Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
e7928282
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
e7928282
编写于
9月 05, 2011
作者:
B
Bodo Möller
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
(EC)DH memory handling fixes.
Submitted by: Adam Langley
上级
837e1b68
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
30 addition
and
9 deletion
+30
-9
CHANGES
CHANGES
+8
-0
ssl/d1_srvr.c
ssl/d1_srvr.c
+1
-2
ssl/s3_lib.c
ssl/s3_lib.c
+6
-0
ssl/s3_srvr.c
ssl/s3_srvr.c
+15
-7
未找到文件。
CHANGES
浏览文件 @
e7928282
...
...
@@ -418,6 +418,10 @@
Changes between 1.0.0d and 1.0.0e [xx XXX xxxx]
*) Fix SSL memory handling for (EC)DH ciphersuites, in particular
for multi-threaded use of ECDH.
[Adam Langley (Google)]
*) Fix x509_name_ex_d2i memory leak on bad inputs.
[Bodo Moeller]
...
...
@@ -1315,6 +1319,10 @@
Changes between 0.9.8r and 0.9.8s [xx XXX xxxx]
*) Fix SSL memory handling for (EC)DH ciphersuites, in particular
for multi-threaded use of ECDH.
[Adam Langley (Google)]
*) Fix x509_name_ex_d2i memory leak on bad inputs.
[Bodo Moeller]
...
...
ssl/d1_srvr.c
浏览文件 @
e7928282
...
...
@@ -1031,12 +1031,11 @@ int dtls1_send_server_key_exchange(SSL *s)
SSLerr
(
SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE
,
ERR_R_ECDH_LIB
);
goto
err
;
}
if
(
!
EC_KEY_up_ref
(
ecdhp
)
)
if
(
(
ecdh
=
EC_KEY_dup
(
ecdhp
))
==
NULL
)
{
SSLerr
(
SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE
,
ERR_R_ECDH_LIB
);
goto
err
;
}
ecdh
=
ecdhp
;
s
->
s3
->
tmp
.
ecdh
=
ecdh
;
if
((
EC_KEY_get0_public_key
(
ecdh
)
==
NULL
)
||
...
...
ssl/s3_lib.c
浏览文件 @
e7928282
...
...
@@ -3021,11 +3021,17 @@ void ssl3_clear(SSL *s)
}
#ifndef OPENSSL_NO_DH
if
(
s
->
s3
->
tmp
.
dh
!=
NULL
)
{
DH_free
(
s
->
s3
->
tmp
.
dh
);
s
->
s3
->
tmp
.
dh
=
NULL
;
}
#endif
#ifndef OPENSSL_NO_ECDH
if
(
s
->
s3
->
tmp
.
ecdh
!=
NULL
)
{
EC_KEY_free
(
s
->
s3
->
tmp
.
ecdh
);
s
->
s3
->
tmp
.
ecdh
=
NULL
;
}
#endif
rp
=
s
->
s3
->
rbuf
.
buf
;
...
...
ssl/s3_srvr.c
浏览文件 @
e7928282
...
...
@@ -883,15 +883,20 @@ int ssl3_check_client_hello(SSL *s)
if
(
s
->
s3
->
tmp
.
message_type
==
SSL3_MT_CLIENT_HELLO
)
{
/* Throw away what we have done so far in the current handshake,
* which will now be aborted. (A full SSL_clear would be too much.)
* I hope that tmp.dh is the only thing that may need to be cleared
* when a handshake is not completed ... */
* which will now be aborted. (A full SSL_clear would be too much.) */
#ifndef OPENSSL_NO_DH
if
(
s
->
s3
->
tmp
.
dh
!=
NULL
)
{
DH_free
(
s
->
s3
->
tmp
.
dh
);
s
->
s3
->
tmp
.
dh
=
NULL
;
}
#endif
#ifndef OPENSSL_NO_ECDH
if
(
s
->
s3
->
tmp
.
ecdh
!=
NULL
)
{
EC_KEY_free
(
s
->
s3
->
tmp
.
ecdh
);
s
->
s3
->
tmp
.
ecdh
=
NULL
;
}
#endif
return
2
;
}
...
...
@@ -1622,7 +1627,6 @@ int ssl3_send_server_key_exchange(SSL *s)
if
(
s
->
s3
->
tmp
.
dh
!=
NULL
)
{
DH_free
(
dh
);
SSLerr
(
SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE
,
ERR_R_INTERNAL_ERROR
);
goto
err
;
}
...
...
@@ -1683,7 +1687,6 @@ int ssl3_send_server_key_exchange(SSL *s)
if
(
s
->
s3
->
tmp
.
ecdh
!=
NULL
)
{
EC_KEY_free
(
s
->
s3
->
tmp
.
ecdh
);
SSLerr
(
SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE
,
ERR_R_INTERNAL_ERROR
);
goto
err
;
}
...
...
@@ -1694,12 +1697,11 @@ int ssl3_send_server_key_exchange(SSL *s)
SSLerr
(
SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE
,
ERR_R_ECDH_LIB
);
goto
err
;
}
if
(
!
EC_KEY_up_ref
(
ecdhp
)
)
if
(
(
ecdh
=
EC_KEY_dup
(
ecdhp
))
==
NULL
)
{
SSLerr
(
SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE
,
ERR_R_ECDH_LIB
);
goto
err
;
}
ecdh
=
ecdhp
;
s
->
s3
->
tmp
.
ecdh
=
ecdh
;
if
((
EC_KEY_get0_public_key
(
ecdh
)
==
NULL
)
||
...
...
@@ -2611,6 +2613,12 @@ int ssl3_get_client_key_exchange(SSL *s)
/* Get encoded point length */
i
=
*
p
;
p
+=
1
;
if
(
n
!=
1
+
i
)
{
SSLerr
(
SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE
,
ERR_R_EC_LIB
);
goto
err
;
}
if
(
EC_POINT_oct2point
(
group
,
clnt_ecpoint
,
p
,
i
,
bn_ctx
)
==
0
)
{
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录