yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-02-03 02:31:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

ssl_write_certificate_request() can handle empty ca_chain

Browse source
This commit is contained in:
Paul Bakker 2013-06-21 15:11:10 +02:00
parent 016ea076e7
commit 21360ca4d4
2 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
ChangeLog
View file

@ -30,6 +30,7 @@ Bugfix
* x509parse_crtpath() is now reentrant and uses more portable stat() * x509parse_crtpath() is now reentrant and uses more portable stat()
* Fixed bignum.c and bn_mul.h to support Thumb2 and LLVM compiler * Fixed bignum.c and bn_mul.h to support Thumb2 and LLVM compiler
* Fixed values for 2-key Triple DES in cipher layer * Fixed values for 2-key Triple DES in cipher layer
* ssl_write_certificate_request() can handle empty ca_chain
Security Security
* A possible DoS during the SSL Handshake, due to faulty parsing of * A possible DoS during the SSL Handshake, due to faulty parsing of

2
library/ssl_srv.c
View file

@ -972,7 +972,7 @@ static int ssl_write_certificate_request( ssl_context *ssl )
crt = ssl->ca_chain; crt = ssl->ca_chain;
total_dn_size = 0; total_dn_size = 0;
while( crt != NULL ) while( crt != NULL && crt->version != 0)
{ {
if( p - buf > 4096 ) if( p - buf > 4096 )
break; break;