From aad8697575d90b1763c31ad06986be0550917aac Mon Sep 17 00:00:00 2001 From: Jacky Tian Date: Mon, 30 Mar 2020 22:28:45 -0700 Subject: [PATCH 1/2] Fix get_x509_serial for long serial numbers --- src/shrpx_tls.cc | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/src/shrpx_tls.cc b/src/shrpx_tls.cc index 746311f0..83b148a6 100644 --- a/src/shrpx_tls.cc +++ b/src/shrpx_tls.cc @@ -2030,17 +2030,6 @@ StringRef get_x509_issuer_name(BlockAllocator &balloc, X509 *x) { #endif /* !WORDS_BIGENDIAN */ StringRef get_x509_serial(BlockAllocator &balloc, X509 *x) { -#if OPENSSL_1_1_API && !defined(OPENSSL_IS_BORINGSSL) - auto sn = X509_get0_serialNumber(x); - uint64_t r; - if (ASN1_INTEGER_get_uint64(&r, sn) != 1) { - return StringRef{}; - } - - r = bswap64(r); - return util::format_hex( - balloc, StringRef{reinterpret_cast(&r), sizeof(r)}); -#else // !OPENSSL_1_1_API || OPENSSL_IS_BORINGSSL auto sn = X509_get_serialNumber(x); auto bn = BN_new(); auto bn_d = defer(BN_free, bn); @@ -2052,8 +2041,7 @@ StringRef get_x509_serial(BlockAllocator &balloc, X509 *x) { auto n = BN_bn2bin(bn, b.data()); assert(n <= 20); - return util::format_hex(balloc, StringRef{std::begin(b), std::end(b)}); -#endif // !OPENSSL_1_1_API + return util::format_hex(balloc, StringRef{b.data(), n}); } namespace { From 4922bb41d604a15483e12f1b33bac2bf6628d866 Mon Sep 17 00:00:00 2001 From: Jacky Tian Date: Tue, 31 Mar 2020 00:54:08 -0700 Subject: [PATCH 2/2] static_cast size parameter in StringRef constructor to size_t --- src/shrpx_tls.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/shrpx_tls.cc b/src/shrpx_tls.cc index 83b148a6..c5625303 100644 --- a/src/shrpx_tls.cc +++ b/src/shrpx_tls.cc @@ -2041,7 +2041,7 @@ StringRef get_x509_serial(BlockAllocator &balloc, X509 *x) { auto n = BN_bn2bin(bn, b.data()); assert(n <= 20); - return util::format_hex(balloc, StringRef{b.data(), n}); + return util::format_hex(balloc, StringRef{b.data(), static_cast(n)}); } namespace {