summaryrefslogtreecommitdiffstats
path: root/patches/source/gnutls/gnutls-2.8.4_fix-timebomb.diff
diff options
context:
space:
mode:
Diffstat (limited to 'patches/source/gnutls/gnutls-2.8.4_fix-timebomb.diff')
-rw-r--r--patches/source/gnutls/gnutls-2.8.4_fix-timebomb.diff35
1 files changed, 35 insertions, 0 deletions
diff --git a/patches/source/gnutls/gnutls-2.8.4_fix-timebomb.diff b/patches/source/gnutls/gnutls-2.8.4_fix-timebomb.diff
new file mode 100644
index 000000000..38e144294
--- /dev/null
+++ b/patches/source/gnutls/gnutls-2.8.4_fix-timebomb.diff
@@ -0,0 +1,35 @@
+commit 087fdeec5076ae1270f460685d8d36a50d9c3822
+Author: Simon Josefsson <simon@josefsson.org>
+Date: Mon Nov 2 11:25:27 2009 +0100
+
+ Fix time bomb in chainverify self-test.
+
+ Reported by Andreas Metzler <ametzler@downhill.at.eu.org>
+ in <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3925>.
+
+diff --git a/tests/chainverify.c b/tests/chainverify.c
+index 0192da2..16c59ee 100644
+--- a/tests/chainverify.c
++++ b/tests/chainverify.c
+@@ -32,6 +32,21 @@
+ #include <gnutls/gnutls.h>
+ #include <gnutls/x509.h>
+
++/* GnuTLS internally calls time() to find out the current time when
++ verifying certificates. To avoid a time bomb, we hard code the
++ current time. This should work fine on systems where the library
++ call to time is resolved at run-time. */
++time_t
++time (time_t *t)
++{
++ time_t then = 1256803113;
++
++ if (t)
++ *t = then;
++
++ return then;
++}
++
+ /* *INDENT-OFF* */
+
+ /* Triggers incorrect verification success on older versions */