wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2708 from julek-wolfssl/nginx-fix

Browse Source 
Nginx fix
This commit is contained in:
toddouska
2020-01-09 15:00:59 -08:00
committed by GitHub
parent 3c9f7809f1 e0ab92058b
commit f3b2815e1f
3 changed files with 20 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/internal.c
View File

@ -10164,7 +10164,8 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
#ifdef OPENSSL_EXTRA
/* Determine untrusted depth */
if (!alreadySigner) {
if (!alreadySigner && (!args->dCert ||
!args->dCertInit || !args->dCert->selfSigned)) {
args->untrustedDepth = 1;
}
#endif

19
src/ssl.c
View File

@ -35558,7 +35558,8 @@ err:
#define PEM_END_SZ 9
#define PEM_HDR_FIN "-----"
#define PEM_HDR_FIN_SZ 5
#define PEM_HDR_FIN_EOL "-----\n"
#define PEM_HDR_FIN_EOL_NEWLINE "-----\n"
#define PEM_HDR_FIN_EOL_NULL_TERM "-----\0"
#define PEM_HDR_FIN_EOL_SZ 6
int wolfSSL_PEM_read_bio(WOLFSSL_BIO* bio, char **name, char **header,
@ -35694,8 +35695,12 @@ err:
ret = WOLFSSL_FAILURE;
}
if (ret == WOLFSSL_SUCCESS) {
if (XSTRNCMP(pem + PEM_END_SZ + nameLen, PEM_HDR_FIN_EOL,
PEM_HDR_FIN_EOL_SZ) != 0) {
if (XSTRNCMP(pem + PEM_END_SZ + nameLen,
PEM_HDR_FIN_EOL_NEWLINE,
PEM_HDR_FIN_EOL_SZ) != 0 &&
XSTRNCMP(pem + PEM_END_SZ + nameLen,
PEM_HDR_FIN_EOL_NULL_TERM,
PEM_HDR_FIN_EOL_SZ) != 0) {
ret = WOLFSSL_FAILURE;
}
}
@ -35759,8 +35764,8 @@ err:
if (!err)
err = wolfSSL_BIO_write(bio, name, nameLen) != nameLen;
if (!err) {
err = wolfSSL_BIO_write(bio, PEM_HDR_FIN_EOL, PEM_HDR_FIN_EOL_SZ) !=
(int)PEM_HDR_FIN_EOL_SZ;
err = wolfSSL_BIO_write(bio, PEM_HDR_FIN_EOL_NEWLINE,
PEM_HDR_FIN_EOL_SZ) != (int)PEM_HDR_FIN_EOL_SZ;
}
if (!err && headerLen > 0) {
err = wolfSSL_BIO_write(bio, header, headerLen) != headerLen;
@ -35777,8 +35782,8 @@ err:
if (!err)
err = wolfSSL_BIO_write(bio, name, nameLen) != nameLen;
if (!err) {
err = wolfSSL_BIO_write(bio, PEM_HDR_FIN_EOL, PEM_HDR_FIN_EOL_SZ) !=
(int)PEM_HDR_FIN_EOL_SZ;
err = wolfSSL_BIO_write(bio, PEM_HDR_FIN_EOL_NEWLINE,
PEM_HDR_FIN_EOL_SZ) != (int)PEM_HDR_FIN_EOL_SZ;
}
if (!err) {

9
wolfcrypt/src/asn.c
View File

@ -16030,14 +16030,17 @@ static int ParseCRL_Extensions(DecodedCRL* dcrl, const byte* buf,
idx = *inOutIdx;
/* CRL Extensions are optional */
if ((idx + 1) > sz)
return BUFFER_E;
return 0;
/* CRL Extensions are optional */
if (GetASNTag(buf, &idx, &tag, sz) < 0)
return ASN_PARSE_E;
return 0;
/* CRL Extensions are optional */
if (tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
return ASN_PARSE_E;
return 0;
if (GetLength(buf, &idx, &length, sz) < 0)
return ASN_PARSE_E;