On 19/04/2014 08:33, Steffan Karger wrote:
Hi,
On 04/18/2014 02:49 PM, Steffan Karger wrote:
On 04/17/2014 09:41 PM, James Yonan wrote:
I'm not sure I understand the (SIZE_MAX - hashlen) > asn_len part.
Wouldn't this always be true for reasonable values of hashlen and asn_len?
This should indeed always be true for reasonable input.
Ouch, James was totally right. This would always be true, but should
always be *false* for reasonable input; the check has to be the other
way around. Attached the same two patches, except for that single
character...
On the positive side: I've added my management-external-key test to my
vanilla-openvpn tests too, so I should catch regressions more easily now.
ACK for the revised patches (0001-Upgrade-to-PolarSSL-1.3.patch and
0002-Improve-error-reporting-during-key-cert-loading-with.patch).
James
