[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Emacs-diffs] [emacs] 02/02: Get rid of arbitrary gnutls length limit
From: |
Lars Ingebrigtsen |
Subject: |
[Emacs-diffs] [emacs] 02/02: Get rid of arbitrary gnutls length limit |
Date: |
Tue, 18 Nov 2014 01:57:34 +0000 |
branch: nsm
commit 8795acdd019f2a40bfebdf3f69e436746373cefc
Author: Lars Magne Ingebrigtsen <address@hidden>
Date: Tue Nov 18 02:57:23 2014 +0100
Get rid of arbitrary gnutls length limit
---
src/gnutls.c | 17 ++++++++++++-----
1 files changed, 12 insertions(+), 5 deletions(-)
diff --git a/src/gnutls.c b/src/gnutls.c
index a6b7044..6b7a45d 100644
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -62,8 +62,6 @@ static void gnutls_log_function2 (int, const char*, const
char*);
static void gnutls_audit_log_function (gnutls_session_t, const char *);
#endif
-#define GNUTLS_MAX_HASH_SIZE 64
-
static enum
{
CERTIFICATE_NOT_MATCHING = 2,
@@ -870,8 +868,8 @@ The return value is a property list. */)
(Lisp_Object proc)
{
int ret;
- unsigned char buffer[GNUTLS_MAX_HASH_SIZE];
- size_t size = sizeof (buffer);
+ unsigned char *buffer;
+ size_t size = 0;
Lisp_Object hash, warnings = Qnil, result = Qnil;
unsigned int verification;
@@ -882,11 +880,20 @@ The return value is a property list. */)
/* First get the fingerprint of the certificate. */
ret = fn_gnutls_x509_crt_get_fingerprint (XPROCESS
(proc)->gnutls_certificate,
+ GNUTLS_DIG_SHA1, NULL, &size);
+ if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
+ return gnutls_make_error (ret);
+
+ buffer = malloc (size);
+ ret = fn_gnutls_x509_crt_get_fingerprint (XPROCESS
(proc)->gnutls_certificate,
GNUTLS_DIG_SHA1, buffer, &size);
- if (ret < GNUTLS_E_SUCCESS)
+ if (ret < GNUTLS_E_SUCCESS) {
+ free (buffer);
return gnutls_make_error (ret);
+ }
hash = gnutls_hex_string (buffer, size, "sha1:");
+ free (buffer);
/* Then collect any warnings already computed by the handshake. */
verification = XPROCESS (proc)->gnutls_peer_verification;
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Emacs-diffs] [emacs] 02/02: Get rid of arbitrary gnutls length limit,
Lars Ingebrigtsen <=