提交 0486cce6 编写于 作者: D Dr. Stephen Henson

Initialise X509_STORE_CTX properly so CRLs with nextUpdate date in the past

produce an error (CVE-2011-3207)
上级 0f8d4d49
......@@ -431,8 +431,12 @@
Changes between 1.0.0d and 1.0.0e [xx XXX xxxx]
*) Fix bug where CRLs with nextUpdate in the past are sometimes accepted
by initialising X509_STORE_CTX properly. (CVE-2011-3207)
[Kaspar Brand <ossl@velox.ch>]
*) Fix SSL memory handling for (EC)DH ciphersuites, in particular
for multi-threaded use of ECDH.
for multi-threaded use of ECDH. (CVE-2011-3210)
[Adam Langley (Google)]
*) Fix x509_name_ex_d2i memory leak on bad inputs.
......
......@@ -745,6 +745,7 @@ static int check_cert(X509_STORE_CTX *ctx)
x = sk_X509_value(ctx->chain, cnum);
ctx->current_cert = x;
ctx->current_issuer = NULL;
ctx->current_crl_score = 0;
ctx->current_reasons = 0;
while (ctx->current_reasons != CRLDP_ALL_REASONS)
{
......@@ -2057,6 +2058,9 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
ctx->error_depth=0;
ctx->current_cert=NULL;
ctx->current_issuer=NULL;
ctx->current_crl=NULL;
ctx->current_crl_score=0;
ctx->current_reasons=0;
ctx->tree = NULL;
ctx->parent = NULL;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册