diff options
Diffstat (limited to 'patches/source/gnutls/gnutls-2.8.4_fix-timebomb.diff')
-rw-r--r-- | patches/source/gnutls/gnutls-2.8.4_fix-timebomb.diff | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/patches/source/gnutls/gnutls-2.8.4_fix-timebomb.diff b/patches/source/gnutls/gnutls-2.8.4_fix-timebomb.diff new file mode 100644 index 000000000..38e144294 --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.4_fix-timebomb.diff @@ -0,0 +1,35 @@ +commit 087fdeec5076ae1270f460685d8d36a50d9c3822 +Author: Simon Josefsson <simon@josefsson.org> +Date: Mon Nov 2 11:25:27 2009 +0100 + + Fix time bomb in chainverify self-test. + + Reported by Andreas Metzler <ametzler@downhill.at.eu.org> + in <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3925>. + +diff --git a/tests/chainverify.c b/tests/chainverify.c +index 0192da2..16c59ee 100644 +--- a/tests/chainverify.c ++++ b/tests/chainverify.c +@@ -32,6 +32,21 @@ + #include <gnutls/gnutls.h> + #include <gnutls/x509.h> + ++/* GnuTLS internally calls time() to find out the current time when ++ verifying certificates. To avoid a time bomb, we hard code the ++ current time. This should work fine on systems where the library ++ call to time is resolved at run-time. */ ++time_t ++time (time_t *t) ++{ ++ time_t then = 1256803113; ++ ++ if (t) ++ *t = then; ++ ++ return then; ++} ++ + /* *INDENT-OFF* */ + + /* Triggers incorrect verification success on older versions */ |