Recent changes from 0.9.6-stable.

CHANGES

@@ -58,6 +58,12 @@
 
  Changes between 0.9.6d and 0.9.6e  [30 Jul 2002]
 
+  *) Add various sanity checks to asn1_get_length() to reject
+     the ASN1 length bytes if they exceed sizeof(long), will appear
+     negative or the content length exceeds the length of the
+     supplied buffer.
+     [Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]
+
   *) Fix cipher selection routines: ciphers without encryption had no flags
      for the cipher strength set and where therefore not handled correctly
      by the selection routines (PR #130).
@@ -89,7 +95,7 @@
   *) Add various sanity checks to asn1_get_length() to reject
      the ASN1 length bytes if they exceed sizeof(long), will appear
      negative or the content length exceeds the length of the
-     supplied buffer.
+     supplied buffer. (CAN-2002-0659)
      [Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]
 
   *) Assertions for various potential buffer overflows, not known to
@@ -194,8 +200,8 @@
      value is 0.
      [Richard Levitte]
 
-  *) [In 0.9.6c-engine release:]
-     Fix a crashbug and a logic bug in hwcrhk_load_pubkey()
+  *) [In 0.9.6d-engine release:]
+     Fix a crashbug and a logic bug in hwcrhk_load_pubkey().
      [Toomas Kiisk <vix@cyber.ee> via Richard Levitte]
 
   *) Add the configuration target linux-s390x.

apps/pkcs8.c

@@ -266,7 +266,8 @@ int MAIN(int argc, char **argv)
 			if(passout) p8pass = passout;
 			else {
 				p8pass = pass;
-				EVP_read_pw_string(pass, 50, "Enter Encryption Password:", 1);
+				if (EVP_read_pw_string(pass, 50, "Enter Encryption Password:", 1))
+					return (1);
 			}
 			app_RAND_load_file(NULL, bio_err, 0);
 			if (!(p8 = PKCS8_encrypt(pbe_nid, cipher,

crypto/bn/bn_word.c

@@ -123,7 +123,10 @@ int BN_add_word(BIGNUM *a, BN_ULONG w)
 	i=0;
 	for (;;)
 		{
-		l=(a->d[i]+(BN_ULONG)w)&BN_MASK2;
+		if (i >= a->top)
+			l=w;
+		else
+			l=(a->d[i]+(BN_ULONG)w)&BN_MASK2;
 		a->d[i]=l;
 		if (w > l)
 			w=1;

demos/selfsign.c

@@ -106,7 +106,7 @@ int days;
 		}
 	rsa=NULL;
 
-	X509_set_version(x,3);
+	X509_set_version(x,2);
 	ASN1_INTEGER_set(X509_get_serialNumber(x),serial);
 	X509_gmtime_adj(X509_get_notBefore(x),0);
 	X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days);

doc/c-indentation.el

@@ -13,12 +13,10 @@
 ;
 ; Apparently statement blocks that are not introduced by a statement
 ; such as "if" and that are not the body of a function cannot
-; be handled too well by CC mode with this indentation style.
-; The style defined below does not indent them at all.
-; To insert tabs manually, prefix them with ^Q (the "quoted-insert"
-; command of Emacs).  If you know a solution to this problem
-; or find other problems with this indentation style definition,
-; please send e-mail to bodo@openssl.org.
+; be handled too well by CC mode with this indentation style,
+; so you have to indent them manually (you can use C-q tab).
+; 
+; For suggesting improvements, please send e-mail to bodo@openssl.org.
 
 (c-add-style "eay"
 	     '((c-basic-offset . 8)

ssl/s3_srvr.c

@@ -1566,7 +1566,7 @@ static int ssl3_get_cert_verify(SSL *s)
 		SSL3_ST_SR_CERT_VRFY_A,
 		SSL3_ST_SR_CERT_VRFY_B,
 		-1,
-		512, /* 512? */
+		514, /* 514? */
 		&ok);
 
 	if (!ok) return((int)n);

tools/c_rehash.in

@@ -101,7 +101,7 @@ sub check_file {
 sub link_hash_cert {
 		my $fname = $_[0];
 		$fname =~ s/'/'\\''/g;
-		my ($hash, $fprint) = `$openssl x509 -hash -fingerprint -noout -in '$fname'`;
+		my ($hash, $fprint) = `"$openssl" x509 -hash -fingerprint -noout -in '$fname'`;
 		chomp $hash;
 		chomp $fprint;
 		$fprint =~ s/^.*=//;
@@ -131,7 +131,8 @@ sub link_hash_cert {
 
 sub link_hash_crl {
 		my $fname = $_[0];
-		my ($hash, $fprint) = `$openssl crl -hash -fingerprint -noout -in $fname`;
+		$fname =~ s/'/'\\''/g;
+		my ($hash, $fprint) = `"$openssl" crl -hash -fingerprint -noout -in '$fname'`;
 		chomp $hash;
 		chomp $fprint;
 		$fprint =~ s/^.*=//;