Changes between 0.9.6d and 0.9.6e [30 Jul 2002]
+ *) Add various sanity checks to asn1_get_length() to reject
+ the ASN1 length bytes if they exceed sizeof(long), will appear
+ negative or the content length exceeds the length of the
+ supplied buffer.
+ [Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]
+
*) Fix cipher selection routines: ciphers without encryption had no flags
for the cipher strength set and where therefore not handled correctly
by the selection routines (PR #130).
*) Add various sanity checks to asn1_get_length() to reject
the ASN1 length bytes if they exceed sizeof(long), will appear
negative or the content length exceeds the length of the
- supplied buffer.
+ supplied buffer. (CAN-2002-0659)
[Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]
*) Assertions for various potential buffer overflows, not known to
value is 0.
[Richard Levitte]
- *) [In 0.9.6c-engine release:]
- Fix a crashbug and a logic bug in hwcrhk_load_pubkey()
+ *) [In 0.9.6d-engine release:]
+ Fix a crashbug and a logic bug in hwcrhk_load_pubkey().
[Toomas Kiisk <vix@cyber.ee> via Richard Levitte]
*) Add the configuration target linux-s390x.
if(passout) p8pass = passout;
else {
p8pass = pass;
- EVP_read_pw_string(pass, 50, "Enter Encryption Password:", 1);
+ if (EVP_read_pw_string(pass, 50, "Enter Encryption Password:", 1))
+ return (1);
}
app_RAND_load_file(NULL, bio_err, 0);
if (!(p8 = PKCS8_encrypt(pbe_nid, cipher,
i=0;
for (;;)
{
- l=(a->d[i]+(BN_ULONG)w)&BN_MASK2;
+ if (i >= a->top)
+ l=w;
+ else
+ l=(a->d[i]+(BN_ULONG)w)&BN_MASK2;
a->d[i]=l;
if (w > l)
w=1;
}
rsa=NULL;
- X509_set_version(x,3);
+ X509_set_version(x,2);
ASN1_INTEGER_set(X509_get_serialNumber(x),serial);
X509_gmtime_adj(X509_get_notBefore(x),0);
X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days);
;
; Apparently statement blocks that are not introduced by a statement
; such as "if" and that are not the body of a function cannot
-; be handled too well by CC mode with this indentation style.
-; The style defined below does not indent them at all.
-; To insert tabs manually, prefix them with ^Q (the "quoted-insert"
-; command of Emacs). If you know a solution to this problem
-; or find other problems with this indentation style definition,
-; please send e-mail to bodo@openssl.org.
+; be handled too well by CC mode with this indentation style,
+; so you have to indent them manually (you can use C-q tab).
+;
+; For suggesting improvements, please send e-mail to bodo@openssl.org.
(c-add-style "eay"
'((c-basic-offset . 8)
SSL3_ST_SR_CERT_VRFY_A,
SSL3_ST_SR_CERT_VRFY_B,
-1,
- 512, /* 512? */
+ 514, /* 514? */
&ok);
if (!ok) return((int)n);
sub link_hash_cert {
my $fname = $_[0];
$fname =~ s/'/'\\''/g;
- my ($hash, $fprint) = `$openssl x509 -hash -fingerprint -noout -in '$fname'`;
+ my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname'`;
chomp $hash;
chomp $fprint;
$fprint =~ s/^.*=//;
sub link_hash_crl {
my $fname = $_[0];
- my ($hash, $fprint) = `$openssl crl -hash -fingerprint -noout -in $fname`;
+ $fname =~ s/'/'\\''/g;
+ my ($hash, $fprint) = `"$openssl" crl -hash -fingerprint -noout -in '$fname'`;
chomp $hash;
chomp $fprint;
$fprint =~ s/^.*=//;
projects / openssl / commitdiff