Apply by doing:
cd /usr/src
patch -p0 < 017_openssl.patch
And then rebuild and install OpenSSL:
cd lib/libssl
make obj
make depend
make
make install
Index: lib/libssl/src/ssl/ssl_lib.c
===================================================================
RCS file: /cvs/src/lib/libssl/src/ssl/ssl_lib.c,v
retrieving revision 1.15
diff -u -r1.15 ssl_lib.c
--- lib/libssl/src/ssl/ssl_lib.c 4 Oct 2006 07:10:32 -0000 1.15
+++ lib/libssl/src/ssl/ssl_lib.c 10 Oct 2007 22:08:16 -0000
@@ -1168,36 +1168,33 @@
/* works well for SSLv2, not so good for SSLv3 */
char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
{
- char *p;
- const char *cp;
+ char *end;
STACK_OF(SSL_CIPHER) *sk;
SSL_CIPHER *c;
+ size_t curlen = 0;
int i;
if ((s->session == NULL) || (s->session->ciphers == NULL) ||
(len < 2))
return(NULL);
- p=buf;
sk=s->session->ciphers;
+ buf[0] = '\0';
for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
{
- /* Decrement for either the ':' or a '\0' */
- len--;
c=sk_SSL_CIPHER_value(sk,i);
- for (cp=c->name; *cp; )
+ end = buf + curlen;
+ if (strlcat(buf, c->name, len) >= len ||
+ (curlen = strlcat(buf, ":", len)) >= len)
{
- if (len-- <= 0)
- {
- *p='\0';
- return(buf);
- }
- else
- *(p++)= *(cp++);
+ /* remove truncated cipher from list */
+ *end = '\0';
+ break;
}
- *(p++)=':';
}
- p[-1]='\0';
+ /* remove trailing colon */
+ if ((end = strrchr(buf, ':')) != NULL)
+ *end = '\0';
return(buf);
}
