arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-04-22 21:23:07 +03:00
Code

fixed issue with certificate verification on firefox.

Browse Source 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@153 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
This commit is contained in:
cameronrich 2009-01-29 10:38:57 +00:00
parent 85e157927a
commit 86f2e470e0
4 changed files with 6 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
config/makefile.conf
View File

@ -81,6 +81,7 @@ else # Not Win32
CFLAGS += -I$(AXTLS_HOME)/config -I$(AXTLS_HOME)/ssl -I$(AXTLS_HOME)/crypto CFLAGS += -I$(AXTLS_HOME)/config -I$(AXTLS_HOME)/ssl -I$(AXTLS_HOME)/crypto
LD=$(CC) LD=$(CC)
STRIP=strip
# Solaris # Solaris
ifdef CONFIG_PLATFORM_SOLARIS ifdef CONFIG_PLATFORM_SOLARIS

2
httpd/Makefile
View File

@ -97,7 +97,7 @@ ifndef CONFIG_PLATFORM_WIN32
$(TARGET): $(OBJ) $(AXTLS_HOME)/$(STAGE)/libaxtls.a $(TARGET): $(OBJ) $(AXTLS_HOME)/$(STAGE)/libaxtls.a
$(LD) $(LDFLAGS) -o $@ $(OBJ) $(LIBS) $(LD) $(LDFLAGS) -o $@ $(OBJ) $(LIBS)
ifdef CONFIG_STRIP_UNWANTED_SECTIONS ifdef CONFIG_STRIP_UNWANTED_SECTIONS
strip --remove-section=.comment $(TARGET) $(STRIP) --remove-section=.comment $(TARGET)
endif endif
$(TARGET2): htpasswd.o $(AXTLS_HOME)/$(STAGE)/libaxtls.a $(TARGET2): htpasswd.o $(AXTLS_HOME)/$(STAGE)/libaxtls.a

2
samples/c/Makefile
View File

@ -61,7 +61,7 @@ ifndef CONFIG_PLATFORM_WIN32
$(TARGET): $(OBJ) $(LIBS)/libaxtls.a $(TARGET): $(OBJ) $(LIBS)/libaxtls.a
$(LD) $(LDFLAGS) -o $@ $(OBJ) -L$(LIBS) -laxtls $(LD) $(LDFLAGS) -o $@ $(OBJ) -L$(LIBS) -laxtls
ifdef CONFIG_STRIP_UNWANTED_SECTIONS ifdef CONFIG_STRIP_UNWANTED_SECTIONS
strip --remove-section=.comment $(TARGET) $(STRIP) --remove-section=.comment $(TARGET)
endif # use strip endif # use strip
else # Win32 else # Win32

8
ssl/tls1_svr.c
View File

@ -370,7 +370,7 @@ static int send_server_hello_done(SSL *ssl)
*/ */
static int process_client_key_xchg(SSL *ssl) static int process_client_key_xchg(SSL *ssl)
{ {
uint8_t *buf = ssl->bm_data; uint8_t *buf = &ssl->bm_data[ssl->dc->bm_proc_index];
int pkt_size = ssl->bm_index; int pkt_size = ssl->bm_index;
int premaster_size, secret_length = (buf[2] << 8) + buf[3]; int premaster_size, secret_length = (buf[2] << 8) + buf[3];
uint8_t premaster_secret[MAX_KEY_BYTE_SIZE]; uint8_t premaster_secret[MAX_KEY_BYTE_SIZE];
@ -384,8 +384,6 @@ static int process_client_key_xchg(SSL *ssl)
goto error; goto error;
} }
DISPLAY_RSA(ssl, rsa_ctx);
/* is there an extra size field? */ /* is there an extra size field? */
if ((secret_length - 2) == rsa_ctx->num_octets) if ((secret_length - 2) == rsa_ctx->num_octets)
offset += 2; offset += 2;
@ -419,6 +417,7 @@ static int process_client_key_xchg(SSL *ssl)
ssl->next_state = HS_FINISHED; ssl->next_state = HS_FINISHED;
#endif #endif
error: error:
ssl->dc->bm_proc_index += rsa_ctx->num_octets+offset;
return ret; return ret;
} }
@ -440,7 +439,7 @@ static int send_certificate_request(SSL *ssl)
*/ */
static int process_cert_verify(SSL *ssl) static int process_cert_verify(SSL *ssl)
{ {
uint8_t *buf = ssl->bm_data; uint8_t *buf = &ssl->bm_data[ssl->dc->bm_proc_index];
int pkt_size = ssl->bm_index; int pkt_size = ssl->bm_index;
uint8_t dgst_buf[MAX_KEY_BYTE_SIZE]; uint8_t dgst_buf[MAX_KEY_BYTE_SIZE];
uint8_t dgst[MD5_SIZE+SHA1_SIZE]; uint8_t dgst[MD5_SIZE+SHA1_SIZE];
@ -449,7 +448,6 @@ static int process_cert_verify(SSL *ssl)
int n; int n;
PARANOIA_CHECK(pkt_size, x509_ctx->rsa_ctx->num_octets+6); PARANOIA_CHECK(pkt_size, x509_ctx->rsa_ctx->num_octets+6);
DISPLAY_RSA(ssl, x509_ctx->rsa_ctx); DISPLAY_RSA(ssl, x509_ctx->rsa_ctx);
/* rsa_ctx->bi_ctx is not thread-safe */ /* rsa_ctx->bi_ctx is not thread-safe */