[Pkg-openssl-changes] r628 - in openssl/trunk/debian: . patches

Kurt Roeckx kroeckx at moszumanska.debian.org
Sun Dec 22 18:26:30 UTC 2013 

Author: kroeckx
Date: 2013-12-22 18:26:30 +0000 (Sun, 22 Dec 2013)
New Revision: 628

Added:
   openssl/trunk/debian/patches/req_bits.patch
Modified:
   openssl/trunk/debian/changelog
   openssl/trunk/debian/patches/series
Log:
Properly use the default number of bits in req when none are given


Modified: openssl/trunk/debian/changelog
===================================================================
--- openssl/trunk/debian/changelog	2013-12-22 18:21:51 UTC (rev 627)
+++ openssl/trunk/debian/changelog	2013-12-22 18:26:30 UTC (rev 628)
@@ -17,8 +17,9 @@
     - disable rdrand engine by default (Closes: #732710)
   * disable zlib support.  Fixes CVE-2012-4929 (Closes: #728055)
   * Add arm64 support (Closes: #732348)
+  * Properly use the default number of bits in req when none are given
 
- -- Kurt Roeckx <kurt at roeckx.be>  Sun, 22 Dec 2013 19:17:03 +0100
+ -- Kurt Roeckx <kurt at roeckx.be>  Sun, 22 Dec 2013 19:25:35 +0100
 
 openssl (1.0.1e-4) unstable; urgency=low
 

Added: openssl/trunk/debian/patches/req_bits.patch
===================================================================
--- openssl/trunk/debian/patches/req_bits.patch	                        (rev 0)
+++ openssl/trunk/debian/patches/req_bits.patch	2013-12-22 18:26:30 UTC (rev 628)
@@ -0,0 +1,21 @@
+From: Kurt Roeckx <kurt at roeckx.be>
+Date: Sun, 22 Dec 2013 19:10:21 +0100
+Subject: Use defaults bits in req when not given
+Bug: http://rt.openssl.org/Ticket/Display.html?id=2592&user=guest&pass=guest
+
+Index: openssl-1.0.1e/apps/req.c
+===================================================================
+--- openssl-1.0.1e.orig/apps/req.c	2013-02-11 16:26:04.000000000 +0100
++++ openssl-1.0.1e/apps/req.c	2013-12-22 19:09:34.840366384 +0100
+@@ -655,7 +655,11 @@
+ 		if (newkey <= 0)
+ 			{
+ 			if (!NCONF_get_number(req_conf,SECTION,BITS, &newkey))
++				{
++				EVP_PKEY_CTX_free(genctx);
++				genctx = NULL;
+ 				newkey=DEFAULT_KEY_LENGTH;
++				}
+ 			}
+ 
+ 		if (newkey < MIN_KEY_LENGTH && (pkey_type == EVP_PKEY_RSA || pkey_type == EVP_PKEY_DSA))

Modified: openssl/trunk/debian/patches/series
===================================================================
--- openssl/trunk/debian/patches/series	2013-12-22 18:21:51 UTC (rev 627)
+++ openssl/trunk/debian/patches/series	2013-12-22 18:26:30 UTC (rev 628)
@@ -32,3 +32,4 @@
 defaults.patch
 openssl_fix_for_x32.patch
 fix-pod-errors.patch
+req_bits.patch

More information about the Pkg-openssl-changes mailing list