Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
bab53405
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
8 个月 前同步成功
通知
8
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
bab53405
编写于
1月 07, 2009
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Updatde from stable branch.
上级
cec2af75
变更
11
隐藏空白更改
内联
并排
Showing
11 changed file
with
18 addition
and
14 deletion
+18
-14
CHANGES
CHANGES
+5
-1
apps/speed.c
apps/speed.c
+1
-1
apps/spkac.c
apps/spkac.c
+1
-1
apps/verify.c
apps/verify.c
+1
-2
apps/x509.c
apps/x509.c
+1
-1
crypto/camellia/.cvsignore
crypto/camellia/.cvsignore
+1
-0
ssl/s2_clnt.c
ssl/s2_clnt.c
+1
-1
ssl/s2_srvr.c
ssl/s2_srvr.c
+2
-2
ssl/s3_clnt.c
ssl/s3_clnt.c
+3
-3
ssl/s3_srvr.c
ssl/s3_srvr.c
+1
-1
ssl/ssltest.c
ssl/ssltest.c
+1
-1
未找到文件。
CHANGES
浏览文件 @
bab53405
...
...
@@ -727,7 +727,11 @@
*) Change 'Configure' script to enable Camellia by default.
[NTT]
Changes between 0.9.8i and 0.9.8j [xx XXX xxxx]
Changes between 0.9.8i and 0.9.8j [07 Jan 2009]
*) Properly check EVP_VerifyFinal() and similar return values
(CVE-2008-5077).
[Ben Laurie, Bodo Moeller, Google Security Team]
*) Allow the CHIL engine to be loaded, whether the application is
multithreaded or not. (This does not release the developer from the
...
...
apps/speed.c
浏览文件 @
bab53405
...
...
@@ -1994,7 +1994,7 @@ int MAIN(int argc, char **argv)
{
ret
=
RSA_verify
(
NID_md5_sha1
,
buf
,
36
,
buf2
,
rsa_num
,
rsa_key
[
j
]);
if
(
ret
=
=
0
)
if
(
ret
<
=
0
)
{
BIO_printf
(
bio_err
,
"RSA verify failure
\n
"
);
...
...
apps/spkac.c
浏览文件 @
bab53405
...
...
@@ -285,7 +285,7 @@ bad:
pkey
=
NETSCAPE_SPKI_get_pubkey
(
spki
);
if
(
verify
)
{
i
=
NETSCAPE_SPKI_verify
(
spki
,
pkey
);
if
(
i
)
BIO_printf
(
bio_err
,
"Signature OK
\n
"
);
if
(
i
>
0
)
BIO_printf
(
bio_err
,
"Signature OK
\n
"
);
else
{
BIO_printf
(
bio_err
,
"Signature Failure
\n
"
);
ERR_print_errors
(
bio_err
);
...
...
apps/verify.c
浏览文件 @
bab53405
...
...
@@ -266,7 +266,7 @@ static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, STACK_OF(X
ret
=
0
;
end:
if
(
i
)
if
(
i
>
0
)
{
fprintf
(
stdout
,
"OK
\n
"
);
ret
=
1
;
...
...
@@ -367,4 +367,3 @@ static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx)
ERR_clear_error
();
return
(
ok
);
}
apps/x509.c
浏览文件 @
bab53405
...
...
@@ -1130,7 +1130,7 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
/* NOTE: this certificate can/should be self signed, unless it was
* a certificate request in which case it is not. */
X509_STORE_CTX_set_cert
(
&
xsc
,
x
);
if
(
!
reqfile
&&
!
X509_verify_cert
(
&
xsc
)
)
if
(
!
reqfile
&&
X509_verify_cert
(
&
xsc
)
<=
0
)
goto
end
;
if
(
!
X509_check_private_key
(
xca
,
pkey
))
...
...
crypto/camellia/.cvsignore
浏览文件 @
bab53405
lib
Makefile.save
cmll-*.s
ssl/s2_clnt.c
浏览文件 @
bab53405
...
...
@@ -1046,7 +1046,7 @@ int ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data)
i
=
ssl_verify_cert_chain
(
s
,
sk
);
if
((
s
->
verify_mode
!=
SSL_VERIFY_NONE
)
&&
(
!
i
))
if
((
s
->
verify_mode
!=
SSL_VERIFY_NONE
)
&&
(
i
<=
0
))
{
SSLerr
(
SSL_F_SSL2_SET_CERTIFICATE
,
SSL_R_CERTIFICATE_VERIFY_FAILED
);
goto
err
;
...
...
ssl/s2_srvr.c
浏览文件 @
bab53405
...
...
@@ -1054,7 +1054,7 @@ static int request_certificate(SSL *s)
i
=
ssl_verify_cert_chain
(
s
,
sk
);
if
(
i
)
/* we like the packet, now check the chksum */
if
(
i
>
0
)
/* we like the packet, now check the chksum */
{
EVP_MD_CTX
ctx
;
EVP_PKEY
*
pkey
=
NULL
;
...
...
@@ -1083,7 +1083,7 @@ static int request_certificate(SSL *s)
EVP_PKEY_free
(
pkey
);
EVP_MD_CTX_cleanup
(
&
ctx
);
if
(
i
)
if
(
i
>
0
)
{
if
(
s
->
session
->
peer
!=
NULL
)
X509_free
(
s
->
session
->
peer
);
...
...
ssl/s3_clnt.c
浏览文件 @
bab53405
...
...
@@ -1018,7 +1018,7 @@ int ssl3_get_server_certificate(SSL *s)
}
i
=
ssl_verify_cert_chain
(
s
,
sk
);
if
((
s
->
verify_mode
!=
SSL_VERIFY_NONE
)
&&
(
!
i
)
if
((
s
->
verify_mode
!=
SSL_VERIFY_NONE
)
&&
(
i
<=
0
)
#ifndef OPENSSL_NO_KRB5
&&
!
((
s
->
s3
->
tmp
.
new_cipher
->
algorithm_mkey
&
SSL_kKRB5
)
&&
(
s
->
s3
->
tmp
.
new_cipher
->
algorithm_auth
&
SSL_aKRB5
))
...
...
@@ -1554,7 +1554,7 @@ int ssl3_get_key_exchange(SSL *s)
EVP_VerifyUpdate
(
&
md_ctx
,
&
(
s
->
s3
->
client_random
[
0
]),
SSL3_RANDOM_SIZE
);
EVP_VerifyUpdate
(
&
md_ctx
,
&
(
s
->
s3
->
server_random
[
0
]),
SSL3_RANDOM_SIZE
);
EVP_VerifyUpdate
(
&
md_ctx
,
param
,
param_len
);
if
(
!
EVP_VerifyFinal
(
&
md_ctx
,
p
,(
int
)
n
,
pkey
)
)
if
(
EVP_VerifyFinal
(
&
md_ctx
,
p
,(
int
)
n
,
pkey
)
<=
0
)
{
/* bad signature */
al
=
SSL_AD_DECRYPT_ERROR
;
...
...
@@ -1572,7 +1572,7 @@ int ssl3_get_key_exchange(SSL *s)
EVP_VerifyUpdate
(
&
md_ctx
,
&
(
s
->
s3
->
client_random
[
0
]),
SSL3_RANDOM_SIZE
);
EVP_VerifyUpdate
(
&
md_ctx
,
&
(
s
->
s3
->
server_random
[
0
]),
SSL3_RANDOM_SIZE
);
EVP_VerifyUpdate
(
&
md_ctx
,
param
,
param_len
);
if
(
!
EVP_VerifyFinal
(
&
md_ctx
,
p
,(
int
)
n
,
pkey
)
)
if
(
EVP_VerifyFinal
(
&
md_ctx
,
p
,(
int
)
n
,
pkey
)
<=
0
)
{
/* bad signature */
al
=
SSL_AD_DECRYPT_ERROR
;
...
...
ssl/s3_srvr.c
浏览文件 @
bab53405
...
...
@@ -2844,7 +2844,7 @@ int ssl3_get_client_certificate(SSL *s)
else
{
i
=
ssl_verify_cert_chain
(
s
,
sk
);
if
(
!
i
)
if
(
i
<=
0
)
{
al
=
ssl_verify_alarm_type
(
s
->
verify_result
);
SSLerr
(
SSL_F_SSL3_GET_CLIENT_CERTIFICATE
,
SSL_R_NO_CERTIFICATE_RETURNED
);
...
...
ssl/ssltest.c
浏览文件 @
bab53405
...
...
@@ -2177,7 +2177,7 @@ static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
if
(
cb_arg
->
proxy_auth
)
{
if
(
ok
)
if
(
ok
>
0
)
{
const
char
*
cond_end
=
NULL
;
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录