Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 145857 Details for
Bug 213066
net-libs/libesmtp-1.0.4 is broken with dev-libs/openssl-0.9.8g
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
libesmtp-openssl-0.9.8g.patch
esmtp.patch (text/plain), 2.70 KB, created by
sECuRE
on 2008-03-11 19:45:09 UTC
(
hide
)
Description:
libesmtp-openssl-0.9.8g.patch
Filename:
MIME Type:
Creator:
sECuRE
Created:
2008-03-11 19:45:09 UTC
Size:
2.70 KB
patch
obsolete
>--- smtp-tls.c.O 2008-03-11 18:42:41.000000000 +0100 >+++ smtp-tls.c 2008-03-11 18:49:38.000000000 +0100 >@@ -492,7 +492,6 @@ > check_acceptable_security (smtp_session_t session, SSL *ssl) > { > X509 *cert; >- char buf[256]; > int bits; > long vfy_result; > int ok; >@@ -541,68 +540,38 @@ > } > else > { >- int i, j, extcount; >- >- extcount = X509_get_ext_count (cert); >- for (i = 0; i < extcount; i++) >- { >- const char *extstr; >- X509_EXTENSION *ext = X509_get_ext (cert, i); >- >- extstr = OBJ_nid2sn (OBJ_obj2nid (X509_EXTENSION_get_object (ext))); >- if (strcmp (extstr, "subjectAltName") == 0) >- { >- unsigned char *data; >- STACK_OF(CONF_VALUE) *val; >- CONF_VALUE *nval; >- X509V3_EXT_METHOD *meth; >- void *ext_str = NULL; >- int stack_len; >- >- meth = X509V3_EXT_get (ext); >- if (meth == NULL) >- break; >- data = ext->value->data; >-#if (OPENSSL_VERSION_NUMBER > 0x00907000L) >- if (meth->it) >- ext_str = ASN1_item_d2i (NULL, &data, ext->value->length, >- ASN1_ITEM_ptr (meth->it)); >- else >-#endif >- ext_str = meth->d2i (NULL, &data, ext->value->length); >- val = meth->i2v (meth, ext_str, NULL); >- stack_len = sk_CONF_VALUE_num (val); >- for (j = 0; j < stack_len; j++) >- { >- nval = sk_CONF_VALUE_value (val, j); >- if (strcmp (nval->name, "DNS") == 0 >- && match_domain (session->host, nval->value)) >- { >- ok = 1; >- break; >- } >+ STACK *gens; >+ GENERAL_NAME *gen; >+ X509_NAME *subj; >+ char data[256]; >+ int i; >+ gens = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL); >+ if (gens != NULL) { >+ for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) { >+ gen = sk_GENERAL_NAME_value(gens, i); >+ if (gen->type == GEN_DNS) { >+ >+ if (!strcasecmp((char *)gen->d.ia5->data, session->host)) >+ goto found; >+ } > } >- } >- if (ok) >- break; > } >- if (!ok) >- { >- /* Matching by subjectAltName failed, try commonName */ >- X509_NAME_get_text_by_NID (X509_get_subject_name (cert), >- NID_commonName, buf, sizeof buf); >- if (!match_domain (session->host, buf) != 0) >- { >- if (session->event_cb != NULL) >- (*session->event_cb) (session, SMTP_EV_WRONG_PEER_CERTIFICATE, >- session->event_cb_arg, &ok, buf, ssl); >- } >- else >- ok = 1; >+ if ((subj = X509_get_subject_name(cert)) != NULL && >+ X509_NAME_get_text_by_NID(subj, NID_commonName, >+ data, sizeof data) > 0) { >+ data[sizeof data - 1] = 0; >+ if (strcasecmp(data, session->host) == 0) >+ goto found; > } >- X509_free (cert); >+ X509_free(cert); >+ return 0; > } >- return ok; >+ >+ return 0; >+found: >+if (cert) >+ X509_free(cert); >+return 1; > } > > void
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 213066
: 145857 |
242437
|
242479