gnutls: updated to 3.5.6
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
This commit is contained in:
parent
feb006f202
commit
449f578975
2 changed files with 3 additions and 84 deletions
|
@ -8,13 +8,13 @@
|
||||||
include $(TOPDIR)/rules.mk
|
include $(TOPDIR)/rules.mk
|
||||||
|
|
||||||
PKG_NAME:=gnutls
|
PKG_NAME:=gnutls
|
||||||
PKG_VERSION:=3.5.4
|
PKG_VERSION:=3.5.6
|
||||||
PKG_RELEASE:=3
|
PKG_RELEASE:=1
|
||||||
PKG_USE_MIPS16:=0
|
PKG_USE_MIPS16:=0
|
||||||
|
|
||||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
|
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
|
||||||
PKG_SOURCE_URL:=ftp://ftp.gnutls.org/gcrypt/gnutls/v3.5
|
PKG_SOURCE_URL:=ftp://ftp.gnutls.org/gcrypt/gnutls/v3.5
|
||||||
PKG_MD5SUM:=c17e20d0f6b040580df57f5f94e3610f
|
PKG_MD5SUM:=7a38b23757aae009c3eb5bb12fb0afda
|
||||||
#PKG_FIXUP:=autoreconf gettext-version
|
#PKG_FIXUP:=autoreconf gettext-version
|
||||||
PKG_MAINTAINER:=Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
PKG_MAINTAINER:=Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
||||||
PKG_LICENSE:=LGPLv2.1+
|
PKG_LICENSE:=LGPLv2.1+
|
||||||
|
|
|
@ -1,81 +0,0 @@
|
||||||
diff --git a/lib/x509/ip-in-cidr.h b/lib/x509/ip-in-cidr.h
|
|
||||||
index 778502a..7613de9 100644
|
|
||||||
--- a/lib/x509/ip-in-cidr.h
|
|
||||||
+++ b/lib/x509/ip-in-cidr.h
|
|
||||||
@@ -36,6 +36,8 @@ static unsigned ip_in_cidr(const gnutls_datum_t *ip, const gnutls_datum_t *cidr)
|
|
||||||
{
|
|
||||||
char str_ip[48];
|
|
||||||
char str_cidr[97];
|
|
||||||
+ unsigned byte;
|
|
||||||
+
|
|
||||||
_gnutls_hard_log("matching %.*s with CIDR constraint %.*s\n",
|
|
||||||
(int) sizeof(str_ip),
|
|
||||||
_gnutls_ip_to_string(ip->data, ip->size, str_ip, sizeof(str_ip)),
|
|
||||||
@@ -43,7 +45,7 @@ static unsigned ip_in_cidr(const gnutls_datum_t *ip, const gnutls_datum_t *cidr)
|
|
||||||
_gnutls_cidr_to_string(cidr->data, cidr->size, str_cidr, sizeof(str_cidr)));
|
|
||||||
|
|
||||||
unsigned ipsize = ip->size;
|
|
||||||
- for (unsigned byte = 0; byte < ipsize; byte++)
|
|
||||||
+ for (byte = 0; byte < ipsize; byte++)
|
|
||||||
if (((ip->data[byte] ^ cidr->data[byte]) & cidr->data[ipsize+byte]) != 0)
|
|
||||||
return 0;
|
|
||||||
|
|
||||||
diff --git a/lib/x509/ip.c b/lib/x509/ip.c
|
|
||||||
index 9316933..b4b31a4 100644
|
|
||||||
--- a/lib/x509/ip.c
|
|
||||||
+++ b/lib/x509/ip.c
|
|
||||||
@@ -175,10 +175,13 @@ static void prefix_to_mask(unsigned prefix, unsigned char *mask, size_t mask_siz
|
|
||||||
*
|
|
||||||
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
|
|
||||||
-*/
|
|
||||||
-int _gnutls_mask_ip(unsigned char *ip, const unsigned char *mask, unsigned ipsize) {
|
|
||||||
+int _gnutls_mask_ip(unsigned char *ip, const unsigned char *mask, unsigned ipsize)
|
|
||||||
+{
|
|
||||||
+ unsigned i;
|
|
||||||
+
|
|
||||||
if (ipsize != 4 && ipsize != 16)
|
|
||||||
return GNUTLS_E_MALFORMED_CIDR;
|
|
||||||
- for (unsigned i = 0;i < ipsize; i++)
|
|
||||||
+ for (i = 0; i < ipsize; i++)
|
|
||||||
ip[i] &= mask[i];
|
|
||||||
return GNUTLS_E_SUCCESS;
|
|
||||||
}
|
|
||||||
diff --git a/lib/x509/name_constraints.c b/lib/x509/name_constraints.c
|
|
||||||
index 98c0f02..196e6d9 100644
|
|
||||||
--- a/lib/x509/name_constraints.c
|
|
||||||
+++ b/lib/x509/name_constraints.c
|
|
||||||
@@ -777,6 +777,7 @@ name_constraints_intersect_nodes(name_constraints_node_st * nc1,
|
|
||||||
*_intersection = NULL;
|
|
||||||
name_constraints_node_st *to_copy = NULL;
|
|
||||||
unsigned iplength = 0;
|
|
||||||
+ unsigned byte;
|
|
||||||
|
|
||||||
if (nc1->type != nc2->type) {
|
|
||||||
return GNUTLS_E_SUCCESS;
|
|
||||||
@@ -796,7 +797,7 @@ name_constraints_intersect_nodes(name_constraints_node_st * nc1,
|
|
||||||
if (nc1->name.size != nc2->name.size)
|
|
||||||
return GNUTLS_E_SUCCESS;
|
|
||||||
iplength = nc1->name.size/2;
|
|
||||||
- for (unsigned byte = 0; byte < iplength; byte++) {
|
|
||||||
+ for (byte = 0; byte < iplength; byte++) {
|
|
||||||
if (((nc1->name.data[byte]^nc2->name.data[byte]) // XOR of addresses
|
|
||||||
& nc1->name.data[byte+iplength] // AND mask from nc1
|
|
||||||
& nc2->name.data[byte+iplength]) // AND mask from nc2
|
|
||||||
@@ -813,6 +814,8 @@ name_constraints_intersect_nodes(name_constraints_node_st * nc1,
|
|
||||||
}
|
|
||||||
// copy existing node if applicable
|
|
||||||
if (to_copy != NULL) {
|
|
||||||
+ unsigned byte;
|
|
||||||
+
|
|
||||||
*_intersection = name_constraints_node_new(to_copy->type, to_copy->name.data, to_copy->name.size);
|
|
||||||
if (*_intersection == NULL)
|
|
||||||
return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
|
|
||||||
@@ -822,7 +825,7 @@ name_constraints_intersect_nodes(name_constraints_node_st * nc1,
|
|
||||||
_gnutls_mask_ip(intersection->name.data, intersection->name.data+iplength, iplength);
|
|
||||||
_gnutls_mask_ip(nc1->name.data, nc1->name.data+iplength, iplength);
|
|
||||||
// update intersection, if necessary (we already know one is subset of other)
|
|
||||||
- for (unsigned byte = 0; byte < 2 * iplength; byte++) {
|
|
||||||
+ for (byte = 0; byte < 2 * iplength; byte++) {
|
|
||||||
intersection->name.data[byte] |= nc1->name.data[byte];
|
|
||||||
}
|
|
||||||
}
|
|
Loading…
Reference in a new issue