{name}-%{version}.tar.gz
|
||||
Patch1: ldns-1.6.17-multilib.patch
|
||||
Patch2: %{name}-1.6.16-dsa-key-failures.patch
|
||||
Group: System Environment/Libraries
|
||||
BuildRequires: libpcap-devel, openssl-devel, gcc-c++, doxygen,
|
||||
# for snapshots only
|
||||
@ -78,6 +79,7 @@ This package contains documentation for the ldns library
|
||||
%prep
|
||||
%setup -q
|
||||
%patch1 -p1
|
||||
%patch2 -p1 -b .dsa
|
||||
# To built svn snapshots
|
||||
# rm config.guess config.sub ltmain.sh
|
||||
# aclocal
|
||||
@ -192,6 +194,9 @@ rm -f %{buildroot}%{perl_vendorarch}/auto/DNS/LDNS/{.packlist,LDNS.bs}
|
||||
%postun -p /sbin/ldconfig
|
||||
|
||||
%changelog
|
||||
* Tue Mar 18 2014 Tomas Hozza <thozza@redhat.com> - 1.6.17-2
|
||||
- Fix error causing ldns to sometimes produce faulty DSA sign (#1077776)
|
||||
|
||||
* Fri Jan 10 2014 Paul Wouters <pwouters@redhat.com> - 1.6.17-1
|
||||
- Updated to 1.6.17
|
||||
- Enable perl bindings via new ldns-perl sub-package
|
||||
|
||||
Loading…
Reference in New Issue
Block a user