mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-27 05:21:51 +08:00
Code Issues Packages Projects Releases Wiki Activity
1e8c4a9b7a
openssl/apps
History
Diego Santa Cruz 0e83981d61 Fix srp app missing NULL termination with password callback 
The password_callback() function does not necessarily NULL terminate
the password buffer, the caller must use the returned length but the
srp app uses this function as if it was doing NULL termination.

This made the -passin and -passout options of "openssl srp"
fail inexpicably and randomly or even crash.

Fixed by enlarging the buffer by one, so that the maximum password length
remains unchanged, and adding NULL termination upon return.

[Rearrange code for coding style compliance in process.]

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3475)
2017-05-22 10:29:16 +02:00
..
demoSRP
app_rand.c
apps.c Switch command-line utils to new nameopt API. 2017-04-25 12:37:17 -04:00
apps.h Add the -groups option to s_server/s_client 2017-05-03 16:39:32 +01:00
asn1pars.c
build.info
ca-cert.srl
ca-key.pem
ca-req.pem
ca.c Switch command-line utils to new nameopt API. 2017-04-25 12:37:17 -04:00
CA.pl.in
cert.pem
ciphers.c
client.pem
cms.c
crl2p7.c
crl.c Switch command-line utils to new nameopt API. 2017-04-25 12:37:17 -04:00
ct_log_list.cnf
dgst.c
dh1024.pem
dh2048.pem
dh4096.pem
dhparam.c Ensure dhparams can handle X9.42 params in DER 2017-04-03 20:04:06 +01:00
dsa512.pem
dsa1024.pem
dsa-ca.pem
dsa-pca.pem
dsa.c
dsap.pem
dsaparam.c
ec.c
ecparam.c
enc.c openssl enc: Don't unbuffer stdin 2017-04-25 15:03:11 +02:00
engine.c Fix gcc-7 warnings. 2017-05-11 19:39:38 +02:00
errstr.c
gendsa.c
genpkey.c
genrsa.c
nseq.c
ocsp.c OCSP Updates: error codes and multiple certificates 2017-04-12 14:41:10 -04:00
openssl-vms.cnf Added support for ESSCertIDv2 2017-05-03 09:04:23 +02:00
openssl.c
openssl.cnf Added support for ESSCertIDv2 2017-05-03 09:04:23 +02:00
opt.c
passwd.c More typo fixes 2017-03-29 07:14:29 +02:00
pca-cert.srl
pca-key.pem
pca-req.pem
pkcs7.c Switch command-line utils to new nameopt API. 2017-04-25 12:37:17 -04:00
pkcs8.c
pkcs12.c -inkey can be an identifier, not just a file 2017-05-21 17:20:31 -04:00
pkey.c
pkeyparam.c
pkeyutl.c
prime.c
privkey.pem
progs.h
progs.pl
rand.c
rehash.c Convert uses of snprintf to BIO_snprintf 2017-05-02 12:29:35 -04:00
req.c Fix regression in openssl req -x509 behaviour. 2017-05-11 17:18:16 +02:00
req.pem
rsa8192.pem
rsa.c
rsautl.c
s512-key.pem
s512-req.pem
s1024key.pem
s1024req.pem
s_apps.h Switch command-line utils to new nameopt API. 2017-04-25 12:37:17 -04:00
s_cb.c Switch command-line utils to new nameopt API. 2017-04-25 12:37:17 -04:00
s_client.c Add checks on return code when applying some settings. 2017-04-28 15:49:36 +02:00
s_server.c Fix an s_server infinite loop 2017-05-09 10:35:33 +01:00
s_socket.c Fix some variable references in init_client 2017-04-25 11:13:39 +01:00
s_time.c
server2.pem
server.pem
server.srl
sess_id.c
smime.c -inkey can be an identifier, not just a file 2017-05-21 17:20:31 -04:00
speed.c Make default_method mostly compile-time 2017-04-07 12:19:46 -04:00
spkac.c
srp.c Fix srp app missing NULL termination with password callback 2017-05-22 10:29:16 +02:00
testCA.pem
testdsa.h
testrsa.h
timeouts.h
ts.c -inkey can be an identifier, not just a file 2017-05-21 17:20:31 -04:00
tsget.in
verify.c Fix gcc-7 warnings. 2017-05-11 19:39:38 +02:00
version.c
vms_decc_init.c
vms_term_sock.c
vms_term_sock.h
win32_init.c
x509.c Switch command-line utils to new nameopt API. 2017-04-25 12:37:17 -04:00