9pfs/solanum-vs-hackint-and-charybdis
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sslproc: include ssl_cipher_list in length check before sending configuration to ssld

Browse source
This commit is contained in:
Simon Arlott 2016-04-25 19:12:47 +01:00
parent 19d1853f71
commit 90fd6ede1b
No known key found for this signature in database
GPG key ID: C8975F2043CA5D24
1 changed files with 7 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
ircd/sslproc.c
View file

@ -344,8 +344,7 @@ start_ssldaemon(int count, const char *ssl_cert, const char *ssl_private_key, co
if(ssl_cert != NULL && ssl_private_key != NULL) if(ssl_cert != NULL && ssl_private_key != NULL)
send_new_ssl_certs_one(ctl, ssl_cert, ssl_private_key, send_new_ssl_certs_one(ctl, ssl_cert, ssl_private_key,
ssl_dh_params != NULL ? ssl_dh_params : "", ssl_dh_params, ssl_cipher_list);
ssl_cipher_list != NULL ? ssl_cipher_list : "");
} }
ssl_read_ctl(ctl->F, ctl); ssl_read_ctl(ctl->F, ctl);
ssl_do_pipe(P2, ctl); ssl_do_pipe(P2, ctl);
@ -704,7 +703,11 @@ send_new_ssl_certs_one(ssl_ctl_t * ctl, const char *ssl_cert, const char *ssl_pr
{ {
size_t len; size_t len;
len = strlen(ssl_cert) + strlen(ssl_private_key) + strlen(ssl_dh_params) + 5; len = strlen(ssl_cert) + strlen(ssl_private_key) + 5;
if(ssl_dh_params)
len += strlen(ssl_dh_params);
if(ssl_cipher_list)
len += strlen(ssl_cipher_list);
if(len > sizeof(tmpbuf)) if(len > sizeof(tmpbuf))
{ {
sendto_realops_snomask(SNO_GENERAL, L_ALL, sendto_realops_snomask(SNO_GENERAL, L_ALL,
@ -716,7 +719,7 @@ send_new_ssl_certs_one(ssl_ctl_t * ctl, const char *ssl_cert, const char *ssl_pr
return; return;
} }
len = snprintf(tmpbuf, sizeof(tmpbuf), "K%c%s%c%s%c%s%c%s%c", nul, ssl_cert, nul, len = snprintf(tmpbuf, sizeof(tmpbuf), "K%c%s%c%s%c%s%c%s%c", nul, ssl_cert, nul,
ssl_private_key, nul, ssl_dh_params, nul, ssl_private_key, nul, ssl_dh_params != NULL ? ssl_dh_params : "", nul,
ssl_cipher_list != NULL ? ssl_cipher_list : "", nul); ssl_cipher_list != NULL ? ssl_cipher_list : "", nul);
ssl_cmd_write_queue(ctl, NULL, 0, tmpbuf, len); ssl_cmd_write_queue(ctl, NULL, 0, tmpbuf, len);
} }