yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-24 22:25:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream-public/pr/1064' into mbedtls-2.7-restricted-proposed

Browse source
This commit is contained in:
Jaeden Amero 2018-03-15 14:58:24 +00:00
parent e0b1a73c56 4a2fb4c6be
commit c9908f010a
2 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
ChangeLog
View file

@ -31,6 +31,7 @@ Bugfix
overflow. #1179 overflow. #1179
* Fix memory allocation corner cases in memory_buffer_alloc.c module. Found * Fix memory allocation corner cases in memory_buffer_alloc.c module. Found
by Guido Vranken. #639 by Guido Vranken. #639
* Log correct number of ciphersuites used in Client Hello message. #918
* Fix X509 CRT parsing that would potentially accept an invalid tag when * Fix X509 CRT parsing that would potentially accept an invalid tag when
parsing the subject alternative names. parsing the subject alternative names.
* Fix a possible arithmetic overflow in ssl_parse_server_key_exchange() * Fix a possible arithmetic overflow in ssl_parse_server_key_exchange()

5
library/ssl_cli.c
View file

@ -902,6 +902,8 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
*p++ = (unsigned char)( ciphersuites[i] ); *p++ = (unsigned char)( ciphersuites[i] );
} }
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, got %d ciphersuites (excluding SCSVs)", n ) );
/* /*
* Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV * Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV
*/ */
@ -909,6 +911,7 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE )
#endif #endif
{ {
MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding EMPTY_RENEGOTIATION_INFO_SCSV" ) );
*p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO >> 8 ); *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO >> 8 );
*p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ); *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO );
n++; n++;
@ -928,8 +931,6 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
*q++ = (unsigned char)( n >> 7 ); *q++ = (unsigned char)( n >> 7 );
*q++ = (unsigned char)( n << 1 ); *q++ = (unsigned char)( n << 1 );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, got %d ciphersuites", n ) );
#if defined(MBEDTLS_ZLIB_SUPPORT) #if defined(MBEDTLS_ZLIB_SUPPORT)
offer_compress = 1; offer_compress = 1;
#else #else