Annotation of /trunk/rdesktop/patches/rdesktop-1.8.3-openssl-1.1-x509-fixes.patch
Parent Directory | Revision Log
Revision 3096 -
(hide annotations)
(download)
Tue Mar 27 12:29:19 2018 UTC (6 years, 5 months ago) by niro
File size: 1813 byte(s)
Tue Mar 27 12:29:19 2018 UTC (6 years, 5 months ago) by niro
File size: 1813 byte(s)
-added openssl-1.1 fixes
1 | niro | 3096 | From c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1 Mon Sep 17 00:00:00 2001 |
2 | From: Henrik Andersson <hean01@cendio.com> | ||
3 | Date: Mon, 24 Oct 2016 10:24:35 +0200 | ||
4 | Subject: [PATCH] Fix crash in rdssl_cert_to_rkey. | ||
5 | |||
6 | This crash was introduced by merging OpenSSL 1.1 PR done on | ||
7 | commit 50b39d11. Where algor was overwritten with return value | ||
8 | of X509_PUBKEY_get0_param(). I also added additional error | ||
9 | handling for X509_get_X509_PUBKEY. | ||
10 | |||
11 | Thanks to TingPing that found this error in PR. | ||
12 | --- | ||
13 | ssl.c | 15 ++++++++++++++- | ||
14 | 1 file changed, 14 insertions(+), 1 deletion(-) | ||
15 | |||
16 | diff --git a/ssl.c b/ssl.c | ||
17 | index 032e9b9..07d7aa5 100644 | ||
18 | --- a/ssl.c | ||
19 | +++ b/ssl.c | ||
20 | @@ -3,6 +3,7 @@ | ||
21 | Secure sockets abstraction layer | ||
22 | Copyright (C) Matthew Chapman <matthewc.unsw.edu.au> 1999-2008 | ||
23 | Copyright (C) Jay Sorg <j@american-data.com> 2006-2008 | ||
24 | + Copyright (C) Henrik Andersson <hean01@cendio.com> 2016 | ||
25 | |||
26 | This program is free software: you can redistribute it and/or modify | ||
27 | it under the terms of the GNU General Public License as published by | ||
28 | @@ -140,6 +141,7 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len) | ||
29 | EVP_PKEY *epk = NULL; | ||
30 | RDSSL_RKEY *lkey; | ||
31 | int nid; | ||
32 | + int ret; | ||
33 | |||
34 | /* By some reason, Microsoft sets the OID of the Public RSA key to | ||
35 | the oid for "MD5 with RSA Encryption" instead of "RSA Encryption" | ||
36 | @@ -151,7 +153,18 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len) | ||
37 | X509_ALGOR *algor = NULL; | ||
38 | |||
39 | key = X509_get_X509_PUBKEY(cert); | ||
40 | - algor = X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key); | ||
41 | + if (key == NULL) | ||
42 | + { | ||
43 | + error("Failed to get public key from certificate.\n"); | ||
44 | + return NULL; | ||
45 | + } | ||
46 | + | ||
47 | + ret = X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key); | ||
48 | + if (ret != 1) | ||
49 | + { | ||
50 | + error("Faild to get algorithm used for public key.\n"); | ||
51 | + return NULL; | ||
52 | + } | ||
53 | |||
54 | nid = OBJ_obj2nid(algor->algorithm); | ||
55 |