aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2005-11-19 01:48:58 +0000
committerjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2005-11-19 01:48:58 +0000
commita89295751f2cf6dbd9005e6dedfe16a65967c97e (patch)
tree9c62f1365e0ab5f22af1211a9bfd6a6c3aa0c143
parentVersion 2.1_beta7 released (diff)
downloadopenvpn-a89295751f2cf6dbd9005e6dedfe16a65967c97e.tar.xz
Merged PKCS11 changes from Alon:
svn merge -r 813:814 $SO/contrib/alon/BETA21/openvpn . git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@816 e7ae566f-a301-0410-adde-c780ea21d3b5
-rw-r--r--pkcs11-helper.c17
1 files changed, 11 insertions, 6 deletions
diff --git a/pkcs11-helper.c b/pkcs11-helper.c
index a5c4b15..06e79d3 100644
--- a/pkcs11-helper.c
+++ b/pkcs11-helper.c
@@ -302,7 +302,9 @@ _hexToBinary (
if ((i%2) == 1) {
unsigned v;
- sscanf (buf, "%x", &v);
+ if (sscanf (buf, "%x", &v) != 1) {
+ v = 0;
+ }
target[*target_size] = v & 0xff;
(*target_size)++;
}
@@ -374,6 +376,7 @@ _isBetterCertificate (
if (
notBeforeCurrent != NULL &&
notBeforeNew != NULL &&
+ X509_cmp_current_time (notBeforeNew) > 0 &&
notBeforeCurrent->length < (int) sizeof (szNotBeforeCurrent) - 1 &&
notBeforeNew->length < (int) sizeof (szNotBeforeNew) - 1
) {
@@ -439,7 +442,9 @@ _pkcs11h_getSlotById (
slot_number = atoi (szSlot);
}
else {
- sscanf (szSlot, "%d:%d", &provider_number, &slot_number);
+ if (sscanf (szSlot, "%d:%d", &provider_number, &slot_number) != 2) {
+ rv = CKR_FUNCTION_FAILED;
+ }
}
}
@@ -753,10 +758,10 @@ _pkcs11h_getSession (
if (rv == CKR_SLOT_ID_INVALID) {
char szLabel[1024];
strcpy (szLabel, "SLOT(");
- strncat (szLabel, szSlotType, sizeof (szLabel)-1);
- strncat (szLabel, "=", sizeof (szLabel)-1);
- strncat (szLabel, szSlot, sizeof (szLabel)-1);
- strncat (szLabel, ")", sizeof (szLabel)-1);
+ strncat (szLabel, szSlotType, sizeof (szLabel)-1-strlen (szLabel));
+ strncat (szLabel, "=", sizeof (szLabel)-1-strlen (szLabel));
+ strncat (szLabel, szSlot, sizeof (szLabel)-1-strlen (szLabel));
+ strncat (szLabel, ")", sizeof (szLabel)-1-strlen (szLabel));
szLabel[sizeof (szLabel)-1] = 0;
PKCS11DLOG (
PKCS11_LOG_DEBUG1,