首頁 探索 說明
登入
Kamailio
/
kamailio
镜像来自 https://github.com/kamailio/kamailio.git
2
0
複刻 0
Files 問題管理 0 Wiki
瀏覽代碼

tls: fix wrong string variable length overwrite

Some per-domain config string variables (cert_file, ca_file,
pkey_file & cipher_list) had their length truncated to that of the
corresponding variable in the parent domain.
Mostly invisible since the string length was in general ignored
(asciiz strings).
(cherry picked from commit e63610186803cfcc0ff14d8871df8ae70df83103)
Andrei Pelinescu-Onciul 15 年之前
父節點
8b4802a29d
當前提交
32361f710b
共有 1 個文件被更改,包括 23 次插入14 次删除
分割檢視 顯示文件統計
  1. 23 14
      modules/tls/tls_domain.c

+ 23 - 14
modules/tls/tls_domain.c
查看文件 

@@ -167,7 +167,7 @@ char* tls_domain_str(tls_domain_t* d)
 
 
 /*
 
  * Initialize parameters that have not been configured from
 
- * parent domain (usualy one of default domains
 
+ * parent domain (usually one of default domains
 
  */
 
 static int fill_missing(tls_domain_t* d, tls_domain_t* parent)
 
 {
 
@@ -179,27 +179,36 @@ static int fill_missing(tls_domain_t* d, tls_domain_t* parent)
 
 		return -1;
 
 	}
 
 	
-	if (!d->cert_file.s && 
-	    shm_asciiz_dup(&d->cert_file.s, parent->cert_file.s) < 0) return -1;
 
-	d->cert_file.len = parent->cert_file.len;
 
+	if (!d->cert_file.s) {
 
+		if (shm_asciiz_dup(&d->cert_file.s, parent->cert_file.s) < 0)
 
+			return -1;
 
+		d->cert_file.len = parent->cert_file.len;
 
+	}
 
 	LOG(L_INFO, "%s: certificate='%s'\n", tls_domain_str(d), d->cert_file.s);
 
 	
-	if (!d->ca_file.s &&
 
-	    shm_asciiz_dup(&d->ca_file.s, parent->ca_file.s) < 0) return -1;
 
-	d->ca_file.len = parent->ca_file.len;
 
+	if (!d->ca_file.s){
 
+		if (shm_asciiz_dup(&d->ca_file.s, parent->ca_file.s) < 0)
 
+			return -1;
 
+		d->ca_file.len = parent->ca_file.len;
 
+	}
 
 	LOG(L_INFO, "%s: ca_list='%s'\n", tls_domain_str(d), d->ca_file.s);
 
 	
 	if (d->require_cert == -1) d->require_cert = parent->require_cert;
 
-	LOG(L_INFO, "%s: require_certificate=%d\n", tls_domain_str(d), d->require_cert);
 
+	LOG(L_INFO, "%s: require_certificate=%d\n", tls_domain_str(d),
 
+			d->require_cert);
 
 	
-	if (!d->cipher_list.s &&
 
-	    shm_asciiz_dup(&d->cipher_list.s, parent->cipher_list.s) < 0) return -1;
 
-	d->cipher_list.len = parent->cipher_list.len;
 
+	if (!d->cipher_list.s) {
 
+		if ( shm_asciiz_dup(&d->cipher_list.s, parent->cipher_list.s) < 0)
 
+			return -1;
 
+		d->cipher_list.len = parent->cipher_list.len;
 
+	}
 
 	LOG(L_INFO, "%s: cipher_list='%s'\n", tls_domain_str(d), d->cipher_list.s);
 
 	
-	if (!d->pkey_file.s &&
 
-	    shm_asciiz_dup(&d->pkey_file.s, parent->pkey_file.s) < 0) return -1;
 
-	d->pkey_file.len = parent->pkey_file.len;
 
+	if (!d->pkey_file.s) {
 
+		if (shm_asciiz_dup(&d->pkey_file.s, parent->pkey_file.s) < 0)
 
+			return -1;
 
+		d->pkey_file.len = parent->pkey_file.len;
 
+	}
 
 	LOG(L_INFO, "%s: private_key='%s'\n", tls_domain_str(d), d->pkey_file.s);
 
 	
 	if (d->verify_cert == -1) d->verify_cert = parent->verify_cert;