Add patches for CAN-2004-0079 & CAN-2004-0112

openssl/build.sh

@@ -9,12 +9,14 @@
 # Check the following 4 variables before running the script
 topdir=openssl
 version=0.9.7c
-pkgver=4
+pkgver=5
 source[0]=$topdir-$version.tar.gz
 # If there are no patches, simply comment this
 patch[0]=openssl-0.9.7c-shlib.patch
 patch[1]=openssl-0.9.7c-Configure.patch
 patch[2]=openssl-0.9.7c-doc.patch
+patch[3]=openssl-0.9.7c-can-2004-0079.patch
+patch[4]=openssl-0.9.7c-can-2004-0112.patch
 
 # Source function library
 . ${BUILDPKG_BASE}/scripts/buildpkg.functions

openssl/src/openssl-0.9.7c-can-2004-0079.patch

@@ -0,0 +1,19 @@
+diff -ur -x CVS openssl7/ssl/s3_pkt.c ossl7/ssl/s3_pkt.c
+--- openssl7/ssl/s3_pkt.c	2003-02-19 12:04:16.000000000 +0000
++++ ossl7/ssl/s3_pkt.c	2004-02-02 01:10:12.000000000 +0000
+@@ -1085,6 +1085,14 @@
+ 			goto err;
+ 			}
+ 
++		/* Check we have a cipher to change to */
++		if (s->s3->tmp.new_cipher == NULL)
++			{
++			i=SSL_AD_UNEXPECTED_MESSAGE;
++			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY);
++			goto err;
++			}
++
+ 		rr->length=0;
+ 
+ 		if (s->msg_callback)
+

openssl/src/openssl-0.9.7c-can-2004-0112.patch

@@ -0,0 +1,32 @@
+diff -ur -x CVS openssl7/ssl/s3_srvr.c ossl7/ssl/s3_srvr.c
+--- openssl7/ssl/s3_srvr.c	2004-01-14 23:02:49.000000000 +0000
++++ ossl7/ssl/s3_srvr.c	2004-02-19 13:22:16.000000000 +0000
+@@ -1588,11 +1591,27 @@
+ 
+ 		n2s(p,i);
+ 		enc_ticket.length = i;
++
++		if (n < enc_ticket.length + 6)
++			{
++			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
++				SSL_R_DATA_LENGTH_TOO_LONG);
++			goto err;
++			}
++
+ 		enc_ticket.data = (char *)p;
+ 		p+=enc_ticket.length;
+ 
+ 		n2s(p,i);
+ 		authenticator.length = i;
++
++		if (n < enc_ticket.length + authenticator.length + 6)
++			{
++			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
++				SSL_R_DATA_LENGTH_TOO_LONG);
++			goto err;
++			}
++
+ 		authenticator.data = (char *)p;
+ 		p+=authenticator.length;
+ 
+