[arch-commits] CVS update of core/base/openssl (2 files)

[Thomas Baechler]

    Date: Saturday, September 29, 2007 @ 11:13:41
  Author: thomas
    Path: /home/cvs-core/core/base/openssl

   Added: openssl-0.9.8e-security-fix.patch (1.1)
Modified: PKGBUILD (1.34 -> 1.35)

upgpkg: openssl 0.9.8e-6


-----------------------------------+
 PKGBUILD                          |   11 ++++++---
 openssl-0.9.8e-security-fix.patch |   42 ++++++++++++++++++++++++++++++++++++
 2 files changed, 49 insertions(+), 4 deletions(-)


Index: core/base/openssl/PKGBUILD
diff -u core/base/openssl/PKGBUILD:1.34 core/base/openssl/PKGBUILD:1.35
--- core/base/openssl/PKGBUILD:1.34	Wed Sep 19 17:23:23 2007
+++ core/base/openssl/PKGBUILD	Sat Sep 29 11:13:40 2007
@@ -1,8 +1,8 @@
-# $Id: PKGBUILD,v 1.34 2007/09/19 21:23:23 thomas Exp $
+# $Id: PKGBUILD,v 1.35 2007/09/29 15:13:40 thomas Exp $
 # Maintainer: judd <jvinet at zeroflux.org>
 pkgname=openssl
 pkgver=0.9.8e
-pkgrel=5
+pkgrel=6
 pkgdesc="The Open Source toolkit for Secure Sockets Layer and Transport Layer Security"
 arch=(i686 x86_64)
 url="http://www.openssl.org"
@@ -11,10 +11,12 @@
 depends=('glibc')
 source=(http://www.openssl.org/source/$pkgname-$pkgver.tar.gz
         key-length.patch
-        openssl-0.9.8-gcc42.patch)
+        openssl-0.9.8-gcc42.patch
+        openssl-0.9.8e-security-fix.patch)
 md5sums=('3a7ff24f6ea5cd711984722ad654b927'
          '8877d92d1ba6b03796bae01582a52fa5'
-         '8295e72df57103823a7c36f98f03806f')
+         '8295e72df57103823a7c36f98f03806f'
+         '5c9263daabb666659094bda2160a7bad')
 
 build() {
   export MAKEFLAGS="-j1"
@@ -22,6 +24,7 @@
   cd $startdir/src/$pkgname-$pkgver
   patch -Np0 -i ../key-length.patch || return 1
   patch -Np1 -i ../openssl-0.9.8-gcc42.patch || return 1
+  patch -Np0 -i ../openssl-0.9.8e-security-fix.patch || return 1
   ./config --prefix=/usr --openssldir=/etc/ssl shared
   make || return 1
   make INSTALL_PREFIX=$startdir/pkg MANDIR=/usr/man install
Index: core/base/openssl/openssl-0.9.8e-security-fix.patch
diff -u /dev/null core/base/openssl/openssl-0.9.8e-security-fix.patch:1.1
--- /dev/null	Sat Sep 29 11:13:40 2007
+++ core/base/openssl/openssl-0.9.8e-security-fix.patch	Sat Sep 29 11:13:41 2007
@@ -0,0 +1,42 @@
+--- ssl/ssl_lib.c
++++ ssl/ssl_lib.c
+@@ -1201,7 +1201,6 @@
+ char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
+ 	{
+ 	char *p;
+-	const char *cp;
+ 	STACK_OF(SSL_CIPHER) *sk;
+ 	SSL_CIPHER *c;
+ 	int i;
+@@ -1214,20 +1213,21 @@
+ 	sk=s->session->ciphers;
+ 	for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
+ 		{
+-		/* Decrement for either the ':' or a '\0' */
+-		len--;
++		int n;
++
+ 		c=sk_SSL_CIPHER_value(sk,i);
+-		for (cp=c->name; *cp; )
++		n=strlen(c->name);
++		if (n+1 > len)
+ 			{
+-			if (len-- <= 0)
+-				{
+-				*p='\0';
+-				return(buf);
+-				}
+-			else
+-				*(p++)= *(cp++);
++			if (p != buf)
++				--p;
++			*p='\0';
++			return buf;
+ 			}
++		strcpy(p,c->name);
++		p+=n;
+ 		*(p++)=':';
++		len-=n+1;
+ 		}
+ 	p[-1]='\0';
+ 	return(buf);