r30225 - in /trunk/libcrypt-openssl-dsa-perl/debian: changelog patches/security_croak-in-do_verify-too.patch patches/series
dmn at users.alioth.debian.org
dmn at users.alioth.debian.org
Thu Jan 29 10:22:30 UTC 2009
Author: dmn
Date: Thu Jan 29 10:22:24 2009
New Revision: 30225
URL: http://svn.debian.org/wsvn/pkg-perl/?sc=1&rev=30225
Log:
add security_croak-in-do_verify-too.patch making do_verify() croak on
error the same way varify() already does. Document that verify() and
do_verify() croak on errors.
Closes: #511519. Thanks to Kurt Roeckx
Added:
trunk/libcrypt-openssl-dsa-perl/debian/patches/security_croak-in-do_verify-too.patch
Modified:
trunk/libcrypt-openssl-dsa-perl/debian/changelog
trunk/libcrypt-openssl-dsa-perl/debian/patches/series
Modified: trunk/libcrypt-openssl-dsa-perl/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libcrypt-openssl-dsa-perl/debian/changelog?rev=30225&op=diff
==============================================================================
--- trunk/libcrypt-openssl-dsa-perl/debian/changelog (original)
+++ trunk/libcrypt-openssl-dsa-perl/debian/changelog Thu Jan 29 10:22:24 2009
@@ -1,9 +1,16 @@
libcrypt-openssl-dsa-perl (0.13-4) UNRELEASED; urgency=low
+ [ gregor herrmann ]
* Add debian/README.source to document quilt usage, as required by
Debian Policy since 3.8.0.
* debian/control: Changed: Switched Vcs-Browser field to ViewSVN
(source stanza).
+
+ [ Damyan Ivanov ]
+ * add security_croak-in-do_verify-too.patch making do_verify() croak on
+ error the same way varify() already does. Document that verify() and
+ do_verify() croak on errors.
+ Closes: #511519. Thanks to Kurt Roeckx
-- gregor herrmann <gregoa at debian.org> Wed, 06 Aug 2008 21:33:30 -0300
Added: trunk/libcrypt-openssl-dsa-perl/debian/patches/security_croak-in-do_verify-too.patch
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libcrypt-openssl-dsa-perl/debian/patches/security_croak-in-do_verify-too.patch?rev=30225&op=file
==============================================================================
--- trunk/libcrypt-openssl-dsa-perl/debian/patches/security_croak-in-do_verify-too.patch (added)
+++ trunk/libcrypt-openssl-dsa-perl/debian/patches/security_croak-in-do_verify-too.patch Thu Jan 29 10:22:24 2009
@@ -1,0 +1,34 @@
+# Author: Damyan Ivanov <dmn at debian.org>
+# Description: make do_verify() croak on error in the same way
+# verify() already does
+# Document that verify()/do_verify() croak on errors
+# Debian-Bug: http://bugs.debian.org/511519
+# Upstream-Bug: http://sourceforge.net/tracker/index.php?func=detail&aid=2545158&group_id=73194&atid=537053
+--- a/DSA.xs
++++ b/DSA.xs
+@@ -139,6 +139,8 @@ do_verify(dsa, dgst, sig)
+ CODE:
+ dgst_pv = SvPV(dgst, dgst_len);
+ RETVAL = DSA_do_verify(dgst_pv, dgst_len, sig, dsa);
++ if (RETVAL == -1)
++ croak("Error in DSA_do_verify: %s",ERR_error_string(ERR_get_error(), NULL));
+ OUTPUT:
+ RETVAL
+
+--- a/lib/Crypt/OpenSSL/DSA.pm
++++ b/lib/Crypt/OpenSSL/DSA.pm
+@@ -124,10 +124,14 @@ Verifies that the $sig signature for $me
+
+ $dsa is the signer's public key.
+
++Note it croaks if the underlying library call returns error (-1).
++
+ =item $valid = $dsa->do_verify( $message, $sig_obj );
+
+ Similar to C<verify>, but uses a L<Crypt::OpenSSL::DSA::Signature> object.
+
++Note it croaks if the underlying library call returns error (-1).
++
+ =item $dsa->write_params( $filename );
+
+ Writes the parameters into a PEM file.
Modified: trunk/libcrypt-openssl-dsa-perl/debian/patches/series
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libcrypt-openssl-dsa-perl/debian/patches/series?rev=30225&op=diff
==============================================================================
--- trunk/libcrypt-openssl-dsa-perl/debian/patches/series (original)
+++ trunk/libcrypt-openssl-dsa-perl/debian/patches/series Thu Jan 29 10:22:24 2009
@@ -1,1 +1,2 @@
Makefile.PL-no-ssl-in-LIBS.patch
+security_croak-in-do_verify-too.patch
More information about the Pkg-perl-cvs-commits
mailing list