wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 12:14:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2708 from julek-wolfssl/nginx-fix

Browse Source 
Nginx fix
This commit is contained in:
toddouska
2020-01-09 15:00:59 -08:00
committed by GitHub
parent 3c9f7809f1 e0ab92058b
commit f3b2815e1f
3 changed files with 20 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/internal.c
View File

@@ -10164,7 +10164,8 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
/* Determine untrusted depth */ /* Determine untrusted depth */
if (!alreadySigner) { if (!alreadySigner && (!args->dCert ||
!args->dCertInit || !args->dCert->selfSigned)) {
args->untrustedDepth = 1; args->untrustedDepth = 1;
} }
#endif #endif

17
src/ssl.c
View File

@@ -35558,7 +35558,8 @@ err:
#define PEM_END_SZ 9 #define PEM_END_SZ 9
#define PEM_HDR_FIN "-----" #define PEM_HDR_FIN "-----"
#define PEM_HDR_FIN_SZ 5 #define PEM_HDR_FIN_SZ 5
#define PEM_HDR_FIN_EOL "-----\n" #define PEM_HDR_FIN_EOL_NEWLINE "-----\n"
#define PEM_HDR_FIN_EOL_NULL_TERM "-----\0"
#define PEM_HDR_FIN_EOL_SZ 6 #define PEM_HDR_FIN_EOL_SZ 6
int wolfSSL_PEM_read_bio(WOLFSSL_BIO* bio, char **name, char **header, int wolfSSL_PEM_read_bio(WOLFSSL_BIO* bio, char **name, char **header,
@@ -35694,7 +35695,11 @@ err:
ret = WOLFSSL_FAILURE; ret = WOLFSSL_FAILURE;
} }
if (ret == WOLFSSL_SUCCESS) { if (ret == WOLFSSL_SUCCESS) {
if (XSTRNCMP(pem + PEM_END_SZ + nameLen, PEM_HDR_FIN_EOL, if (XSTRNCMP(pem + PEM_END_SZ + nameLen,
PEM_HDR_FIN_EOL_NEWLINE,
PEM_HDR_FIN_EOL_SZ) != 0 &&
XSTRNCMP(pem + PEM_END_SZ + nameLen,
PEM_HDR_FIN_EOL_NULL_TERM,
PEM_HDR_FIN_EOL_SZ) != 0) { PEM_HDR_FIN_EOL_SZ) != 0) {
ret = WOLFSSL_FAILURE; ret = WOLFSSL_FAILURE;
} }
@@ -35759,8 +35764,8 @@ err:
if (!err) if (!err)
err = wolfSSL_BIO_write(bio, name, nameLen) != nameLen; err = wolfSSL_BIO_write(bio, name, nameLen) != nameLen;
if (!err) { if (!err) {
err = wolfSSL_BIO_write(bio, PEM_HDR_FIN_EOL, PEM_HDR_FIN_EOL_SZ) != err = wolfSSL_BIO_write(bio, PEM_HDR_FIN_EOL_NEWLINE,
(int)PEM_HDR_FIN_EOL_SZ; PEM_HDR_FIN_EOL_SZ) != (int)PEM_HDR_FIN_EOL_SZ;
} }
if (!err && headerLen > 0) { if (!err && headerLen > 0) {
err = wolfSSL_BIO_write(bio, header, headerLen) != headerLen; err = wolfSSL_BIO_write(bio, header, headerLen) != headerLen;
@@ -35777,8 +35782,8 @@ err:
if (!err) if (!err)
err = wolfSSL_BIO_write(bio, name, nameLen) != nameLen; err = wolfSSL_BIO_write(bio, name, nameLen) != nameLen;
if (!err) { if (!err) {
err = wolfSSL_BIO_write(bio, PEM_HDR_FIN_EOL, PEM_HDR_FIN_EOL_SZ) != err = wolfSSL_BIO_write(bio, PEM_HDR_FIN_EOL_NEWLINE,
(int)PEM_HDR_FIN_EOL_SZ; PEM_HDR_FIN_EOL_SZ) != (int)PEM_HDR_FIN_EOL_SZ;
} }
if (!err) { if (!err) {

9
wolfcrypt/src/asn.c
View File

@@ -16030,14 +16030,17 @@ static int ParseCRL_Extensions(DecodedCRL* dcrl, const byte* buf,
idx = *inOutIdx; idx = *inOutIdx;
/* CRL Extensions are optional */
if ((idx + 1) > sz) if ((idx + 1) > sz)
return BUFFER_E; return 0;
/* CRL Extensions are optional */
if (GetASNTag(buf, &idx, &tag, sz) < 0) if (GetASNTag(buf, &idx, &tag, sz) < 0)
return ASN_PARSE_E; return 0;
/* CRL Extensions are optional */
if (tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) if (tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
return ASN_PARSE_E; return 0;
if (GetLength(buf, &idx, &length, sz) < 0) if (GetLength(buf, &idx, &length, sz) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;