Attachment #203154 for bug #236137

View | Details | Raw Unified | Return to bug 236137
Collapse All | Expand All




--- tls.c.orig	2006-11-25 18:52:08.000000000 +0000
+++ tls.c	2019-03-22 17:37:16.971621000 +0000
@@ -73,10 +73,12 @@
 		printf("egd_sock is %s\n", egd_sock);
 #ifdef HAVE_RAND_STATUS
 	if (RAND_status() != 1) {

 		if (RAND_status() != 1)
 			sys_err("ssl_init: System without /dev/urandom, PRNG seeding must be done manually.\r\n");
 	}
@@ -258,7 +260,7 @@
 	X509 				*x509_peer;
 	X509_NAME			*x509_subj;
 	X509_EXTENSION 		*x509_ext;
-	X509V3_EXT_METHOD	*x509_meth;
+	const X509V3_EXT_METHOD	*x509_meth;
 	int					ok, extcount, i, j;
 	char 				*extstr;
 	SSL					*ssl;
@@ -294,15 +296,17 @@
 			extstr = (char*)OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(x509_ext)));
 			if (debug) printf("extstr = %s\n", extstr);
 			if (!strcmp(extstr, "subjectAltName")) {
+				ASN1_OCTET_STRING *x509_ext_data;
 				subjectaltname = 1;
 				if	(!(x509_meth = X509V3_EXT_get(x509_ext)))
 					break;
-				data1 = x509_ext->value->data;
+				x509_ext_data = X509_EXTENSION_get_data(x509_ext);
+				data1 = x509_ext_data->data;
 #if (OPENSSL_VERSION_NUMBER > 0x00907000L)     
 				if (x509_meth->it)
-					ext_str = ASN1_item_d2i(NULL, &data1, x509_ext->value->length, ASN1_ITEM_ptr(x509_meth->it));
+					ext_str = ASN1_item_d2i(NULL, &data1, x509_ext_data->length, ASN1_ITEM_ptr(x509_meth->it));
 				else
-					ext_str = x509_meth->d2i(NULL, &data1, x509_ext->value->length);
+					ext_str = x509_meth->d2i(NULL, &data1, x509_ext_data->length);
 #else
 				ext_str = x509_meth->d2i(NULL, &data1, x509_ext->value->length);
 #endif
@@ -341,7 +345,7 @@
 tls_auth_cont(struct user_data *ud, int data)
 {
 	int status, sslerr, cert_ok;
-	SSL_CIPHER *cipher;
+	const SSL_CIPHER *cipher;
 	char cipher_info[128];
 	SSL *ssl;
 

Return to bug 236137

Lines 1-6 Link Here

(-)security/tlswrap/files/patch-tls.c (-3 / +42 lines)
1	--- tls.c.orig 2006-11-25 19:52:08.000000000 +0100	1	--- tls.c.orig 2006-11-25 18:52:08.000000000 +0000
2	+++ tls.c 2015-04-19 15:53:43.000000000 +0200	2	+++ tls.c 2019-03-22 17:37:16.971621000 +0000
3	@@ -73,10 +73,12 @@ void tls_init(char *egd_sock) {	3	@@ -73,10 +73,12 @@
4	printf("egd_sock is %s\n", egd_sock);	4	printf("egd_sock is %s\n", egd_sock);
5	#ifdef HAVE_RAND_STATUS	5	#ifdef HAVE_RAND_STATUS
6	if (RAND_status() != 1) {	6	if (RAND_status() != 1) {
Lines 13-15 Link Here
13	if (RAND_status() != 1)	13	if (RAND_status() != 1)
14	sys_err("ssl_init: System without /dev/urandom, PRNG seeding must be done manually.\r\n");	14	sys_err("ssl_init: System without /dev/urandom, PRNG seeding must be done manually.\r\n");
15	}	15	}
		16	@@ -258,7 +260,7 @@
		17	X509 *x509_peer;
		18	X509_NAME *x509_subj;
		19	X509_EXTENSION *x509_ext;
		20	- X509V3_EXT_METHOD *x509_meth;
		21	+ const X509V3_EXT_METHOD *x509_meth;
		22	int ok, extcount, i, j;
		23	char *extstr;
		24	SSL *ssl;
		25	@@ -294,15 +296,17 @@
		26	extstr = (char*)OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(x509_ext)));
		27	if (debug) printf("extstr = %s\n", extstr);
		28	if (!strcmp(extstr, "subjectAltName")) {
		29	+ ASN1_OCTET_STRING *x509_ext_data;
		30	subjectaltname = 1;
		31	if (!(x509_meth = X509V3_EXT_get(x509_ext)))
		32	break;
		33	- data1 = x509_ext->value->data;
		34	+ x509_ext_data = X509_EXTENSION_get_data(x509_ext);
		35	+ data1 = x509_ext_data->data;
		36	#if (OPENSSL_VERSION_NUMBER > 0x00907000L)
		37	if (x509_meth->it)
		38	- ext_str = ASN1_item_d2i(NULL, &data1, x509_ext->value->length, ASN1_ITEM_ptr(x509_meth->it));
		39	+ ext_str = ASN1_item_d2i(NULL, &data1, x509_ext_data->length, ASN1_ITEM_ptr(x509_meth->it));
		40	else
		41	- ext_str = x509_meth->d2i(NULL, &data1, x509_ext->value->length);
		42	+ ext_str = x509_meth->d2i(NULL, &data1, x509_ext_data->length);
		43	#else
		44	ext_str = x509_meth->d2i(NULL, &data1, x509_ext->value->length);
		45	#endif
		46	@@ -341,7 +345,7 @@
		47	tls_auth_cont(struct user_data *ud, int data)
		48	{
		49	int status, sslerr, cert_ok;
		50	- SSL_CIPHER *cipher;
		51	+ const SSL_CIPHER *cipher;
		52	char cipher_info[128];
		53	SSL *ssl;
		54