Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/w3m/patches/03-istream.patch
changeset 3680 4dc408325e7e
equal deleted inserted replaced
3675:7879bc79abbf 3680:4dc408325e7e 
       
     1 # Copied over from the desktop consolidation, which has the comment:
 
       
     2 # date:2011-02-16 owner:liyuan type bug bugster:7008664
 
       
     3 # Bugster CR #7008664 is now BugDB CR #15688660
 
       
     4 # 15688660 SUNBT7008664-SOLARIS_11 CVE-2010-2074 w3m problems handling x.509 data
 
       
     5 #
 
       
     6 # This patch needs to be evaluated to see if it needs to be passed upstream.
 
       
     7 
       
     8 --- w3m-0.5.2/istream.c	2007-05-23 23:06:05.000000000 +0800
 
       
     9 +++ w3m-0.5.3/istream.c	2011-01-04 17:22:22.000000000 +0800
 
       
    10 @@ -1,4 +1,4 @@
 
       
    11 -/* $Id: istream.c,v 1.26 2007/05/23 15:06:05 inu Exp $ */
 
       
    12 +/* $Id: istream.c,v 1.27 2010/07/18 13:43:23 htrb Exp $ */
 
       
    13  #include "fm.h"
 
       
    14  #include "myctype.h"
 
       
    15  #include "istream.h"
 
       
    16 @@ -447,8 +447,17 @@
 
       
    17  
       
    18  		    if (!seen_dnsname)
 
       
    19  			seen_dnsname = Strnew();
 
       
    20 +		    /* replace \0 to make full string visible to user */
 
       
    21 +		    if (sl != strlen(sn)) {
 
       
    22 +			int i;
 
       
    23 +			for (i = 0; i < sl; ++i) {
 
       
    24 +			    if (!sn[i])
 
       
    25 +				sn[i] = '!';
 
       
    26 +			}
 
       
    27 +		    }
 
       
    28  		    Strcat_m_charp(seen_dnsname, sn, " ", NULL);
 
       
    29 -		    if (ssl_match_cert_ident(sn, sl, hostname))
 
       
    30 +		    if (sl == strlen(sn) /* catch \0 in SAN */
 
       
    31 +			&& ssl_match_cert_ident(sn, sl, hostname))
 
       
    32  			break;
 
       
    33  		}
 
       
    34  	    }
 
       
    35 @@ -466,16 +475,27 @@
 
       
    36      if (match_ident == FALSE && ret == NULL) {
 
       
    37  	X509_NAME *xn;
 
       
    38  	char buf[2048];
 
       
    39 +	int slen;
 
       
    40  
       
    41  	xn = X509_get_subject_name(x);
 
       
    42  
       
    43 -	if (X509_NAME_get_text_by_NID(xn, NID_commonName,
 
       
    44 -				      buf, sizeof(buf)) == -1)
 
       
    45 +	slen = X509_NAME_get_text_by_NID(xn, NID_commonName, buf, sizeof(buf));
 
       
    46 +	if ( slen == -1)
 
       
    47  	    /* FIXME: gettextize? */
 
       
    48  	    ret = Strnew_charp("Unable to get common name from peer cert");
 
       
    49 -	else if (!ssl_match_cert_ident(buf, strlen(buf), hostname))
 
       
    50 +	else if (slen != strlen(buf)
 
       
    51 +		|| !ssl_match_cert_ident(buf, strlen(buf), hostname)) {
 
       
    52 +	    /* replace \0 to make full string visible to user */
 
       
    53 +	    if (slen != strlen(buf)) {
 
       
    54 +		int i;
 
       
    55 +		for (i = 0; i < slen; ++i) {
 
       
    56 +		    if (!buf[i])
 
       
    57 +			buf[i] = '!';
 
       
    58 +		}
 
       
    59 +	    }
 
       
    60  	    /* FIXME: gettextize? */
 
       
    61  	    ret = Sprintf("Bad cert ident %s from %s", buf, hostname);
 
       
    62 +	}
 
       
    63  	else
 
       
    64  	    match_ident = TRUE;
 
       
    65      }
upstream/oracle/userland-gate