- fix typo in DTLS1 code (#527015)
- fix leak in error handling of d2i_SSL_SESSION()
This commit is contained in:
parent
75f7276f8b
commit
1a303f4853
28
openssl-1.0.0-beta3-dtls1-fix.patch
Normal file
28
openssl-1.0.0-beta3-dtls1-fix.patch
Normal file
@ -0,0 +1,28 @@
|
||||
Index: openssl/ssl/d1_clnt.c
|
||||
RCS File: /v/openssl/cvs/openssl/ssl/d1_clnt.c,v
|
||||
rcsdiff -q -kk '-r1.16.2.10' '-r1.16.2.11' -u '/v/openssl/cvs/openssl/ssl/d1_clnt.c,v' 2>/dev/null
|
||||
--- openssl/ssl/d1_clnt.c 2009/07/15 11:32:57 1.16.2.10
|
||||
+++ openssl/ssl/d1_clnt.c 2009/07/24 11:52:32 1.16.2.11
|
||||
@@ -223,6 +223,8 @@
|
||||
s->init_num=0;
|
||||
/* mark client_random uninitialized */
|
||||
memset(s->s3->client_random,0,sizeof(s->s3->client_random));
|
||||
+ s->d1->send_cookie = 0;
|
||||
+ s->hit = 0;
|
||||
break;
|
||||
|
||||
case SSL3_ST_CW_CLNT_HELLO_A:
|
||||
Index: openssl/ssl/d1_pkt.c
|
||||
RCS File: /v/openssl/cvs/openssl/ssl/d1_pkt.c,v
|
||||
rcsdiff -q -kk '-r1.27.2.13' '-r1.27.2.14' -u '/v/openssl/cvs/openssl/ssl/d1_pkt.c,v' 2>/dev/null
|
||||
--- openssl/ssl/d1_pkt.c 2009/07/13 11:44:04 1.27.2.13
|
||||
+++ openssl/ssl/d1_pkt.c 2009/07/24 11:52:32 1.27.2.14
|
||||
@@ -775,7 +775,7 @@
|
||||
/* Check for timeout */
|
||||
if (dtls1_is_timer_expired(s))
|
||||
{
|
||||
- if (dtls1_read_failed(s, -1) > 0);
|
||||
+ if (dtls1_read_failed(s, -1) > 0)
|
||||
goto start;
|
||||
}
|
||||
|
27
openssl-1.0.0-beta3-ssl-session.patch
Normal file
27
openssl-1.0.0-beta3-ssl-session.patch
Normal file
@ -0,0 +1,27 @@
|
||||
Index: openssl/ssl/ssl_asn1.c
|
||||
RCS File: /v/openssl/cvs/openssl/ssl/ssl_asn1.c,v
|
||||
rcsdiff -q -kk '-r1.36.2.2' '-r1.36.2.3' -u '/v/openssl/cvs/openssl/ssl/ssl_asn1.c,v' 2>/dev/null
|
||||
--- openssl/ssl/ssl_asn1.c 2009/08/05 15:29:14 1.36.2.2
|
||||
+++ openssl/ssl/ssl_asn1.c 2009/09/02 13:20:22 1.36.2.3
|
||||
@@ -413,8 +413,8 @@
|
||||
}
|
||||
else
|
||||
{
|
||||
- SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNKNOWN_SSL_VERSION);
|
||||
- return(NULL);
|
||||
+ c.error=SSL_R_UNKNOWN_SSL_VERSION;
|
||||
+ goto err;
|
||||
}
|
||||
|
||||
ret->cipher=NULL;
|
||||
@@ -505,8 +505,8 @@
|
||||
{
|
||||
if (os.length > SSL_MAX_SID_CTX_LENGTH)
|
||||
{
|
||||
- ret->sid_ctx_length=os.length;
|
||||
- SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_BAD_LENGTH);
|
||||
+ c.error=SSL_R_BAD_LENGTH;
|
||||
+ goto err;
|
||||
}
|
||||
else
|
||||
{
|
10
openssl.spec
10
openssl.spec
@ -23,7 +23,7 @@
|
||||
Summary: A general purpose cryptography library with TLS implementation
|
||||
Name: openssl
|
||||
Version: 1.0.0
|
||||
Release: 0.8.%{beta}%{?dist}
|
||||
Release: 0.9.%{beta}%{?dist}
|
||||
# We remove certain patented algorithms from the openssl source tarball
|
||||
# with the hobble-openssl script which is included below.
|
||||
Source: openssl-%{version}-%{beta}-usa.tar.bz2
|
||||
@ -67,6 +67,8 @@ Patch52: openssl-1.0.0-beta3-dss1.patch
|
||||
Patch60: openssl-1.0.0-beta3-namingstr.patch
|
||||
Patch61: openssl-1.0.0-beta3-namingblk.patch
|
||||
Patch62: openssl-1.0.0-beta3-camellia-rounds.patch
|
||||
Patch63: openssl-1.0.0-beta3-dtls1-fix.patch
|
||||
Patch64: openssl-1.0.0-beta3-ssl-session.patch
|
||||
|
||||
License: OpenSSL
|
||||
Group: System Environment/Libraries
|
||||
@ -151,6 +153,8 @@ from other formats to the formats used by the OpenSSL toolkit.
|
||||
%patch60 -p1 -b .namingstr
|
||||
%patch61 -p1 -b .namingblk
|
||||
%patch62 -p1 -b .cmll-rounds
|
||||
%patch63 -p1 -b .dtls1-fix
|
||||
%patch64 -p1 -b .ssl-session
|
||||
|
||||
# Modify the various perl scripts to reference perl in the right location.
|
||||
perl util/perlpath.pl `dirname %{__perl}`
|
||||
@ -399,6 +403,10 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
|
||||
%postun -p /sbin/ldconfig
|
||||
|
||||
%changelog
|
||||
* Thu Oct 8 2009 Tomas Mraz <tmraz@redhat.com> 1.0.0-0.9.beta3
|
||||
- fix typo in DTLS1 code (#527015)
|
||||
- fix leak in error handling of d2i_SSL_SESSION()
|
||||
|
||||
* Wed Sep 30 2009 Tomas Mraz <tmraz@redhat.com> 1.0.0-0.8.beta3
|
||||
- fix RSA and DSA FIPS selftests
|
||||
- reenable fixed x86_64 camellia assembler code (#521127)
|
||||
|
Loading…
Reference in New Issue
Block a user