From a5fa80e2a069e35331af10369d810b4daa63635b Mon Sep 17 00:00:00 2001 From: Igor Pashev Date: Fri, 26 Oct 2012 17:19:15 +0400 Subject: openssl 0.9.8 mostly done --- openssl0.9.8/patches/CVE-2010-3864.patch | 45 ++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 openssl0.9.8/patches/CVE-2010-3864.patch (limited to 'openssl0.9.8/patches/CVE-2010-3864.patch') diff --git a/openssl0.9.8/patches/CVE-2010-3864.patch b/openssl0.9.8/patches/CVE-2010-3864.patch new file mode 100644 index 0000000..c2b2f7b --- /dev/null +++ b/openssl0.9.8/patches/CVE-2010-3864.patch @@ -0,0 +1,45 @@ +Index: ssl/t1_lib.c +=================================================================== +RCS file: /v/openssl/cvs/openssl/ssl/t1_lib.c,v +retrieving revision 1.13.2.27 +diff -u -r1.13.2.27 t1_lib.c +--- openssl/ssl/t1_lib.c 12 Jun 2010 13:18:58 -0000 1.13.2.27 ++++ openssl/ssl/t1_lib.c 3 Nov 2010 23:44:54 -0000 +@@ -432,14 +432,23 @@ + switch (servname_type) + { + case TLSEXT_NAMETYPE_host_name: +- if (s->session->tlsext_hostname == NULL) ++ if (!s->hit) + { +- if (len > TLSEXT_MAXLEN_host_name || +- ((s->session->tlsext_hostname = OPENSSL_malloc(len+1)) == NULL)) ++ if(s->session->tlsext_hostname) ++ { ++ *al = SSL_AD_DECODE_ERROR; ++ return 0; ++ } ++ if (len > TLSEXT_MAXLEN_host_name) + { + *al = TLS1_AD_UNRECOGNIZED_NAME; + return 0; + } ++ if ((s->session->tlsext_hostname = OPENSSL_malloc(len+1)) == NULL) ++ { ++ *al = TLS1_AD_INTERNAL_ERROR; ++ return 0; ++ } + memcpy(s->session->tlsext_hostname, sdata, len); + s->session->tlsext_hostname[len]='\0'; + if (strlen(s->session->tlsext_hostname) != len) { +@@ -452,7 +461,8 @@ + + } + else +- s->servername_done = strlen(s->session->tlsext_hostname) == len ++ s->servername_done = s->session->tlsext_hostname ++ && strlen(s->session->tlsext_hostname) == len + && strncmp(s->session->tlsext_hostname, (char *)sdata, len) == 0; + + break; + -- cgit v1.2.3