Revision 40c2812f5656b1c78fa18b14c264fd48421c2d24 authored by Adam Langley on 16 December 2014, 13:03:47 UTC, committed by Emilia Kasper on 17 December 2014, 13:04:14 UTC
From BoringSSL - Send an alert when the client key exchange isn't correctly formatted. - Reject overly short RSA ciphertexts to avoid a (benign) out-of-bounds memory access. Reviewed-by: Kurt Roeckx <kurt@openssl.org> (cherry picked from commit 4aecfd4d9f366c849c9627ab666d1b1addc024e6)
1 parent 2e3e3d2
testca
#!/bin/sh
SH="/bin/sh"
if test "$OSTYPE" = msdosdjgpp; then
PATH="../apps\;$PATH"
else
PATH="../apps:$PATH"
fi
export SH PATH
SSLEAY_CONFIG="-config CAss.cnf"
export SSLEAY_CONFIG
OPENSSL="`pwd`/../util/opensslwrap.sh"
export OPENSSL
/bin/rm -fr demoCA
$SH ../apps/CA.sh -newca <<EOF
EOF
if [ $? != 0 ]; then
exit 1;
fi
SSLEAY_CONFIG="-config Uss.cnf"
export SSLEAY_CONFIG
$SH ../apps/CA.sh -newreq
if [ $? != 0 ]; then
exit 1;
fi
SSLEAY_CONFIG="-config ../apps/openssl.cnf"
export SSLEAY_CONFIG
$SH ../apps/CA.sh -sign <<EOF
y
y
EOF
if [ $? != 0 ]; then
exit 1;
fi
$SH ../apps/CA.sh -verify newcert.pem
if [ $? != 0 ]; then
exit 1;
fi
/bin/rm -fr demoCA newcert.pem newreq.pem
#usage: CA -newcert|-newreq|-newca|-sign|-verify
Computing file changes ...
