Commit 5e5bcd74 authored by Harin Vadodaria's avatar Harin Vadodaria

Bug#15883127: PORT FIX FOR BUG #13904906 TO MYSQL 5.1

Description: Updated yassl to version 2.2.2
parent d8209910
...@@ -42,7 +42,7 @@ AC_DEFUN([MYSQL_USE_BUNDLED_YASSL], [ ...@@ -42,7 +42,7 @@ AC_DEFUN([MYSQL_USE_BUNDLED_YASSL], [
yassl_thread_cxxflags="" yassl_thread_cxxflags=""
yassl_thread_safe="" yassl_thread_safe=""
if test "$with_server" != "no" -o "$THREAD_SAFE_CLIENT" != "no"; then if test "$with_server" != "no" -o "$THREAD_SAFE_CLIENT" != "no"; then
yassl_thread_cxxflags="-DYASSL_THREAD_SAFE" yassl_thread_cxxflags="-DMULTI_THREADED"
yassl_thread_safe="(thread-safe)" yassl_thread_safe="(thread-safe)"
fi fi
AC_SUBST([yassl_thread_cxxflags]) AC_SUBST([yassl_thread_cxxflags])
......
...@@ -12,7 +12,16 @@ before calling SSL_new(); ...@@ -12,7 +12,16 @@ before calling SSL_new();
*** end Note *** *** end Note ***
yaSSL Release notes, version 2.1.2 (9/2/2011) yaSSL Release notes, version 2.2.2 (7/5/2012)
This release of yaSSL contains bug fixes and more security checks around
malicious certificates.
See normal build instructions below under 1.0.6.
See libcurl build instructions below under 1.3.0 and note in 1.5.8.
*****************yaSSL Release notes, version 2.1.2 (9/2/2011)
This release of yaSSL contains bug fixes, better non-blocking support with This release of yaSSL contains bug fixes, better non-blocking support with
SSL_write, and OpenSSL RSA public key format support. SSL_write, and OpenSSL RSA public key format support.
......
...@@ -27,7 +27,7 @@ ...@@ -27,7 +27,7 @@
Visual Studio Source Annotations header (sourceannotations.h) fails Visual Studio Source Annotations header (sourceannotations.h) fails
to compile if outside of the global namespace. to compile if outside of the global namespace.
*/ */
#ifdef YASSL_THREAD_SAFE #ifdef MULTI_THREADED
#ifdef _WIN32 #ifdef _WIN32
#include <windows.h> #include <windows.h>
#endif #endif
...@@ -36,8 +36,9 @@ ...@@ -36,8 +36,9 @@
namespace yaSSL { namespace yaSSL {
#ifdef YASSL_THREAD_SAFE #ifdef MULTI_THREADED
#ifdef _WIN32 #ifdef _WIN32
#include <windows.h>
class Mutex { class Mutex {
CRITICAL_SECTION cs_; CRITICAL_SECTION cs_;
...@@ -77,7 +78,7 @@ namespace yaSSL { ...@@ -77,7 +78,7 @@ namespace yaSSL {
}; };
#endif // _WIN32 #endif // _WIN32
#else // YASSL_THREAD_SAFE (WE'RE SINGLE) #else // MULTI_THREADED (WE'RE SINGLE)
class Mutex { class Mutex {
public: public:
...@@ -87,7 +88,7 @@ namespace yaSSL { ...@@ -87,7 +88,7 @@ namespace yaSSL {
}; };
}; };
#endif // YASSL_THREAD_SAFE #endif // MULTI_THREADED
......
...@@ -35,7 +35,7 @@ ...@@ -35,7 +35,7 @@
#include "rsa.h" #include "rsa.h"
#define YASSL_VERSION "2.2.0" #define YASSL_VERSION "2.2.2"
#if defined(__cplusplus) #if defined(__cplusplus)
......
...@@ -65,7 +65,7 @@ enum YasslError { ...@@ -65,7 +65,7 @@ enum YasslError {
enum Library { yaSSL_Lib = 0, CryptoLib, SocketLib }; enum Library { yaSSL_Lib = 0, CryptoLib, SocketLib };
enum { MAX_ERROR_SZ = 80 }; enum { MAX_ERROR_SZ = 80 };
void SetErrorString(unsigned long, char*); void SetErrorString(YasslError, char*);
/* remove for now, if go back to exceptions use this wrapper /* remove for now, if go back to exceptions use this wrapper
// Base class for all yaSSL exceptions // Base class for all yaSSL exceptions
......
...@@ -250,8 +250,7 @@ int CertManager::Validate() ...@@ -250,8 +250,7 @@ int CertManager::Validate()
TaoCrypt::Source source((*last)->get_buffer(), (*last)->get_length()); TaoCrypt::Source source((*last)->get_buffer(), (*last)->get_length());
TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_); TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_);
int err = cert.GetError().What(); if (int err = cert.GetError().What())
if ( err )
return err; return err;
const TaoCrypt::PublicKey& key = cert.GetPublicKey(); const TaoCrypt::PublicKey& key = cert.GetPublicKey();
......
...@@ -26,7 +26,7 @@ ...@@ -26,7 +26,7 @@
namespace yaSSL { namespace yaSSL {
#ifdef YASSL_THREAD_SAFE #ifdef MULTI_THREADED
#ifdef _WIN32 #ifdef _WIN32
Mutex::Mutex() Mutex::Mutex()
...@@ -79,7 +79,7 @@ namespace yaSSL { ...@@ -79,7 +79,7 @@ namespace yaSSL {
#endif // _WIN32 #endif // _WIN32
#endif // YASSL_THREAD_SAFE #endif // MULTI_THREADED
......
...@@ -27,7 +27,6 @@ ...@@ -27,7 +27,6 @@
/* see man pages for function descriptions */ /* see man pages for function descriptions */
#include "runtime.hpp" #include "runtime.hpp"
...@@ -1014,7 +1013,7 @@ char* ERR_error_string(unsigned long errNumber, char* buffer) ...@@ -1014,7 +1013,7 @@ char* ERR_error_string(unsigned long errNumber, char* buffer)
static char* msg = (char*)"Please supply a buffer for error string"; static char* msg = (char*)"Please supply a buffer for error string";
if (buffer) { if (buffer) {
SetErrorString(errNumber, buffer); SetErrorString(YasslError(errNumber), buffer);
return buffer; return buffer;
} }
......
...@@ -31,11 +31,6 @@ ...@@ -31,11 +31,6 @@
#pragma warning(disable: 4996) #pragma warning(disable: 4996)
#endif #endif
#ifdef _MSC_VER
// 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy
#pragma warning(disable: 4996)
#endif
namespace yaSSL { namespace yaSSL {
...@@ -60,7 +55,7 @@ Library Error::get_lib() const ...@@ -60,7 +55,7 @@ Library Error::get_lib() const
*/ */
void SetErrorString(unsigned long error, char* buffer) void SetErrorString(YasslError error, char* buffer)
{ {
using namespace TaoCrypt; using namespace TaoCrypt;
const int max = MAX_ERROR_SZ; // shorthand const int max = MAX_ERROR_SZ; // shorthand
......
...@@ -92,7 +92,6 @@ typedef BlockCipher<ENCRYPTION, AES, CBC> AES_CBC_Encryption; ...@@ -92,7 +92,6 @@ typedef BlockCipher<ENCRYPTION, AES, CBC> AES_CBC_Encryption;
typedef BlockCipher<DECRYPTION, AES, CBC> AES_CBC_Decryption; typedef BlockCipher<DECRYPTION, AES, CBC> AES_CBC_Decryption;
} // naemspace } // naemspace
#endif // TAO_CRYPT_AES_HPP #endif // TAO_CRYPT_AES_HPP
...@@ -48,9 +48,11 @@ word32 PBKDF2_HMAC<T>::DeriveKey(byte* derived, word32 dLen, const byte* pwd, ...@@ -48,9 +48,11 @@ word32 PBKDF2_HMAC<T>::DeriveKey(byte* derived, word32 dLen, const byte* pwd,
word32 pLen, const byte* salt, word32 sLen, word32 pLen, const byte* salt, word32 sLen,
word32 iterations) const word32 iterations) const
{ {
if (dLen > MaxDerivedKeyLength()) if (dLen > MaxDerivedKeyLength())
return 0; return 0;
if (iterations < 0)
return 0;
ByteBlock buffer(T::DIGEST_SIZE); ByteBlock buffer(T::DIGEST_SIZE);
HMAC<T> hmac; HMAC<T> hmac;
......
...@@ -154,6 +154,8 @@ word32 GetLength(Source& source) ...@@ -154,6 +154,8 @@ word32 GetLength(Source& source)
else else
length = b; length = b;
if (source.IsLeft(length) == false) return 0;
return length; return length;
} }
...@@ -832,7 +834,7 @@ void CertDecoder::GetName(NameType nt) ...@@ -832,7 +834,7 @@ void CertDecoder::GetName(NameType nt)
if (email) { if (email) {
if (!(ptr = AddTag(ptr, buf_end, "/emailAddress=", 14, length))) { if (!(ptr = AddTag(ptr, buf_end, "/emailAddress=", 14, length))) {
source_.SetError(CONTENT_E); source_.SetError(CONTENT_E);
return; return;
} }
} }
......
...@@ -103,6 +103,16 @@ void HexDecoder::Decode() ...@@ -103,6 +103,16 @@ void HexDecoder::Decode()
byte b = coded_.next() - 0x30; // 0 starts at 0x30 byte b = coded_.next() - 0x30; // 0 starts at 0x30
byte b2 = coded_.next() - 0x30; byte b2 = coded_.next() - 0x30;
// sanity checks
if (b >= sizeof(hexDecode)/sizeof(hexDecode[0])) {
coded_.SetError(PEM_E);
return;
}
if (b2 >= sizeof(hexDecode)/sizeof(hexDecode[0])) {
coded_.SetError(PEM_E);
return;
}
b = hexDecode[b]; b = hexDecode[b];
b2 = hexDecode[b2]; b2 = hexDecode[b2];
...@@ -178,6 +188,7 @@ void Base64Decoder::Decode() ...@@ -178,6 +188,7 @@ void Base64Decoder::Decode()
{ {
word32 bytes = coded_.size(); word32 bytes = coded_.size();
word32 plainSz = bytes - ((bytes + (pemLineSz - 1)) / pemLineSz); word32 plainSz = bytes - ((bytes + (pemLineSz - 1)) / pemLineSz);
const byte maxIdx = (byte)sizeof(base64Decode) + 0x2B - 1;
plainSz = ((plainSz * 3) / 4) + 3; plainSz = ((plainSz * 3) / 4) + 3;
decoded_.New(plainSz); decoded_.New(plainSz);
...@@ -200,6 +211,16 @@ void Base64Decoder::Decode() ...@@ -200,6 +211,16 @@ void Base64Decoder::Decode()
if (e4 == pad) if (e4 == pad)
pad4 = true; pad4 = true;
if (e1 < 0x2B || e2 < 0x2B || e3 < 0x2B || e4 < 0x2B) {
coded_.SetError(PEM_E);
return;
}
if (e1 > maxIdx || e2 > maxIdx || e3 > maxIdx || e4 > maxIdx) {
coded_.SetError(PEM_E);
return;
}
e1 = base64Decode[e1 - 0x2B]; e1 = base64Decode[e1 - 0x2B];
e2 = base64Decode[e2 - 0x2B]; e2 = base64Decode[e2 - 0x2B];
e3 = (e3 == pad) ? 0 : base64Decode[e3 - 0x2B]; e3 = (e3 == pad) ? 0 : base64Decode[e3 - 0x2B];
......
...@@ -3,6 +3,21 @@ Microsoft Developer Studio Workspace File, Format Version 6.00 ...@@ -3,6 +3,21 @@ Microsoft Developer Studio Workspace File, Format Version 6.00
############################################################################### ###############################################################################
Project: "benchmark"=.\benchmark\benchmark.dsp - Package Owner=<4>
Package=<5>
{{{
}}}
Package=<4>
{{{
Begin Project Dependency
Project_Dep_Name taocrypt
End Project Dependency
}}}
###############################################################################
Project: "taocrypt"=.\taocrypt.dsp - Package Owner=<4> Project: "taocrypt"=.\taocrypt.dsp - Package Owner=<4>
Package=<5> Package=<5>
...@@ -15,7 +30,7 @@ Package=<4> ...@@ -15,7 +30,7 @@ Package=<4>
############################################################################### ###############################################################################
Project: "test"=.\test.dsp - Package Owner=<4> Project: "test"=.\test\test.dsp - Package Owner=<4>
Package=<5> Package=<5>
{{{ {{{
......
...@@ -31,7 +31,7 @@ ...@@ -31,7 +31,7 @@
To use MemoryTracker merely add this file to your project To use MemoryTracker merely add this file to your project
No need to instantiate anything No need to instantiate anything
If your app is multi threaded define YASSL_THREAD_SAFE If your app is multi threaded define MULTI_THREADED
*********************************************************************/ *********************************************************************/
......
...@@ -37,12 +37,12 @@ RSC=rc.exe ...@@ -37,12 +37,12 @@ RSC=rc.exe
# PROP BASE Target_Dir "" # PROP BASE Target_Dir ""
# PROP Use_MFC 0 # PROP Use_MFC 0
# PROP Use_Debug_Libraries 0 # PROP Use_Debug_Libraries 0
# PROP Output_Dir "test\Release" # PROP Output_Dir "Release"
# PROP Intermediate_Dir "test\Release" # PROP Intermediate_Dir "Release"
# PROP Ignore_Export_Lib 0 # PROP Ignore_Export_Lib 0
# PROP Target_Dir "" # PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c # ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
# ADD CPP /nologo /MT /W3 /O2 /I "include" /I "mySTL" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /c # ADD CPP /nologo /MD /W3 /O2 /I "../include" /I "../mySTL" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /c
# ADD BASE RSC /l 0x409 /d "NDEBUG" # ADD BASE RSC /l 0x409 /d "NDEBUG"
# ADD RSC /l 0x409 /d "NDEBUG" # ADD RSC /l 0x409 /d "NDEBUG"
BSC32=bscmake.exe BSC32=bscmake.exe
...@@ -61,12 +61,12 @@ LINK32=link.exe ...@@ -61,12 +61,12 @@ LINK32=link.exe
# PROP BASE Target_Dir "" # PROP BASE Target_Dir ""
# PROP Use_MFC 0 # PROP Use_MFC 0
# PROP Use_Debug_Libraries 1 # PROP Use_Debug_Libraries 1
# PROP Output_Dir "test\Debug" # PROP Output_Dir "Debug"
# PROP Intermediate_Dir "test\Debug" # PROP Intermediate_Dir "Debug"
# PROP Ignore_Export_Lib 0 # PROP Ignore_Export_Lib 0
# PROP Target_Dir "" # PROP Target_Dir ""
# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c # ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "include" /I "mySTL" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /GZ /c # ADD CPP /nologo /MDd /W3 /Gm /ZI /Od /I "../include" /I "../mySTL" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /GZ /c
# ADD BASE RSC /l 0x409 /d "_DEBUG" # ADD BASE RSC /l 0x409 /d "_DEBUG"
# ADD RSC /l 0x409 /d "_DEBUG" # ADD RSC /l 0x409 /d "_DEBUG"
BSC32=bscmake.exe BSC32=bscmake.exe
...@@ -87,7 +87,7 @@ LINK32=link.exe ...@@ -87,7 +87,7 @@ LINK32=link.exe
# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat" # PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
# Begin Source File # Begin Source File
SOURCE=.\test\test.cpp SOURCE=.\test.cpp
# End Source File # End Source File
# End Group # End Group
# Begin Group "Header Files" # Begin Group "Header Files"
......
...@@ -90,7 +90,7 @@ Package=<4> ...@@ -90,7 +90,7 @@ Package=<4>
############################################################################### ###############################################################################
Project: "test"=.\taocrypt\test.dsp - Package Owner=<4> Project: "test"=.\taocrypt\test\test.dsp - Package Owner=<4>
Package=<5> Package=<5>
{{{ {{{
...@@ -113,9 +113,6 @@ Package=<5> ...@@ -113,9 +113,6 @@ Package=<5>
Package=<4> Package=<4>
{{{ {{{
Begin Project Dependency
Project_Dep_Name taocrypt
End Project Dependency
Begin Project Dependency Begin Project Dependency
Project_Dep_Name yassl Project_Dep_Name yassl
End Project Dependency End Project Dependency
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment