ref: 7207b48bcb70c7993c906f2748b311be5cdb71a5
parent: 5e314bd58c2cd001cdb79a77eaf017def25e1dd6
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Tue Sep 22 15:11:54 EDT 2015
libsec: handle missing signature case; can happen because some ciphers make it optional
--- a/sys/src/libsec/port/tlshand.c
+++ b/sys/src/libsec/port/tlshand.c
@@ -981,6 +981,9 @@
RSApub *pk;
char *err;
+ if(sig == nil || sig->len <= 0)
+ return "no signature";
+
pk = X509toRSApub(c->cert->data, c->cert->len, nil, 0);
if(pk == nil)
return "bad certificate";
@@ -1767,7 +1770,7 @@
p += nn, n -= nn;
} else {/* should not happen */
- break;
+ goto Short;
}
m->u.serverKeyExchange.dh_parameters = makebytes(s, p - s);
if(n >= 2){--
⑨