rpms/mingw-openssl
7
0
Fork 0
Code Issues Pull Requests Releases Activity
1f7c603ecc
mingw-openssl/openssl-1.0.1e-req-keylen.patch
Erik van Pienbroek ff3f6f305a Synced patches with native openssl-1.0.1e-44.fc21 
Fixes CVE-2014-0160 (RHBZ #1085066)
2014-04-09 08:25:44 +02:00

39 lines
982 B
Diff
Raw Blame History

diff -up openssl-1.0.1e/apps/req.c.keylen openssl-1.0.1e/apps/req.c
--- openssl-1.0.1e/apps/req.c.keylen 2014-02-12 14:58:29.000000000 +0100
+++ openssl-1.0.1e/apps/req.c 2014-02-14 13:52:48.692325000 +0100
@@ -644,6 +644,12 @@ bad:
if (inrand)
app_RAND_load_files(inrand);
+ if (newkey <= 0)
+ {
+ if (!NCONF_get_number(req_conf,SECTION,BITS, &newkey))
+ newkey=DEFAULT_KEY_LENGTH;
+ }
+
if (keyalg)
{
genctx = set_keygen_ctx(bio_err, keyalg, &pkey_type, &newkey,
@@ -651,12 +657,6 @@ bad:
if (!genctx)
goto end;
}
-
- if (newkey <= 0)
- {
- if (!NCONF_get_number(req_conf,SECTION,BITS, &newkey))
- newkey=DEFAULT_KEY_LENGTH;
- }
if (newkey < MIN_KEY_LENGTH && (pkey_type == EVP_PKEY_RSA || pkey_type == EVP_PKEY_DSA))
{
@@ -1649,6 +1649,8 @@ static EVP_PKEY_CTX *set_keygen_ctx(BIO
keylen = atol(p + 1);
*pkeylen = keylen;
}
+ else
+ keylen = *pkeylen;
}
else if (p)
paramfile = p + 1;
Reference in New Issue View Git Blame Copy Permalink