yaneti / rpms / glib-networking

Forked from rpms/glib-networking 5 years ago
Clone
Source Code
GIT

Blame 0001-gnutls-Prevent-cycles-when-building-the-certificate-.patch

f14 f15 f16 f17 f18 f19 f20 f20-gnome-3-12 f20-gnome-3-14 f21 f22 f23 f24 f25 f26 f27 f28 f29 master meson-check
  1.   f102eb9087ecc7644959a67f75187f4f90e09748
  2.   0001-gnutls-Prevent-cycles-when-building-the-certificate-.patch
Blob History Raw
Michael Catanzaro f102eb9 
From 7db4dbf03b21e382622d452afda5e28db31d0185 Mon Sep 17 00:00:00 2001
Michael Catanzaro f102eb9 
From: Carlos Garcia Campos <cgarcia@igalia.com>
Michael Catanzaro f102eb9 
Date: Thu, 21 Apr 2016 12:28:05 +0200
Michael Catanzaro f102eb9 
Subject: [PATCH] gnutls: Prevent cycles when building the certificate chain
Michael Catanzaro f102eb9
Michael Catanzaro f102eb9 
Explicitly check self-signed certificates and leave a NULL issuer in that
Michael Catanzaro f102eb9 
case.
Michael Catanzaro f102eb9
Michael Catanzaro f102eb9 
https://bugzilla.gnome.org/show_bug.cgi?id=765317
Michael Catanzaro f102eb9 
---
Michael Catanzaro f102eb9 
 tls/gnutls/gtlscertificate-gnutls.c | 4 ++++
Michael Catanzaro f102eb9 
 1 file changed, 4 insertions(+)
Michael Catanzaro f102eb9
Michael Catanzaro f102eb9 
diff --git a/tls/gnutls/gtlscertificate-gnutls.c b/tls/gnutls/gtlscertificate-gnutls.c
Michael Catanzaro f102eb9 
index 4ff996c..8dd0544 100644
Michael Catanzaro f102eb9 
--- a/tls/gnutls/gtlscertificate-gnutls.c
Michael Catanzaro f102eb9 
+++ b/tls/gnutls/gtlscertificate-gnutls.c
Michael Catanzaro f102eb9 
@@ -722,6 +722,10 @@ g_tls_certificate_gnutls_build_chain (const gnutls_datum_t  *certs,
Michael Catanzaro f102eb9 
     {
Michael Catanzaro f102eb9 
       issuer = NULL;
Michael Catanzaro f102eb9
Michael Catanzaro f102eb9 
+      /* Check if the cert issued itself */
Michael Catanzaro f102eb9 
+      if (gnutls_x509_crt_check_issuer (gnutls_certs[i], gnutls_certs[i]))
Michael Catanzaro f102eb9 
+        continue;
Michael Catanzaro f102eb9 
+
Michael Catanzaro f102eb9 
       if (i < num_certs - 1 &&
Michael Catanzaro f102eb9 
           gnutls_x509_crt_check_issuer (gnutls_certs[i], gnutls_certs[i + 1]))
Michael Catanzaro f102eb9 
         {
Michael Catanzaro f102eb9 
--
Michael Catanzaro f102eb9 
2.5.5
Michael Catanzaro f102eb9
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.