aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2006-06-11 03:56:52 +0000
committerjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2006-06-11 03:56:52 +0000
commitacb567cde0676497f07e9127d68cbedcd90e52be (patch)
treebc6745296b54ee47867e857b8b2098ff6b7e761e
parentAdded credit for CAN-2005-2532. (diff)
downloadopenvpn-acb567cde0676497f07e9127d68cbedcd90e52be.tar.xz
A few more updates:
-r 1015:1025 https://svn.openvpn.net/projects/openvpn/contrib/alon/BETA21 Changes: 1. Fix handling (ignoring) zero sized attributes. 2. Fix gcc-2 issues. 3. Fix openssl 0.9.6 (first version) issues. 4. easy-rsa Makefile (install) is now available so that distribs will be able to install it safely. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1033 e7ae566f-a301-0410-adde-c780ea21d3b5
-rw-r--r--easy-rsa/2.0/Makefile13
-rw-r--r--pkcs11-helper.c37
-rw-r--r--pkcs11-helper.h24
3 files changed, 72 insertions, 2 deletions
diff --git a/easy-rsa/2.0/Makefile b/easy-rsa/2.0/Makefile
new file mode 100644
index 0000000..902d78f
--- /dev/null
+++ b/easy-rsa/2.0/Makefile
@@ -0,0 +1,13 @@
+
+DESTDIR=
+PREFIX=
+
+all:
+ echo "All done."
+ echo "Run make install DESTDIR=/usr/share/somewhere"
+
+install:
+ install -c --directory "${DESTDIR}/${PREFIX}"
+ install -c --mode=0755 build-* "${DESTDIR}/${PREFIX}"
+ install -c --mode=0755 clean-all list-crl inherit-inter pkitool revoke-full sign-req whichopensslcnf "${DESTDIR}/${PREFIX}"
+ install -c --mode=0644 openssl-0.9.6.cnf openssl.cnf README vars "${DESTDIR}/${PREFIX}"
diff --git a/pkcs11-helper.c b/pkcs11-helper.c
index 111dbdb..c6ef79d 100644
--- a/pkcs11-helper.c
+++ b/pkcs11-helper.c
@@ -2,6 +2,28 @@
* Copyright (c) 2005-2006 Alon Bar-Lev <alon.barlev@gmail.com>
* All rights reserved.
*
+ * This software is available to you under a choice of one of two
+ * licenses. You may choose to be licensed under the terms of the GNU
+ * General Public License (GPL) Version 2, or the OpenIB.org BSD license.
+ *
+ * GNU General Public License (GPL) Version 2
+ * ===========================================
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program (see the file COPYING[.GPL2] included with this
+ * distribution); if not, write to the Free Software Foundation, Inc.,
+ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ * OpenIB.org BSD license
+ * =======================
* Redistribution and use in source and binary forms, with or without modifi-
* cation, are permitted provided that the following conditions are met:
*
@@ -55,6 +77,12 @@
# endif
#endif
+#if OPENSSL_VERSION_NUMBER < 0x00907000L
+#if !defined(RSA_PKCS1_PADDING_SIZE)
+#define RSA_PKCS1_PADDING_SIZE 11
+#endif
+#endif
+
#define PKCS11H_INVALID_SLOT_ID ((CK_SLOT_ID)-1)
#define PKCS11H_INVALID_SESSION_HANDLE ((CK_SESSION_HANDLE)-1)
#define PKCS11H_INVALID_OBJECT_HANDLE ((CK_OBJECT_HANDLE)-1)
@@ -2415,6 +2443,9 @@ _pkcs11h_getObjectAttributes (
if (attrs[i].ulValueLen == (CK_ULONG)-1) {
rv = CKR_ATTRIBUTE_VALUE_INVALID;
}
+ else if (attrs[i].ulValueLen == 0) {
+ attrs[i].pValue = NULL;
+ }
else {
rv = _pkcs11h_malloc (
(void *)&attrs[i].pValue,
@@ -2890,7 +2921,7 @@ _pkcs11h_releaseSession (
PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG2,
- "PKCS#11: _pkcs11h_releaseSession session=%p",
+ "PKCS#11: _pkcs11h_releaseSession entry session=%p",
(void *)session
);
@@ -6832,6 +6863,10 @@ pkcs11h_locate_certificate (
if (!strcmp (szIdType, "id")) {
certificate_id->attrCKA_ID_size = strlen (szId)/2;
+ if (certificate_id->attrCKA_ID_size == 0) {
+ rv = CKR_FUNCTION_FAILED;
+ }
+
if (
rv == CKR_OK &&
(rv = _pkcs11h_malloc (
diff --git a/pkcs11-helper.h b/pkcs11-helper.h
index 27289c4..e2cef6d 100644
--- a/pkcs11-helper.h
+++ b/pkcs11-helper.h
@@ -2,6 +2,28 @@
* Copyright (c) 2005-2006 Alon Bar-Lev <alon.barlev@gmail.com>
* All rights reserved.
*
+ * This software is available to you under a choice of one of two
+ * licenses. You may choose to be licensed under the terms of the GNU
+ * General Public License (GPL) Version 2, or the OpenIB.org BSD license.
+ *
+ * GNU General Public License (GPL) Version 2
+ * ===========================================
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program (see the file COPYING[.GPL2] included with this
+ * distribution); if not, write to the Free Software Foundation, Inc.,
+ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ * OpenIB.org BSD license
+ * =======================
* Redistribution and use in source and binary forms, with or without modifi-
* cation, are permitted provided that the following conditions are met:
*
@@ -78,7 +100,7 @@ typedef void (*pkcs11h_output_print_t)(
IN const char * const szFormat,
IN ...
)
-#ifdef __GNUC__
+#if __GNUC__ > 2
__attribute__ ((format (printf, 2, 3)))
#endif
;