[Pkg-openssl-changes] r527 - openssl/branches/squeeze/debian/patches
Kurt Roeckx
kroeckx at alioth.debian.org
Wed Jan 18 20:08:26 UTC 2012
Author: kroeckx
Date: 2012-01-18 20:08:25 +0000 (Wed, 18 Jan 2012)
New Revision: 527
Modified:
openssl/branches/squeeze/debian/patches/CVE-2012-0050.patch
Log:
Make the patch apply
Modified: openssl/branches/squeeze/debian/patches/CVE-2012-0050.patch
===================================================================
--- openssl/branches/squeeze/debian/patches/CVE-2012-0050.patch 2012-01-18 20:00:25 UTC (rev 526)
+++ openssl/branches/squeeze/debian/patches/CVE-2012-0050.patch 2012-01-18 20:08:25 UTC (rev 527)
@@ -1,6 +1,8 @@
---- a/ssl/d1_pkt.c
-+++ b/ssl/d1_pkt.c
-@@ -376,6 +376,7 @@ dtls1_process_record(SSL *s)
+Index: openssl-0.9.8o/ssl/d1_pkt.c
+===================================================================
+--- openssl-0.9.8o.orig/ssl/d1_pkt.c 2012-01-18 20:03:12.000000000 +0000
++++ openssl-0.9.8o/ssl/d1_pkt.c 2012-01-18 20:07:36.000000000 +0000
+@@ -339,6 +339,7 @@
unsigned int mac_size;
unsigned char md[EVP_MAX_MD_SIZE];
int decryption_failed_or_bad_record_mac = 0;
@@ -8,7 +10,7 @@
rr= &(s->s3->rrec);
-@@ -447,19 +448,15 @@ printf("\n");
+@@ -406,19 +407,15 @@
#endif
}
/* check the MAC for rr->input (it's in mac_size bytes at the tail) */
@@ -29,7 +31,7 @@
+ else
+ rr->length = 0;
i=s->method->ssl3_enc->mac(s,md,0);
-- if (i < 0 || memcmp(md,&(rr->data[rr->length]),mac_size) != 0)
+- if (memcmp(md,&(rr->data[rr->length]),mac_size) != 0)
+ if (i < 0 || mac == NULL || memcmp(md, mac, mac_size) != 0)
{
decryption_failed_or_bad_record_mac = 1;
More information about the Pkg-openssl-changes
mailing list