- fix typo in DTLS1 code (#527015)

- fix leak in error handling of d2i_SSL_SESSION()
This commit is contained in:
Tomáš Mráz 2009-10-08 19:01:43 +00:00
parent 0d4bee2e57
commit 5c062c1ba9
3 changed files with 64 additions and 1 deletions

View File

@ -0,0 +1,28 @@
Index: openssl/ssl/d1_clnt.c
RCS File: /v/openssl/cvs/openssl/ssl/d1_clnt.c,v
rcsdiff -q -kk '-r1.16.2.10' '-r1.16.2.11' -u '/v/openssl/cvs/openssl/ssl/d1_clnt.c,v' 2>/dev/null
--- openssl/ssl/d1_clnt.c 2009/07/15 11:32:57 1.16.2.10
+++ openssl/ssl/d1_clnt.c 2009/07/24 11:52:32 1.16.2.11
@@ -223,6 +223,8 @@
s->init_num=0;
/* mark client_random uninitialized */
memset(s->s3->client_random,0,sizeof(s->s3->client_random));
+ s->d1->send_cookie = 0;
+ s->hit = 0;
break;
case SSL3_ST_CW_CLNT_HELLO_A:
Index: openssl/ssl/d1_pkt.c
RCS File: /v/openssl/cvs/openssl/ssl/d1_pkt.c,v
rcsdiff -q -kk '-r1.27.2.13' '-r1.27.2.14' -u '/v/openssl/cvs/openssl/ssl/d1_pkt.c,v' 2>/dev/null
--- openssl/ssl/d1_pkt.c 2009/07/13 11:44:04 1.27.2.13
+++ openssl/ssl/d1_pkt.c 2009/07/24 11:52:32 1.27.2.14
@@ -775,7 +775,7 @@
/* Check for timeout */
if (dtls1_is_timer_expired(s))
{
- if (dtls1_read_failed(s, -1) > 0);
+ if (dtls1_read_failed(s, -1) > 0)
goto start;
}

View File

@ -0,0 +1,27 @@
Index: openssl/ssl/ssl_asn1.c
RCS File: /v/openssl/cvs/openssl/ssl/ssl_asn1.c,v
rcsdiff -q -kk '-r1.36.2.2' '-r1.36.2.3' -u '/v/openssl/cvs/openssl/ssl/ssl_asn1.c,v' 2>/dev/null
--- openssl/ssl/ssl_asn1.c 2009/08/05 15:29:14 1.36.2.2
+++ openssl/ssl/ssl_asn1.c 2009/09/02 13:20:22 1.36.2.3
@@ -413,8 +413,8 @@
}
else
{
- SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNKNOWN_SSL_VERSION);
- return(NULL);
+ c.error=SSL_R_UNKNOWN_SSL_VERSION;
+ goto err;
}
ret->cipher=NULL;
@@ -505,8 +505,8 @@
{
if (os.length > SSL_MAX_SID_CTX_LENGTH)
{
- ret->sid_ctx_length=os.length;
- SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_BAD_LENGTH);
+ c.error=SSL_R_BAD_LENGTH;
+ goto err;
}
else
{

View File

@ -23,7 +23,7 @@
Summary: A general purpose cryptography library with TLS implementation Summary: A general purpose cryptography library with TLS implementation
Name: openssl Name: openssl
Version: 1.0.0 Version: 1.0.0
Release: 0.8.%{beta}%{?dist} Release: 0.9.%{beta}%{?dist}
# We remove certain patented algorithms from the openssl source tarball # We remove certain patented algorithms from the openssl source tarball
# with the hobble-openssl script which is included below. # with the hobble-openssl script which is included below.
Source: openssl-%{version}-%{beta}-usa.tar.bz2 Source: openssl-%{version}-%{beta}-usa.tar.bz2
@ -67,6 +67,8 @@ Patch52: openssl-1.0.0-beta3-dss1.patch
Patch60: openssl-1.0.0-beta3-namingstr.patch Patch60: openssl-1.0.0-beta3-namingstr.patch
Patch61: openssl-1.0.0-beta3-namingblk.patch Patch61: openssl-1.0.0-beta3-namingblk.patch
Patch62: openssl-1.0.0-beta3-camellia-rounds.patch Patch62: openssl-1.0.0-beta3-camellia-rounds.patch
Patch63: openssl-1.0.0-beta3-dtls1-fix.patch
Patch64: openssl-1.0.0-beta3-ssl-session.patch
License: OpenSSL License: OpenSSL
Group: System Environment/Libraries Group: System Environment/Libraries
@ -151,6 +153,8 @@ from other formats to the formats used by the OpenSSL toolkit.
%patch60 -p1 -b .namingstr %patch60 -p1 -b .namingstr
%patch61 -p1 -b .namingblk %patch61 -p1 -b .namingblk
%patch62 -p1 -b .cmll-rounds %patch62 -p1 -b .cmll-rounds
%patch63 -p1 -b .dtls1-fix
%patch64 -p1 -b .ssl-session
# Modify the various perl scripts to reference perl in the right location. # Modify the various perl scripts to reference perl in the right location.
perl util/perlpath.pl `dirname %{__perl}` perl util/perlpath.pl `dirname %{__perl}`
@ -399,6 +403,10 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
%postun -p /sbin/ldconfig %postun -p /sbin/ldconfig
%changelog %changelog
* Thu Oct 8 2009 Tomas Mraz <tmraz@redhat.com> 1.0.0-0.9.beta3
- fix typo in DTLS1 code (#527015)
- fix leak in error handling of d2i_SSL_SESSION()
* Wed Sep 30 2009 Tomas Mraz <tmraz@redhat.com> 1.0.0-0.8.beta3 * Wed Sep 30 2009 Tomas Mraz <tmraz@redhat.com> 1.0.0-0.8.beta3
- fix RSA and DSA FIPS selftests - fix RSA and DSA FIPS selftests
- reenable fixed x86_64 camellia assembler code (#521127) - reenable fixed x86_64 camellia assembler code (#521127)