[SCM] GNU gnutls branch, master, updated. gnutls_3_1

gnutls-commit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU gnutls branch, master, updated. gnutls_3_1_4-17-g3ff3ab8

From:	Nikos Mavrogiannopoulos
Subject:	[SCM] GNU gnutls branch, master, updated. gnutls_3_1_4-17-g3ff3ab8
Date:	Thu, 15 Nov 2012 22:49:22 +0000

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=3ff3ab8abe12d6b76cab2b42b1ccff94d5e54854

The branch, master has been updated
       via  3ff3ab8abe12d6b76cab2b42b1ccff94d5e54854 (commit)
       via  7a5c3a85b3a8444578932809f648b17537b70d1d (commit)
       via  f8bf0c9998ca7f33c6afa6e457b89c480ae75b64 (commit)
       via  d5d1d581af4b388258c7ab9f71f90324d70a9385 (commit)
      from  bbe972239e4d06871f983f6a7303717b29dae5f2 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 3ff3ab8abe12d6b76cab2b42b1ccff94d5e54854
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Thu Nov 15 23:41:58 2012 +0100

    Added small text

commit 7a5c3a85b3a8444578932809f648b17537b70d1d
Author: Tim Kosse <address@hidden>
Date:   Thu Nov 15 19:57:02 2012 +0100

    print-ciphersuites was a very useful too for debugging this. Now it is even 
built.
    
    Signed-off-by: Nikos Mavrogiannopoulos <address@hidden>

commit f8bf0c9998ca7f33c6afa6e457b89c480ae75b64
Author: Tim Kosse <address@hidden>
Date:   Thu Nov 15 19:57:01 2012 +0100

    Don't read past the last list entry in _add_priority, doing so adds 
algorithms that shouldn't be added and can even lead to a segfault.
    
    Signed-off-by: Nikos Mavrogiannopoulos <address@hidden>

commit d5d1d581af4b388258c7ab9f71f90324d70a9385
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Wed Nov 14 23:29:08 2012 +0100

    tried to beautify output of danetool

-----------------------------------------------------------------------

Summary of changes:
 doc/examples/Makefile.am       |    4 ++--
 lib/gnutls_priority.c          |   15 ++++++++-------
 src/danetool.c                 |   18 ++++++++++--------
 tests/cert-tests/template-test |    4 ++++
 4 files changed, 24 insertions(+), 17 deletions(-)

diff --git a/doc/examples/Makefile.am b/doc/examples/Makefile.am
index a42b449..671ef31 100644
--- a/doc/examples/Makefile.am
+++ b/doc/examples/Makefile.am
@@ -43,6 +43,7 @@ CXX_LDADD = ../../lib/libgnutlsxx.la \
 noinst_PROGRAMS = ex-client-resume ex-client-dtls
 noinst_PROGRAMS += ex-cert-select ex-client-x509
 noinst_PROGRAMS += ex-serv-dtls
+noinst_PROGRAMS += print-ciphersuites
 
 if ENABLE_CXX
 ex_cxx_SOURCES = ex-cxx.cpp
@@ -79,5 +80,4 @@ endif
 
 libexamples_la_SOURCES = examples.h ex-alert.c ex-pkcs12.c \
        ex-session-info.c ex-x509-info.c ex-verify.c    \
-       tcp.c udp.c ex-pkcs11-list.c verify.c ex-verify-ssh.c \
-       print-ciphersuites.c
+       tcp.c udp.c ex-pkcs11-list.c verify.c ex-verify-ssh.c
diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c
index b6649ca..03ef83b 100644
--- a/lib/gnutls_priority.c
+++ b/lib/gnutls_priority.c
@@ -89,11 +89,11 @@ _set_priority (priority_st * st, const int *list)
 inline static void
 _add_priority (priority_st * st, const int *list)
 {
-  int num = 0, i, j, init;
+  int num, i, j, init;
 
   init = i = st->algorithms;
 
-  while (list[num] != 0)
+  for (num=0;list[num]!=0;++num)
     {
       if (i+1 > MAX_ALGOS)
         {
@@ -104,14 +104,15 @@ _add_priority (priority_st * st, const int *list)
         {
           if (st->priority[j] == (unsigned)list[num])
             {
-              num++;
-              continue;
+              break;
             }
         }
 
-      st->priority[i++] = list[num];
-      st->algorithms++;
-      num++;
+      if (j == init)
+        {
+          st->priority[i++] = list[num];
+          st->algorithms++;
+        }
     }
     
   return;
diff --git a/src/danetool.c b/src/danetool.c
index f0213d4..cd8211e 100644
--- a/src/danetool.c
+++ b/src/danetool.c
@@ -184,6 +184,7 @@ static void dane_check(const char* host, const char* proto, 
unsigned int port,
 dane_state_t s;
 dane_query_t q;
 int ret;
+unsigned entries;
 unsigned int flags = DANE_F_IGNORE_LOCAL_RESOLVER, i;
 unsigned int usage, type, match;
 gnutls_datum_t data, file;
@@ -192,7 +193,7 @@ size_t size;
   if (ENABLED_OPT(LOCAL_DNS))
     flags = 0;
 
-  printf("Querying on %s (%s:%d)...\n", host, proto, port);
+  printf("Querying %s (%s:%d)...\n", host, proto, port);
   ret = dane_state_init(&s, flags);
   if (ret < 0)
     error (EXIT_FAILURE, 0, "dane_state_init: %s", dane_strerror (ret));
@@ -201,7 +202,8 @@ size_t size;
   if (ret < 0)
     error (EXIT_FAILURE, 0, "dane_query_tlsa: %s", dane_strerror (ret));
   
-  for (i=0;i<dane_query_entries(q);i++)
+  entries = dane_query_entries(q);
+  for (i=0;i<entries;i++)
     {
       ret = dane_query_data(q, i, &usage, &type, &match, &data);
       if (ret < 0)
@@ -213,13 +215,13 @@ size_t size;
       if (ret < 0)
         error (EXIT_FAILURE, 0, "gnutls_hex_encode: %s", dane_strerror (ret));
 
-      printf("\nEntry %d:\n", i+1);
-      fprintf(outfile, "_%u._%s.%s. IN TLSA ( %.2x %.2x %.2x %s )\n", port, 
proto, host, usage, type, match, buffer);
+      if (entries > 1) printf("\nEntry %d:\n", i+1);
 
-      printf("\nCertificate usage: %s\n", dane_cert_usage_name(usage));
-      printf("Certificate type: %s\n", dane_cert_type_name(type));
-      printf("Contents: %s\n", dane_match_type_name(match));
-      printf("Data: %s\n", buffer);
+      fprintf(outfile, "_%u._%s.%s. IN TLSA ( %.2x %.2x %.2x %s )\n", port, 
proto, host, usage, type, match, buffer);
+      printf("Certificate usage: %s (%.2x)\n", dane_cert_usage_name(usage), 
usage);
+      printf("Certificate type:  %s (%.2x)\n", dane_cert_type_name(type), 
type);
+      printf("Contents:          %s (%.2x)\n", dane_match_type_name(match), 
match);
+      printf("Data:              %s\n", buffer);
 
       /* Verify the DANE data */
       if (cinfo->cert)
diff --git a/tests/cert-tests/template-test b/tests/cert-tests/template-test
index 769957b..75f6fab 100755
--- a/tests/cert-tests/template-test
+++ b/tests/cert-tests/template-test
@@ -30,6 +30,10 @@ if test "$TSTAMP" != "1158962400"; then
     exit 77
 fi
 
+# Note that in rare cases this test may fail because the
+# time set using datefudge could have changed since the generation
+# (if example the system was busy)
+
 datefudge "2007-04-22" \
     $CERTTOOL --generate-self-signed \
     --load-privkey $srcdir/template-test.key \


hooks/post-receive
-- 
GNU gnutls

[Prev in Thread]

Current Thread

[Next in Thread]

[SCM] GNU gnutls branch, master, updated. gnutls_3_1_4-17-g3ff3ab8, Nikos Mavrogiannopoulos <=

Prev by Date: [SCM] GNU gnutls branch, master, updated. gnutls_3_1_4-13-gbbe9722
Next by Date: [SCM] GNU gnutls branch, master, updated. gnutls_3_1_4-20-gf8a0214
Previous by thread: [SCM] GNU gnutls branch, master, updated. gnutls_3_1_4-13-gbbe9722
Next by thread: [SCM] GNU gnutls branch, master, updated. gnutls_3_1_4-20-gf8a0214
Index(es):
- Date
- Thread