Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
mariadb
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
mariadb
Commits
65a94c3a
Commit
65a94c3a
authored
Mar 21, 2012
by
Georgi Kodinov
Browse files
Options
Browse Files
Download
Plain Diff
weave merge mysql-5.0->mysql-5.0-security
parents
bd21f317
e990b8da
Changes
8
Show whitespace changes
Inline
Side-by-side
Showing
8 changed files
with
68 additions
and
18 deletions
+68
-18
README
README
+1
-1
extra/yassl/README
extra/yassl/README
+1
-2
extra/yassl/include/openssl/ssl.h
extra/yassl/include/openssl/ssl.h
+2
-2
extra/yassl/src/yassl_imp.cpp
extra/yassl/src/yassl_imp.cpp
+19
-1
extra/yassl/src/yassl_int.cpp
extra/yassl/src/yassl_int.cpp
+3
-2
extra/yassl/taocrypt/include/file.hpp
extra/yassl/taocrypt/include/file.hpp
+14
-7
extra/yassl/taocrypt/src/asn.cpp
extra/yassl/taocrypt/src/asn.cpp
+24
-2
extra/yassl/taocrypt/src/integer.cpp
extra/yassl/taocrypt/src/integer.cpp
+4
-1
No files found.
README
View file @
65a94c3a
...
@@ -5,7 +5,7 @@ For the avoidance of doubt, this particular copy of the software
...
@@ -5,7 +5,7 @@ For the avoidance of doubt, this particular copy of the software
is released under the version 2 of the GNU General Public License.
is released under the version 2 of the GNU General Public License.
MySQL is brought to you by Oracle.
MySQL is brought to you by Oracle.
Copyright (c) 2000, 201
1
, Oracle and/or its affiliates. All rights reserved.
Copyright (c) 2000, 201
2
, Oracle and/or its affiliates. All rights reserved.
License information can be found in the COPYING file.
License information can be found in the COPYING file.
...
...
extra/yassl/README
View file @
65a94c3a
...
@@ -21,8 +21,7 @@ See normal build instructions below under 1.0.6.
...
@@ -21,8 +21,7 @@ See normal build instructions below under 1.0.6.
See libcurl build instructions below under 1.3.0 and note in 1.5.8.
See libcurl build instructions below under 1.3.0 and note in 1.5.8.
*****************yaSSL Release notes, version 1.9.9 (1/26/2010)
*****************yaSSL Release notes, version 2.0.0 (7/6/2010)
yaSSL Release notes, version 2.0.0 (7/6/2010)
This release of yaSSL contains bug fixes, new testing certs,
This release of yaSSL contains bug fixes, new testing certs,
and a security patch for a potential heap overflow on forged application
and a security patch for a potential heap overflow on forged application
...
...
extra/yassl/include/openssl/ssl.h
View file @
65a94c3a
/*
/*
Copyright (c) 2005
-2007 MySQL AB, 2008 Sun Microsystems, Inc
.
Copyright (c) 2005
, 2012, Oracle and/or its affiliates. All rights reserved
.
Use is subject to license terms.
Use is subject to license terms.
This program is free software; you can redistribute it and/or modify
This program is free software; you can redistribute it and/or modify
...
@@ -35,7 +35,7 @@
...
@@ -35,7 +35,7 @@
#include "rsa.h"
#include "rsa.h"
#define YASSL_VERSION "2.
1.4
"
#define YASSL_VERSION "2.
2.0
"
#if defined(__cplusplus)
#if defined(__cplusplus)
...
...
extra/yassl/src/yassl_imp.cpp
View file @
65a94c3a
/*
/*
Copyright (c) 2005, 201
0
, Oracle and/or its affiliates. All rights reserved.
Copyright (c) 2005, 201
2
, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
it under the terms of the GNU General Public License as published by
...
@@ -1087,19 +1087,37 @@ void Certificate::Process(input_buffer& input, SSL& ssl)
...
@@ -1087,19 +1087,37 @@ void Certificate::Process(input_buffer& input, SSL& ssl)
uint32
list_sz
;
uint32
list_sz
;
byte
tmp
[
3
];
byte
tmp
[
3
];
if
(
input
.
get_remaining
()
<
sizeof
(
tmp
))
{
ssl
.
SetError
(
YasslError
(
bad_input
));
return
;
}
tmp
[
0
]
=
input
[
AUTO
];
tmp
[
0
]
=
input
[
AUTO
];
tmp
[
1
]
=
input
[
AUTO
];
tmp
[
1
]
=
input
[
AUTO
];
tmp
[
2
]
=
input
[
AUTO
];
tmp
[
2
]
=
input
[
AUTO
];
c24to32
(
tmp
,
list_sz
);
c24to32
(
tmp
,
list_sz
);
if
(
list_sz
>
(
uint
)
MAX_RECORD_SIZE
)
{
// sanity check
ssl
.
SetError
(
YasslError
(
bad_input
));
return
;
}
while
(
list_sz
)
{
while
(
list_sz
)
{
// cert size
// cert size
uint32
cert_sz
;
uint32
cert_sz
;
if
(
input
.
get_remaining
()
<
sizeof
(
tmp
))
{
ssl
.
SetError
(
YasslError
(
bad_input
));
return
;
}
tmp
[
0
]
=
input
[
AUTO
];
tmp
[
0
]
=
input
[
AUTO
];
tmp
[
1
]
=
input
[
AUTO
];
tmp
[
1
]
=
input
[
AUTO
];
tmp
[
2
]
=
input
[
AUTO
];
tmp
[
2
]
=
input
[
AUTO
];
c24to32
(
tmp
,
cert_sz
);
c24to32
(
tmp
,
cert_sz
);
if
(
cert_sz
>
(
uint
)
MAX_RECORD_SIZE
||
input
.
get_remaining
()
<
cert_sz
){
ssl
.
SetError
(
YasslError
(
bad_input
));
return
;
}
x509
*
myCert
;
x509
*
myCert
;
cm
.
AddPeerCert
(
myCert
=
NEW_YS
x509
(
cert_sz
));
cm
.
AddPeerCert
(
myCert
=
NEW_YS
x509
(
cert_sz
));
input
.
read
(
myCert
->
use_buffer
(),
myCert
->
get_length
());
input
.
read
(
myCert
->
use_buffer
(),
myCert
->
get_length
());
...
...
extra/yassl/src/yassl_int.cpp
View file @
65a94c3a
/*
/*
Copyright (c) 2005, 201
1
, Oracle and/or its affiliates. All rights reserved.
Copyright (c) 2005, 201
2
, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
it under the terms of the GNU General Public License as published by
...
@@ -308,8 +308,9 @@ SSL::SSL(SSL_CTX* ctx)
...
@@ -308,8 +308,9 @@ SSL::SSL(SSL_CTX* ctx)
SetError
(
YasslError
(
err
));
SetError
(
YasslError
(
err
));
return
;
return
;
}
}
else
if
(
serverSide
)
{
else
if
(
serverSide
&&
ctx
->
GetCiphers
().
setSuites_
==
0
)
{
// remove RSA or DSA suites depending on cert key type
// remove RSA or DSA suites depending on cert key type
// but don't override user sets
ProtocolVersion
pv
=
secure_
.
get_connection
().
version_
;
ProtocolVersion
pv
=
secure_
.
get_connection
().
version_
;
bool
removeDH
=
secure_
.
use_parms
().
removeDH_
;
bool
removeDH
=
secure_
.
use_parms
().
removeDH_
;
...
...
extra/yassl/taocrypt/include/file.hpp
View file @
65a94c3a
/*
/*
Copyright (C) 2000
-2007 MySQL AB
Copyright (C) 2000
, 2012, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
it under the terms of the GNU General Public License as published by
...
@@ -39,25 +39,32 @@ public:
...
@@ -39,25 +39,32 @@ public:
explicit
Source
(
word32
sz
=
0
)
:
buffer_
(
sz
),
current_
(
0
)
{}
explicit
Source
(
word32
sz
=
0
)
:
buffer_
(
sz
),
current_
(
0
)
{}
Source
(
const
byte
*
b
,
word32
sz
)
:
buffer_
(
b
,
sz
),
current_
(
0
)
{}
Source
(
const
byte
*
b
,
word32
sz
)
:
buffer_
(
b
,
sz
),
current_
(
0
)
{}
word32
remaining
()
{
if
(
GetError
().
What
())
return
0
;
else
return
buffer_
.
size
()
-
current_
;
}
word32
size
()
const
{
return
buffer_
.
size
();
}
word32
size
()
const
{
return
buffer_
.
size
();
}
void
grow
(
word32
sz
)
{
buffer_
.
CleanGrow
(
sz
);
}
void
grow
(
word32
sz
)
{
buffer_
.
CleanGrow
(
sz
);
}
bool
IsLeft
(
word32
sz
)
{
if
(
remaining
()
>=
sz
)
return
true
;
else
{
SetError
(
CONTENT_E
);
return
false
;
}
}
const
byte
*
get_buffer
()
const
{
return
buffer_
.
get_buffer
();
}
const
byte
*
get_buffer
()
const
{
return
buffer_
.
get_buffer
();
}
const
byte
*
get_current
()
const
{
return
&
buffer_
[
current_
];
}
const
byte
*
get_current
()
const
{
return
&
buffer_
[
current_
];
}
word32
get_index
()
const
{
return
current_
;
}
word32
get_index
()
const
{
return
current_
;
}
void
set_index
(
word32
i
)
{
current_
=
i
;
}
void
set_index
(
word32
i
)
{
if
(
i
<
size
())
current_
=
i
;
}
byte
operator
[]
(
word32
i
)
{
current_
=
i
;
return
next
();
}
byte
operator
[]
(
word32
i
)
{
current_
=
i
;
return
next
();
}
byte
next
()
{
return
buffer_
[
current_
++
]
;
}
byte
next
()
{
if
(
IsLeft
(
1
))
return
buffer_
[
current_
++
];
else
return
0
;
}
byte
prev
()
{
return
buffer_
[
--
current_
]
;
}
byte
prev
()
{
if
(
current_
)
return
buffer_
[
--
current_
];
else
return
0
;
}
void
add
(
const
byte
*
data
,
word32
len
)
void
add
(
const
byte
*
data
,
word32
len
)
{
{
if
(
IsLeft
(
len
))
{
memcpy
(
buffer_
.
get_buffer
()
+
current_
,
data
,
len
);
memcpy
(
buffer_
.
get_buffer
()
+
current_
,
data
,
len
);
current_
+=
len
;
current_
+=
len
;
}
}
}
void
advance
(
word32
i
)
{
current_
+=
i
;
}
void
advance
(
word32
i
)
{
if
(
IsLeft
(
i
))
current_
+=
i
;
}
void
reset
(
ByteBlock
&
);
void
reset
(
ByteBlock
&
);
Error
GetError
()
{
return
error_
;
}
Error
GetError
()
{
return
error_
;
}
...
...
extra/yassl/taocrypt/src/asn.cpp
View file @
65a94c3a
/*
/*
Copyright (c) 2005
-2007 MySQL AB, 2009, 2010 Sun Microsystems, Inc
.
Copyright (c) 2005
, 2012, Oracle and/or its affiliates. All rights reserved
.
Use is subject to license terms.
Use is subject to license terms.
This program is free software; you can redistribute it and/or modify
This program is free software; you can redistribute it and/or modify
...
@@ -144,6 +144,8 @@ word32 GetLength(Source& source)
...
@@ -144,6 +144,8 @@ word32 GetLength(Source& source)
if
(
b
>=
LONG_LENGTH
)
{
if
(
b
>=
LONG_LENGTH
)
{
word32
bytes
=
b
&
0x7F
;
word32
bytes
=
b
&
0x7F
;
if
(
source
.
IsLeft
(
bytes
)
==
false
)
return
0
;
while
(
bytes
--
)
{
while
(
bytes
--
)
{
b
=
source
.
next
();
b
=
source
.
next
();
length
=
(
length
<<
8
)
|
b
;
length
=
(
length
<<
8
)
|
b
;
...
@@ -578,8 +580,10 @@ void CertDecoder::StoreKey()
...
@@ -578,8 +580,10 @@ void CertDecoder::StoreKey()
read
=
source_
.
get_index
()
-
read
;
read
=
source_
.
get_index
()
-
read
;
length
+=
read
;
length
+=
read
;
if
(
source_
.
GetError
().
What
())
return
;
while
(
read
--
)
source_
.
prev
();
while
(
read
--
)
source_
.
prev
();
if
(
source_
.
IsLeft
(
length
)
==
false
)
return
;
key_
.
SetSize
(
length
);
key_
.
SetSize
(
length
);
key_
.
SetKey
(
source_
.
get_current
());
key_
.
SetKey
(
source_
.
get_current
());
source_
.
advance
(
length
);
source_
.
advance
(
length
);
...
@@ -611,6 +615,8 @@ void CertDecoder::AddDSA()
...
@@ -611,6 +615,8 @@ void CertDecoder::AddDSA()
word32
length
=
GetLength
(
source_
);
word32
length
=
GetLength
(
source_
);
length
+=
source_
.
get_index
()
-
idx
;
length
+=
source_
.
get_index
()
-
idx
;
if
(
source_
.
IsLeft
(
length
)
==
false
)
return
;
key_
.
AddToEnd
(
source_
.
get_buffer
()
+
idx
,
length
);
key_
.
AddToEnd
(
source_
.
get_buffer
()
+
idx
,
length
);
}
}
...
@@ -621,6 +627,8 @@ word32 CertDecoder::GetAlgoId()
...
@@ -621,6 +627,8 @@ word32 CertDecoder::GetAlgoId()
if
(
source_
.
GetError
().
What
())
return
0
;
if
(
source_
.
GetError
().
What
())
return
0
;
word32
length
=
GetSequence
();
word32
length
=
GetSequence
();
if
(
source_
.
GetError
().
What
())
return
0
;
byte
b
=
source_
.
next
();
byte
b
=
source_
.
next
();
if
(
b
!=
OBJECT_IDENTIFIER
)
{
if
(
b
!=
OBJECT_IDENTIFIER
)
{
source_
.
SetError
(
OBJECT_ID_E
);
source_
.
SetError
(
OBJECT_ID_E
);
...
@@ -628,8 +636,9 @@ word32 CertDecoder::GetAlgoId()
...
@@ -628,8 +636,9 @@ word32 CertDecoder::GetAlgoId()
}
}
length
=
GetLength
(
source_
);
length
=
GetLength
(
source_
);
word32
oid
=
0
;
if
(
source_
.
IsLeft
(
length
)
==
false
)
return
0
;
word32
oid
=
0
;
while
(
length
--
)
while
(
length
--
)
oid
+=
source_
.
next
();
// just sum it up for now
oid
+=
source_
.
next
();
// just sum it up for now
...
@@ -662,6 +671,10 @@ word32 CertDecoder::GetSignature()
...
@@ -662,6 +671,10 @@ word32 CertDecoder::GetSignature()
}
}
sigLength_
=
GetLength
(
source_
);
sigLength_
=
GetLength
(
source_
);
if
(
sigLength_
==
0
||
source_
.
IsLeft
(
sigLength_
)
==
false
)
{
source_
.
SetError
(
CONTENT_E
);
return
0
;
}
b
=
source_
.
next
();
b
=
source_
.
next
();
if
(
b
!=
0
)
{
if
(
b
!=
0
)
{
...
@@ -728,6 +741,7 @@ void CertDecoder::GetName(NameType nt)
...
@@ -728,6 +741,7 @@ void CertDecoder::GetName(NameType nt)
if
(
length
>=
ASN_NAME_MAX
)
if
(
length
>=
ASN_NAME_MAX
)
return
;
return
;
if
(
source_
.
IsLeft
(
length
)
==
false
)
return
;
length
+=
source_
.
get_index
();
length
+=
source_
.
get_index
();
char
*
ptr
;
char
*
ptr
;
...
@@ -753,7 +767,10 @@ void CertDecoder::GetName(NameType nt)
...
@@ -753,7 +767,10 @@ void CertDecoder::GetName(NameType nt)
}
}
word32
oidSz
=
GetLength
(
source_
);
word32
oidSz
=
GetLength
(
source_
);
if
(
source_
.
IsLeft
(
oidSz
)
==
false
)
return
;
byte
joint
[
2
];
byte
joint
[
2
];
if
(
source_
.
IsLeft
(
sizeof
(
joint
))
==
false
)
return
;
memcpy
(
joint
,
source_
.
get_current
(),
sizeof
(
joint
));
memcpy
(
joint
,
source_
.
get_current
(),
sizeof
(
joint
));
// v1 name types
// v1 name types
...
@@ -763,6 +780,8 @@ void CertDecoder::GetName(NameType nt)
...
@@ -763,6 +780,8 @@ void CertDecoder::GetName(NameType nt)
b
=
source_
.
next
();
// strType
b
=
source_
.
next
();
// strType
word32
strLen
=
GetLength
(
source_
);
word32
strLen
=
GetLength
(
source_
);
if
(
source_
.
IsLeft
(
strLen
)
==
false
)
return
;
switch
(
id
)
{
switch
(
id
)
{
case
COMMON_NAME
:
case
COMMON_NAME
:
if
(
!
(
ptr
=
AddTag
(
ptr
,
buf_end
,
"/CN="
,
4
,
strLen
)))
if
(
!
(
ptr
=
AddTag
(
ptr
,
buf_end
,
"/CN="
,
4
,
strLen
)))
...
@@ -804,6 +823,7 @@ void CertDecoder::GetName(NameType nt)
...
@@ -804,6 +823,7 @@ void CertDecoder::GetName(NameType nt)
source_
.
advance
(
oidSz
+
1
);
source_
.
advance
(
oidSz
+
1
);
word32
length
=
GetLength
(
source_
);
word32
length
=
GetLength
(
source_
);
if
(
source_
.
IsLeft
(
length
)
==
false
)
return
;
if
(
email
)
{
if
(
email
)
{
if
(
!
(
ptr
=
AddTag
(
ptr
,
buf_end
,
"/emailAddress="
,
14
,
length
)))
{
if
(
!
(
ptr
=
AddTag
(
ptr
,
buf_end
,
"/emailAddress="
,
14
,
length
)))
{
...
@@ -837,6 +857,8 @@ void CertDecoder::GetDate(DateType dt)
...
@@ -837,6 +857,8 @@ void CertDecoder::GetDate(DateType dt)
}
}
word32
length
=
GetLength
(
source_
);
word32
length
=
GetLength
(
source_
);
if
(
source_
.
IsLeft
(
length
)
==
false
)
return
;
byte
date
[
MAX_DATE_SZ
];
byte
date
[
MAX_DATE_SZ
];
if
(
length
>
MAX_DATE_SZ
||
length
<
MIN_DATE_SZ
)
{
if
(
length
>
MAX_DATE_SZ
||
length
<
MIN_DATE_SZ
)
{
source_
.
SetError
(
DATE_SZ_E
);
source_
.
SetError
(
DATE_SZ_E
);
...
...
extra/yassl/taocrypt/src/integer.cpp
View file @
65a94c3a
/*
/*
Copyright (c) 2005, 201
0
, Oracle and/or its affiliates. All rights reserved.
Copyright (c) 2005, 201
2
, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
it under the terms of the GNU General Public License as published by
...
@@ -2587,12 +2587,15 @@ void Integer::Decode(Source& source)
...
@@ -2587,12 +2587,15 @@ void Integer::Decode(Source& source)
}
}
word32
length
=
GetLength
(
source
);
word32
length
=
GetLength
(
source
);
if
(
length
==
0
||
source
.
GetError
().
What
())
return
;
if
(
(
b
=
source
.
next
())
==
0x00
)
if
(
(
b
=
source
.
next
())
==
0x00
)
length
--
;
length
--
;
else
else
source
.
prev
();
source
.
prev
();
if
(
source
.
IsLeft
(
length
)
==
false
)
return
;
unsigned
int
words
=
(
length
+
WORD_SIZE
-
1
)
/
WORD_SIZE
;
unsigned
int
words
=
(
length
+
WORD_SIZE
-
1
)
/
WORD_SIZE
;
words
=
RoundupSize
(
words
);
words
=
RoundupSize
(
words
);
if
(
words
>
reg_
.
size
())
reg_
.
CleanNew
(
words
);
if
(
words
>
reg_
.
size
())
reg_
.
CleanNew
(
words
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment