diff options
| author | Tatsuya Kinoshita <tats@vega.ocn.ne.jp> | 2011-05-04 07:38:13 +0000 |
|---|---|---|
| committer | Tatsuya Kinoshita <tats@vega.ocn.ne.jp> | 2011-05-04 07:38:13 +0000 |
| commit | ddd965984492e74c3e5fc0fb922d4362fd3aebda (patch) | |
| tree | 1f554ce14b66a9b4c344d62948a473fb1d367262 /debian/patches/060_check-null-cn.patch | |
| parent | Releasing debian version 0.5.2-7 (diff) | |
| download | w3m-ddd965984492e74c3e5fc0fb922d4362fd3aebda.tar.gz w3m-ddd965984492e74c3e5fc0fb922d4362fd3aebda.zip | |
Releasing debian version 0.5.2-8debian/0.5.2-8
Diffstat (limited to 'debian/patches/060_check-null-cn.patch')
| -rw-r--r-- | debian/patches/060_check-null-cn.patch | 57 |
1 files changed, 0 insertions, 57 deletions
diff --git a/debian/patches/060_check-null-cn.patch b/debian/patches/060_check-null-cn.patch deleted file mode 100644 index fdab45c..0000000 --- a/debian/patches/060_check-null-cn.patch +++ /dev/null @@ -1,57 +0,0 @@ -Description: Check for null bytes in CN/subjAltName -Origin: http://www.openwall.com/lists/oss-security/2010/06/14/4 -Author: Ludwig Nussel <ludwig.nussel@suse.de> -Bug-Debian: http://bugs.debian.org/587445 - ---- w3m-0.5.2.orig/istream.c -+++ w3m-0.5.2/istream.c -@@ -447,8 +447,17 @@ ssl_check_cert_ident(X509 * x, char *hos - - if (!seen_dnsname) - seen_dnsname = Strnew(); -+ /* replace \0 to make full string visible to user */ -+ if (sl != strlen(sn)) { -+ int i; -+ for (i = 0; i < sl; ++i) { -+ if (!sn[i]) -+ sn[i] = '!'; -+ } -+ } - Strcat_m_charp(seen_dnsname, sn, " ", NULL); -- if (ssl_match_cert_ident(sn, sl, hostname)) -+ if (sl == strlen(sn) /* catch \0 in SAN */ -+ && ssl_match_cert_ident(sn, sl, hostname)) - break; - } - } -@@ -466,16 +475,27 @@ ssl_check_cert_ident(X509 * x, char *hos - if (match_ident == FALSE && ret == NULL) { - X509_NAME *xn; - char buf[2048]; -+ int slen; - - xn = X509_get_subject_name(x); - -- if (X509_NAME_get_text_by_NID(xn, NID_commonName, -- buf, sizeof(buf)) == -1) -+ slen = X509_NAME_get_text_by_NID(xn, NID_commonName, buf, sizeof(buf)); -+ if ( slen == -1) - /* FIXME: gettextize? */ - ret = Strnew_charp("Unable to get common name from peer cert"); -- else if (!ssl_match_cert_ident(buf, strlen(buf), hostname)) -+ else if (slen != strlen(buf) -+ || !ssl_match_cert_ident(buf, strlen(buf), hostname)) { -+ /* replace \0 to make full string visible to user */ -+ if (slen != strlen(buf)) { -+ int i; -+ for (i = 0; i < slen; ++i) { -+ if (!buf[i]) -+ buf[i] = '!'; -+ } -+ } - /* FIXME: gettextize? */ - ret = Sprintf("Bad cert ident %s from %s", buf, hostname); -+ } - else - match_ident = TRUE; - } |