- Security fix for 0.9.7m

Security: CVE-2007-5135 Security: http://www.openssl.org/news/secadv_20071012.txt Submitted by: Jung-uk Kim
svn path=/head/; revision=218923
2025-01-11 07:22:22 +00:00 · 2008-08-20 16:46:48 +00:00 · 2008-08-20 16:46:48 +00:00 · c0656a8298 · 2021-03-31 03:12:20 +00:00
commit c0656a8298
parent 4616860bd9
2 changed files with 43 additions and 1 deletions
--- a/security/openssl/Makefile
+++ b/security/openssl/Makefile
@ -8,7 +8,7 @@
 PORTNAME=	openssl
 .if !defined(WITH_OPENSSL_BETA) && ( defined(WITH_OPENSSL_097) || defined(WITH_OPENSSL_STABLE) )
 PORTVERSION=	0.9.7m
-PORTREVISION?=	0
+PORTREVISION?=	1
 .else
 PORTVERSION=	0.9.8h
 PORTREVISION?=	1
--- a/security/openssl/files/patch-ssl-ssl_lib.c
+++ b/security/openssl/files/patch-ssl-ssl_lib.c
@ -0,0 +1,42 @@
+--- ssl/ssl_lib.c	2006/09/28 11:53:51	1.110.2.19
+++ ssl/ssl_lib.c	2007/10/04 08:01:21	1.110.2.20
+@@ -1169,7 +1169,6 @@
+ char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
+ 	{
+ 	char *p;
+-	const char *cp;
+ 	STACK_OF(SSL_CIPHER) *sk;
+ 	SSL_CIPHER *c;
+ 	int i;
+@@ -1182,20 +1181,21 @@
+ 	sk=s->session->ciphers;
+ 	for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
+ 		{
+-		/* Decrement for either the ':' or a '\0' */
+-		len--;
+		int n;
+
+ 		c=sk_SSL_CIPHER_value(sk,i);
+-		for (cp=c->name; *cp; )
+		n=strlen(c->name);
+		if (n+1 > len)
+ 			{
+-			if (len-- <= 0)
+-				{
+-				*p='\0';
+-				return(buf);
+-				}
+-			else
+-				*(p++)= *(cp++);
+			if (p != buf)
+				--p;
+			*p='\0';
+			return buf;
+ 			}
+		strcpy(p,c->name);
+		p+=n;
+ 		*(p++)=':';
+		len-=n+1;
+ 		}
+ 	p[-1]='\0';
+ 	return(buf);