- fix typo in DTLS1 code (#527015)
- fix leak in error handling of d2i_SSL_SESSION()
This commit is contained in:
parent
0d4bee2e57
commit
5c062c1ba9
28
openssl-1.0.0-beta3-dtls1-fix.patch
Normal file
28
openssl-1.0.0-beta3-dtls1-fix.patch
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
Index: openssl/ssl/d1_clnt.c
|
||||||
|
RCS File: /v/openssl/cvs/openssl/ssl/d1_clnt.c,v
|
||||||
|
rcsdiff -q -kk '-r1.16.2.10' '-r1.16.2.11' -u '/v/openssl/cvs/openssl/ssl/d1_clnt.c,v' 2>/dev/null
|
||||||
|
--- openssl/ssl/d1_clnt.c 2009/07/15 11:32:57 1.16.2.10
|
||||||
|
+++ openssl/ssl/d1_clnt.c 2009/07/24 11:52:32 1.16.2.11
|
||||||
|
@@ -223,6 +223,8 @@
|
||||||
|
s->init_num=0;
|
||||||
|
/* mark client_random uninitialized */
|
||||||
|
memset(s->s3->client_random,0,sizeof(s->s3->client_random));
|
||||||
|
+ s->d1->send_cookie = 0;
|
||||||
|
+ s->hit = 0;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case SSL3_ST_CW_CLNT_HELLO_A:
|
||||||
|
Index: openssl/ssl/d1_pkt.c
|
||||||
|
RCS File: /v/openssl/cvs/openssl/ssl/d1_pkt.c,v
|
||||||
|
rcsdiff -q -kk '-r1.27.2.13' '-r1.27.2.14' -u '/v/openssl/cvs/openssl/ssl/d1_pkt.c,v' 2>/dev/null
|
||||||
|
--- openssl/ssl/d1_pkt.c 2009/07/13 11:44:04 1.27.2.13
|
||||||
|
+++ openssl/ssl/d1_pkt.c 2009/07/24 11:52:32 1.27.2.14
|
||||||
|
@@ -775,7 +775,7 @@
|
||||||
|
/* Check for timeout */
|
||||||
|
if (dtls1_is_timer_expired(s))
|
||||||
|
{
|
||||||
|
- if (dtls1_read_failed(s, -1) > 0);
|
||||||
|
+ if (dtls1_read_failed(s, -1) > 0)
|
||||||
|
goto start;
|
||||||
|
}
|
||||||
|
|
27
openssl-1.0.0-beta3-ssl-session.patch
Normal file
27
openssl-1.0.0-beta3-ssl-session.patch
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
Index: openssl/ssl/ssl_asn1.c
|
||||||
|
RCS File: /v/openssl/cvs/openssl/ssl/ssl_asn1.c,v
|
||||||
|
rcsdiff -q -kk '-r1.36.2.2' '-r1.36.2.3' -u '/v/openssl/cvs/openssl/ssl/ssl_asn1.c,v' 2>/dev/null
|
||||||
|
--- openssl/ssl/ssl_asn1.c 2009/08/05 15:29:14 1.36.2.2
|
||||||
|
+++ openssl/ssl/ssl_asn1.c 2009/09/02 13:20:22 1.36.2.3
|
||||||
|
@@ -413,8 +413,8 @@
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
- SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNKNOWN_SSL_VERSION);
|
||||||
|
- return(NULL);
|
||||||
|
+ c.error=SSL_R_UNKNOWN_SSL_VERSION;
|
||||||
|
+ goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
ret->cipher=NULL;
|
||||||
|
@@ -505,8 +505,8 @@
|
||||||
|
{
|
||||||
|
if (os.length > SSL_MAX_SID_CTX_LENGTH)
|
||||||
|
{
|
||||||
|
- ret->sid_ctx_length=os.length;
|
||||||
|
- SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_BAD_LENGTH);
|
||||||
|
+ c.error=SSL_R_BAD_LENGTH;
|
||||||
|
+ goto err;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
10
openssl.spec
10
openssl.spec
@ -23,7 +23,7 @@
|
|||||||
Summary: A general purpose cryptography library with TLS implementation
|
Summary: A general purpose cryptography library with TLS implementation
|
||||||
Name: openssl
|
Name: openssl
|
||||||
Version: 1.0.0
|
Version: 1.0.0
|
||||||
Release: 0.8.%{beta}%{?dist}
|
Release: 0.9.%{beta}%{?dist}
|
||||||
# We remove certain patented algorithms from the openssl source tarball
|
# We remove certain patented algorithms from the openssl source tarball
|
||||||
# with the hobble-openssl script which is included below.
|
# with the hobble-openssl script which is included below.
|
||||||
Source: openssl-%{version}-%{beta}-usa.tar.bz2
|
Source: openssl-%{version}-%{beta}-usa.tar.bz2
|
||||||
@ -67,6 +67,8 @@ Patch52: openssl-1.0.0-beta3-dss1.patch
|
|||||||
Patch60: openssl-1.0.0-beta3-namingstr.patch
|
Patch60: openssl-1.0.0-beta3-namingstr.patch
|
||||||
Patch61: openssl-1.0.0-beta3-namingblk.patch
|
Patch61: openssl-1.0.0-beta3-namingblk.patch
|
||||||
Patch62: openssl-1.0.0-beta3-camellia-rounds.patch
|
Patch62: openssl-1.0.0-beta3-camellia-rounds.patch
|
||||||
|
Patch63: openssl-1.0.0-beta3-dtls1-fix.patch
|
||||||
|
Patch64: openssl-1.0.0-beta3-ssl-session.patch
|
||||||
|
|
||||||
License: OpenSSL
|
License: OpenSSL
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
@ -151,6 +153,8 @@ from other formats to the formats used by the OpenSSL toolkit.
|
|||||||
%patch60 -p1 -b .namingstr
|
%patch60 -p1 -b .namingstr
|
||||||
%patch61 -p1 -b .namingblk
|
%patch61 -p1 -b .namingblk
|
||||||
%patch62 -p1 -b .cmll-rounds
|
%patch62 -p1 -b .cmll-rounds
|
||||||
|
%patch63 -p1 -b .dtls1-fix
|
||||||
|
%patch64 -p1 -b .ssl-session
|
||||||
|
|
||||||
# Modify the various perl scripts to reference perl in the right location.
|
# Modify the various perl scripts to reference perl in the right location.
|
||||||
perl util/perlpath.pl `dirname %{__perl}`
|
perl util/perlpath.pl `dirname %{__perl}`
|
||||||
@ -399,6 +403,10 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
|
|||||||
%postun -p /sbin/ldconfig
|
%postun -p /sbin/ldconfig
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Oct 8 2009 Tomas Mraz <tmraz@redhat.com> 1.0.0-0.9.beta3
|
||||||
|
- fix typo in DTLS1 code (#527015)
|
||||||
|
- fix leak in error handling of d2i_SSL_SESSION()
|
||||||
|
|
||||||
* Wed Sep 30 2009 Tomas Mraz <tmraz@redhat.com> 1.0.0-0.8.beta3
|
* Wed Sep 30 2009 Tomas Mraz <tmraz@redhat.com> 1.0.0-0.8.beta3
|
||||||
- fix RSA and DSA FIPS selftests
|
- fix RSA and DSA FIPS selftests
|
||||||
- reenable fixed x86_64 camellia assembler code (#521127)
|
- reenable fixed x86_64 camellia assembler code (#521127)
|
||||||
|
Loading…
Reference in New Issue
Block a user