diff options
author | marha <marha@users.sourceforge.net> | 2015-04-20 22:51:55 +0200 |
---|---|---|
committer | marha <marha@users.sourceforge.net> | 2015-04-20 22:53:07 +0200 |
commit | 2a00e489122f6c4b525090dbdba2855a2ea2d519 (patch) | |
tree | 815e5c842bccb2bc6eb4b2934ef618fe32b820ca /openssl/ssl/t1_lib.c | |
parent | 4ba9be2882d9f1567809edb0a31fcdf11320d41f (diff) | |
download | vcxsrv-2a00e489122f6c4b525090dbdba2855a2ea2d519.tar.gz vcxsrv-2a00e489122f6c4b525090dbdba2855a2ea2d519.tar.bz2 vcxsrv-2a00e489122f6c4b525090dbdba2855a2ea2d519.zip |
Upgraded to openssl 1.0.2a
Diffstat (limited to 'openssl/ssl/t1_lib.c')
-rw-r--r-- | openssl/ssl/t1_lib.c | 26 |
1 files changed, 17 insertions, 9 deletions
diff --git a/openssl/ssl/t1_lib.c b/openssl/ssl/t1_lib.c index 72be01dd6..d85d26e59 100644 --- a/openssl/ssl/t1_lib.c +++ b/openssl/ssl/t1_lib.c @@ -470,7 +470,7 @@ static int tls1_get_curvelist(SSL *s, int sess, # ifdef OPENSSL_FIPS if (FIPS_mode()) { *pcurves = fips_curves_default; - *pcurveslen = sizeof(fips_curves_default); + pcurveslen = sizeof(fips_curves_default); } else # endif { @@ -651,6 +651,8 @@ static int nid_cb(const char *elem, int len, void *arg) size_t i; int nid; char etmp[20]; + if (elem == NULL) + return 0; if (narg->nidcnt == MAX_CURVELIST) return 0; if (len > (int)(sizeof(etmp) - 1)) @@ -2965,6 +2967,7 @@ int tls1_set_server_sigalgs(SSL *s) if (s->cert->shared_sigalgs) { OPENSSL_free(s->cert->shared_sigalgs); s->cert->shared_sigalgs = NULL; + s->cert->shared_sigalgslen = 0; } /* Clear certificate digests and validity flags */ for (i = 0; i < SSL_PKEY_NUM; i++) { @@ -3618,6 +3621,7 @@ static int tls1_set_shared_sigalgs(SSL *s) if (c->shared_sigalgs) { OPENSSL_free(c->shared_sigalgs); c->shared_sigalgs = NULL; + c->shared_sigalgslen = 0; } /* If client use client signature algorithms if not NULL */ if (!s->server && c->client_sigalgs && !is_suiteb) { @@ -3640,12 +3644,14 @@ static int tls1_set_shared_sigalgs(SSL *s) preflen = c->peer_sigalgslen; } nmatch = tls12_do_shared_sigalgs(NULL, pref, preflen, allow, allowlen); - if (!nmatch) - return 1; - salgs = OPENSSL_malloc(nmatch * sizeof(TLS_SIGALGS)); - if (!salgs) - return 0; - nmatch = tls12_do_shared_sigalgs(salgs, pref, preflen, allow, allowlen); + if (nmatch) { + salgs = OPENSSL_malloc(nmatch * sizeof(TLS_SIGALGS)); + if (!salgs) + return 0; + nmatch = tls12_do_shared_sigalgs(salgs, pref, preflen, allow, allowlen); + } else { + salgs = NULL; + } c->shared_sigalgs = salgs; c->shared_sigalgslen = nmatch; return 1; @@ -3948,6 +3954,8 @@ static int sig_cb(const char *elem, int len, void *arg) size_t i; char etmp[20], *p; int sig_alg, hash_alg; + if (elem == NULL) + return 0; if (sarg->sigalgcnt == MAX_SIGALGLEN) return 0; if (len > (int)(sizeof(etmp) - 1)) @@ -4122,10 +4130,10 @@ int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain, # endif } else { if (!x || !pk) - goto end; + return 0; idx = ssl_cert_type(x, pk); if (idx == -1) - goto end; + return 0; cpk = c->pkeys + idx; if (c->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT) check_flags = CERT_PKEY_STRICT_FLAGS; |