[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_4-17-g3ff3ab8
From: |
Nikos Mavrogiannopoulos |
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_4-17-g3ff3ab8 |
Date: |
Thu, 15 Nov 2012 22:49:22 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=3ff3ab8abe12d6b76cab2b42b1ccff94d5e54854
The branch, master has been updated
via 3ff3ab8abe12d6b76cab2b42b1ccff94d5e54854 (commit)
via 7a5c3a85b3a8444578932809f648b17537b70d1d (commit)
via f8bf0c9998ca7f33c6afa6e457b89c480ae75b64 (commit)
via d5d1d581af4b388258c7ab9f71f90324d70a9385 (commit)
from bbe972239e4d06871f983f6a7303717b29dae5f2 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 3ff3ab8abe12d6b76cab2b42b1ccff94d5e54854
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Nov 15 23:41:58 2012 +0100
Added small text
commit 7a5c3a85b3a8444578932809f648b17537b70d1d
Author: Tim Kosse <address@hidden>
Date: Thu Nov 15 19:57:02 2012 +0100
print-ciphersuites was a very useful too for debugging this. Now it is even
built.
Signed-off-by: Nikos Mavrogiannopoulos <address@hidden>
commit f8bf0c9998ca7f33c6afa6e457b89c480ae75b64
Author: Tim Kosse <address@hidden>
Date: Thu Nov 15 19:57:01 2012 +0100
Don't read past the last list entry in _add_priority, doing so adds
algorithms that shouldn't be added and can even lead to a segfault.
Signed-off-by: Nikos Mavrogiannopoulos <address@hidden>
commit d5d1d581af4b388258c7ab9f71f90324d70a9385
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Nov 14 23:29:08 2012 +0100
tried to beautify output of danetool
-----------------------------------------------------------------------
Summary of changes:
doc/examples/Makefile.am | 4 ++--
lib/gnutls_priority.c | 15 ++++++++-------
src/danetool.c | 18 ++++++++++--------
tests/cert-tests/template-test | 4 ++++
4 files changed, 24 insertions(+), 17 deletions(-)
diff --git a/doc/examples/Makefile.am b/doc/examples/Makefile.am
index a42b449..671ef31 100644
--- a/doc/examples/Makefile.am
+++ b/doc/examples/Makefile.am
@@ -43,6 +43,7 @@ CXX_LDADD = ../../lib/libgnutlsxx.la \
noinst_PROGRAMS = ex-client-resume ex-client-dtls
noinst_PROGRAMS += ex-cert-select ex-client-x509
noinst_PROGRAMS += ex-serv-dtls
+noinst_PROGRAMS += print-ciphersuites
if ENABLE_CXX
ex_cxx_SOURCES = ex-cxx.cpp
@@ -79,5 +80,4 @@ endif
libexamples_la_SOURCES = examples.h ex-alert.c ex-pkcs12.c \
ex-session-info.c ex-x509-info.c ex-verify.c \
- tcp.c udp.c ex-pkcs11-list.c verify.c ex-verify-ssh.c \
- print-ciphersuites.c
+ tcp.c udp.c ex-pkcs11-list.c verify.c ex-verify-ssh.c
diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c
index b6649ca..03ef83b 100644
--- a/lib/gnutls_priority.c
+++ b/lib/gnutls_priority.c
@@ -89,11 +89,11 @@ _set_priority (priority_st * st, const int *list)
inline static void
_add_priority (priority_st * st, const int *list)
{
- int num = 0, i, j, init;
+ int num, i, j, init;
init = i = st->algorithms;
- while (list[num] != 0)
+ for (num=0;list[num]!=0;++num)
{
if (i+1 > MAX_ALGOS)
{
@@ -104,14 +104,15 @@ _add_priority (priority_st * st, const int *list)
{
if (st->priority[j] == (unsigned)list[num])
{
- num++;
- continue;
+ break;
}
}
- st->priority[i++] = list[num];
- st->algorithms++;
- num++;
+ if (j == init)
+ {
+ st->priority[i++] = list[num];
+ st->algorithms++;
+ }
}
return;
diff --git a/src/danetool.c b/src/danetool.c
index f0213d4..cd8211e 100644
--- a/src/danetool.c
+++ b/src/danetool.c
@@ -184,6 +184,7 @@ static void dane_check(const char* host, const char* proto,
unsigned int port,
dane_state_t s;
dane_query_t q;
int ret;
+unsigned entries;
unsigned int flags = DANE_F_IGNORE_LOCAL_RESOLVER, i;
unsigned int usage, type, match;
gnutls_datum_t data, file;
@@ -192,7 +193,7 @@ size_t size;
if (ENABLED_OPT(LOCAL_DNS))
flags = 0;
- printf("Querying on %s (%s:%d)...\n", host, proto, port);
+ printf("Querying %s (%s:%d)...\n", host, proto, port);
ret = dane_state_init(&s, flags);
if (ret < 0)
error (EXIT_FAILURE, 0, "dane_state_init: %s", dane_strerror (ret));
@@ -201,7 +202,8 @@ size_t size;
if (ret < 0)
error (EXIT_FAILURE, 0, "dane_query_tlsa: %s", dane_strerror (ret));
- for (i=0;i<dane_query_entries(q);i++)
+ entries = dane_query_entries(q);
+ for (i=0;i<entries;i++)
{
ret = dane_query_data(q, i, &usage, &type, &match, &data);
if (ret < 0)
@@ -213,13 +215,13 @@ size_t size;
if (ret < 0)
error (EXIT_FAILURE, 0, "gnutls_hex_encode: %s", dane_strerror (ret));
- printf("\nEntry %d:\n", i+1);
- fprintf(outfile, "_%u._%s.%s. IN TLSA ( %.2x %.2x %.2x %s )\n", port,
proto, host, usage, type, match, buffer);
+ if (entries > 1) printf("\nEntry %d:\n", i+1);
- printf("\nCertificate usage: %s\n", dane_cert_usage_name(usage));
- printf("Certificate type: %s\n", dane_cert_type_name(type));
- printf("Contents: %s\n", dane_match_type_name(match));
- printf("Data: %s\n", buffer);
+ fprintf(outfile, "_%u._%s.%s. IN TLSA ( %.2x %.2x %.2x %s )\n", port,
proto, host, usage, type, match, buffer);
+ printf("Certificate usage: %s (%.2x)\n", dane_cert_usage_name(usage),
usage);
+ printf("Certificate type: %s (%.2x)\n", dane_cert_type_name(type),
type);
+ printf("Contents: %s (%.2x)\n", dane_match_type_name(match),
match);
+ printf("Data: %s\n", buffer);
/* Verify the DANE data */
if (cinfo->cert)
diff --git a/tests/cert-tests/template-test b/tests/cert-tests/template-test
index 769957b..75f6fab 100755
--- a/tests/cert-tests/template-test
+++ b/tests/cert-tests/template-test
@@ -30,6 +30,10 @@ if test "$TSTAMP" != "1158962400"; then
exit 77
fi
+# Note that in rare cases this test may fail because the
+# time set using datefudge could have changed since the generation
+# (if example the system was busy)
+
datefudge "2007-04-22" \
$CERTTOOL --generate-self-signed \
--load-privkey $srcdir/template-test.key \
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_1_4-17-g3ff3ab8,
Nikos Mavrogiannopoulos <=