- fix RSA_generate_key
PR: 242862 Submitted by: Dan Lukes
This commit is contained in:
Dirk Meyer
parent
1a7beb6b2e
commit
83575d3043
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=520819
@ -2,7 +2,7 @@
|
||||
|
||||
PORTNAME= sendmail
|
||||
PORTVERSION= 8.15.2
|
||||
PORTREVISION= 19
|
||||
PORTREVISION= 20
|
||||
CATEGORIES= mail
|
||||
MASTER_SITES= ftp://ftp.sendmail.org/pub/sendmail/
|
||||
DISTNAME= ${PORTNAME}.${PORTVERSION}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
--- sendmail/tls.c.orig 2015-06-20 01:37:28 UTC
|
||||
+++ sendmail/tls.c
|
||||
@@ -16,6 +16,9 @@ SM_RCSID("@(#)$Id: tls.c,v 8.127 2013-11
|
||||
@@ -16,6 +16,9 @@ SM_RCSID("@(#)$Id: tls.c,v 8.127 2013-11-27 02:51:11 g
|
||||
# include <openssl/err.h>
|
||||
# include <openssl/bio.h>
|
||||
# include <openssl/pem.h>
|
||||
@ -10,7 +10,7 @@
|
||||
# ifndef HASURANDOMDEV
|
||||
# include <openssl/rand.h>
|
||||
# endif /* ! HASURANDOMDEV */
|
||||
@@ -44,6 +47,23 @@ static bool tls_safe_f __P((char *, long
|
||||
@@ -44,6 +47,23 @@ static bool tls_safe_f __P((char *, long, bool));
|
||||
static int tls_verify_log __P((int, X509_STORE_CTX *, const char *));
|
||||
|
||||
# if !NO_DH
|
||||
@ -76,7 +76,7 @@
|
||||
}
|
||||
return(dh);
|
||||
}
|
||||
@@ -708,6 +733,30 @@ load_certkey(ssl, srv, certfile, keyfile
|
||||
@@ -708,6 +733,29 @@ load_certkey(ssl, srv, certfile, keyfile)
|
||||
|
||||
static char server_session_id_context[] = "sendmail8";
|
||||
|
||||
@ -97,7 +97,6 @@
|
||||
+ RSA_free(rsa);
|
||||
+ rsa = NULL;
|
||||
+ }
|
||||
+ return NULL;
|
||||
+ }
|
||||
+ BN_free(bn_rsa_r4);
|
||||
+ return rsa;
|
||||
@ -107,7 +106,7 @@
|
||||
/* 0.9.8a and b have a problem with SSL_OP_TLS_BLOCK_PADDING_BUG */
|
||||
#if (OPENSSL_VERSION_NUMBER >= 0x0090800fL)
|
||||
# define SM_SSL_OP_TLS_BLOCK_PADDING_BUG 1
|
||||
@@ -926,7 +975,7 @@ inittls(ctx, req, options, srv, certfile
|
||||
@@ -926,7 +974,7 @@ inittls(ctx, req, options, srv, certfile, keyfile, cac
|
||||
{
|
||||
/* get a pointer to the current certificate validation store */
|
||||
store = SSL_CTX_get_cert_store(*ctx); /* does not fail */
|
||||
@ -116,7 +115,7 @@
|
||||
if (crl_file != NULL)
|
||||
{
|
||||
if (BIO_read_filename(crl_file, CRLFile) >= 0)
|
||||
@@ -1003,8 +1052,7 @@ inittls(ctx, req, options, srv, certfile
|
||||
@@ -1003,8 +1051,7 @@ inittls(ctx, req, options, srv, certfile, keyfile, cac
|
||||
if (bitset(TLS_I_RSA_TMP, req)
|
||||
# if SM_CONF_SHM
|
||||
&& ShmId != SM_SHM_NO_ID &&
|
||||
@ -126,7 +125,7 @@
|
||||
# else /* SM_CONF_SHM */
|
||||
&& 0 /* no shared memory: no need to generate key now */
|
||||
# endif /* SM_CONF_SHM */
|
||||
@@ -1209,9 +1257,10 @@ inittls(ctx, req, options, srv, certfile
|
||||
@@ -1209,9 +1256,10 @@ inittls(ctx, req, options, srv, certfile, keyfile, cac
|
||||
if (tTd(96, 2))
|
||||
sm_dprintf("inittls: Generating %d bit DH parameters\n", bits);
|
||||
|
||||
@ -139,7 +138,7 @@
|
||||
dh = DSA_dup_DH(dsa);
|
||||
DSA_free(dsa);
|
||||
}
|
||||
@@ -1744,7 +1793,7 @@ tmp_rsa_key(s, export, keylength)
|
||||
@@ -1744,7 +1792,7 @@ tmp_rsa_key(s, export, keylength)
|
||||
|
||||
if (rsa_tmp != NULL)
|
||||
RSA_free(rsa_tmp);
|
||||
@ -148,7 +147,7 @@
|
||||
if (rsa_tmp == NULL)
|
||||
{
|
||||
if (LogLevel > 0)
|
||||
@@ -1971,9 +2020,9 @@ x509_verify_cb(ok, ctx)
|
||||
@@ -1971,9 +2019,9 @@ x509_verify_cb(ok, ctx)
|
||||
{
|
||||
if (LogLevel > 13)
|
||||
tls_verify_log(ok, ctx, "x509");
|
||||
|
||||
Loading…
Reference in New Issue
Block a user