afb2b76da7
update to latest stable version 1.0.0d. OBS-URL: https://build.opensuse.org/request/show/74715 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=59
44 lines
1.3 KiB
Diff
44 lines
1.3 KiB
Diff
Index: openssl-1.0.0c/crypto/ecdsa/ecs_ossl.c
|
|
===================================================================
|
|
--- openssl-1.0.0c.orig/crypto/ecdsa/ecs_ossl.c
|
|
+++ openssl-1.0.0c/crypto/ecdsa/ecs_ossl.c
|
|
@@ -144,6 +144,16 @@ static int ecdsa_sign_setup(EC_KEY *ecke
|
|
}
|
|
while (BN_is_zero(k));
|
|
|
|
+#ifdef ECDSA_POINT_MUL_NO_CONSTTIME
|
|
+ /* We do not want timing information to leak the length of k,
|
|
+ * so we compute G*k using an equivalent scalar of fixed
|
|
+ * bit-length. */
|
|
+
|
|
+ if (!BN_add(k, k, order)) goto err;
|
|
+ if (BN_num_bits(k) <= BN_num_bits(order))
|
|
+ if (!BN_add(k, k, order)) goto err;
|
|
+#endif /* def(ECDSA_POINT_MUL_NO_CONSTTIME) */
|
|
+
|
|
/* compute r the x-coordinate of generator * k */
|
|
if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx))
|
|
{
|
|
Index: openssl-1.0.0c/crypto/ocsp/ocsp_lib.c
|
|
===================================================================
|
|
--- openssl-1.0.0c.orig/crypto/ocsp/ocsp_lib.c
|
|
+++ openssl-1.0.0c/crypto/ocsp/ocsp_lib.c
|
|
@@ -170,13 +170,14 @@ int OCSP_parse_url(char *url, char **pho
|
|
|
|
char *host, *port;
|
|
|
|
+ *phost = NULL;
|
|
+ *pport = NULL;
|
|
+ *ppath = NULL;
|
|
+
|
|
/* dup the buffer since we are going to mess with it */
|
|
buf = BUF_strdup(url);
|
|
if (!buf) goto mem_err;
|
|
|
|
- *phost = NULL;
|
|
- *pport = NULL;
|
|
- *ppath = NULL;
|
|
|
|
/* Check for initial colon */
|
|
p = strchr(buf, ':');
|