[sr-dev] [kamailio/kamailio] tls: cert serial number can exceed uint64 (PR #3171)
space88man
notifications at github.com
Thu Jun 30 01:28:16 CEST 2022
#### Pre-Submission Checklist
<!-- Go over all points below, and after creating the PR, tick all the checkboxes that apply -->
<!-- All points should be verified, otherwise, read the CONTRIBUTING guidelines from above-->
<!-- If you're unsure about any of these, don't hesitate to ask on sr-dev mailing list -->
- [X] Commit message has the format required by CONTRIBUTING guide
- [X] Commits are split per component (core, individual modules, libs, utils, ...)
- [X] Each component has a single commit (if not, squash them into one commit)
- [X] No commits to README files for modules (changes must be done to docbook files
in `doc/` subfolder, the README file is autogenerated)
#### Type Of Change
- [ ] Small bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds new functionality)
- [X] Breaking change (fix or feature that would change existing functionality)
#### Checklist:
- [X] PR should be backported to stable branches
- [X] Tested changes locally
- [X] Related to issue #3168
#### Description
Certificate serial numbers can be large integers (> 2^64). Parse then as BIGNUM and store the string
in pv; we cannot store as integer anymore. The original code handles 2^64 with a static buffer of 19.
We upsize to 2^256 with a static buffer of 80.
May break configurations that try to extract the sn pv as an integer (does anyone actually do this?)
Addresses #3168.
You can view, comment on, or merge this pull request online at:
https://github.com/kamailio/kamailio/pull/3171
-- Commit Summary --
* tls: cert serial number can exceed uint64
-- File Changes --
M src/modules/tls/tls_select.c (24)
-- Patch Links --
https://github.com/kamailio/kamailio/pull/3171.patch
https://github.com/kamailio/kamailio/pull/3171.diff
--
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/pull/3171
You are receiving this because you are subscribed to this thread.
Message ID: <kamailio/kamailio/pull/3171 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-dev/attachments/20220629/ce65c5f9/attachment.htm>
More information about the sr-dev
mailing list