diff options
| author | Evilham <contact@evilham.com> | 2023-01-26 18:53:00 +0100 |
|---|---|---|
| committer | Fernando ApesteguĂa <fernape@FreeBSD.org> | 2023-01-26 19:14:06 +0100 |
| commit | 740042a4126b6461d79eae867b50abb7a693938c (patch) | |
| tree | 221b01af9680ef894b2cc703c22d98c8db57b2ff /net/gemserv/files/patch-src_lib_tls.rs | |
| parent | games/dMagnetic: Update to 0.35 (diff) | |
net/gemserv: Update to 0.6.6
ChangeLog: https://git.sr.ht/~int80h/gemserv/tree/v0.6.6/item/README#L79
This update fixes a security issue for which there is no CVE assigned:
https://git.sr.ht/~int80h/gemserv/refs
PR: 265800
Reported by: contact@evilham.com
Approved by: ea@uoga.net (maintainer)
Diffstat (limited to 'net/gemserv/files/patch-src_lib_tls.rs')
| -rw-r--r-- | net/gemserv/files/patch-src_lib_tls.rs | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/net/gemserv/files/patch-src_lib_tls.rs b/net/gemserv/files/patch-src_lib_tls.rs new file mode 100644 index 000000000000..83a12a2e21b4 --- /dev/null +++ b/net/gemserv/files/patch-src_lib_tls.rs @@ -0,0 +1,35 @@ +--- src/lib/tls.rs.orig 2022-08-17 08:17:36 UTC ++++ src/lib/tls.rs +@@ -10,7 +10,7 @@ use rustls::{Certificate, Error, PrivateKey}; + use rustls::server::{ClientCertVerified, ClientCertVerifier, ResolvesServerCertUsingSni}; + use rustls::sign::{self, CertifiedKey}; + use rustls::{Certificate, Error, PrivateKey}; +-use rustls_pemfile::{certs, pkcs8_private_keys}; ++use rustls_pemfile::{certs, pkcs8_private_keys, rsa_private_keys}; + use tokio_rustls::rustls; + use tokio_rustls::TlsAcceptor; + +@@ -34,7 +34,22 @@ fn load_key(path: &str) -> io::Result<Vec<PrivateKey>> + } + + fn load_key(path: &str) -> io::Result<Vec<PrivateKey>> { +- pkcs8_private_keys(&mut std::io::BufReader::new(std::fs::File::open(path)?)) ++ let mut private_keys = pkcs8_private_keys(&mut std::io::BufReader::new(std::fs::File::open(path)?)); ++ let rsa_keys = rsa_private_keys(&mut std::io::BufReader::new(std::fs::File::open(path)?)); ++ // It is common to use RSA keys that are not PKCS8-formatted ++ // we need to join both RSA and PKCS8 keys ++ if rsa_keys.is_ok() ++ { ++ if private_keys.is_ok() ++ { ++ let mut all_keys = private_keys.ok().unwrap_or_default(); ++ all_keys.extend(rsa_keys.ok().unwrap_or_default()); ++ private_keys = Ok(all_keys); ++ } ++ else ++ { private_keys = rsa_keys; } ++ } ++ private_keys + .map_err(|_| io::Error::new(io::ErrorKind::InvalidInput, "invalid key")) + .map(|mut keys| keys.drain(..).map(PrivateKey).collect()) + } |