From 6dddb8966c5bbe402c36937b6e413ed09f71aea2 Mon Sep 17 00:00:00 2001 From: Jonathan Zarate Date: Sun, 29 Nov 2009 16:02:10 -0500 Subject: [PATCH] Tomato 1.27 --- release/src/linux/linux/.config | 3 ++- release/src/router/busybox/.config | 2 +- release/src/router/matrixssl/src/matrixConfig.h | 2 +- release/src/router/matrixssl/src/pki/x509.c | 7 +++++-- release/src/router/mdu/Makefile | 2 +- release/src/router/shared/tomato_version | 2 +- 6 files changed, 11 insertions(+), 7 deletions(-) diff --git a/release/src/linux/linux/.config b/release/src/linux/linux/.config index b1f69ac915..6334c2f493 100644 --- a/release/src/linux/linux/.config +++ b/release/src/linux/linux/.config @@ -306,7 +306,7 @@ CONFIG_IP_NF_RTSP=m # CONFIG_IP_NF_MMS is not set CONFIG_IP_NF_CT_PROTO_GRE=m CONFIG_IP_NF_PPTP=m -# CONFIG_IP_NF_SIP is not set +CONFIG_IP_NF_SIP=m # CONFIG_IP_NF_CT_PROTO_ESP is not set # CONFIG_IP_NF_QUEUE is not set CONFIG_IP_NF_IPTABLES=y @@ -361,6 +361,7 @@ CONFIG_IP_NF_NAT_H323=m # CONFIG_IP_NF_AUTOFW is not set CONFIG_IP_NF_TARGET_TRIGGER=y CONFIG_IP_NF_NAT_PPTP=m +CONFIG_IP_NF_NAT_SIP=m CONFIG_IP_NF_NAT_PROTO_GRE=m # CONFIG_IP_NF_NAT_LOCAL is not set # CONFIG_IP_NF_NAT_SNMP_BASIC is not set diff --git a/release/src/router/busybox/.config b/release/src/router/busybox/.config index 54dcf954f5..6b75291362 100644 --- a/release/src/router/busybox/.config +++ b/release/src/router/busybox/.config @@ -1,7 +1,7 @@ # # Automatically generated make config: don't edit # Busybox version: 1.14.4 -# Wed Nov 25 05:14:56 2009 +# Sun Nov 29 06:50:47 2009 # CONFIG_HAVE_DOT_CONFIG=y diff --git a/release/src/router/matrixssl/src/matrixConfig.h b/release/src/router/matrixssl/src/matrixConfig.h index 6730c4d81b..e3c28b52eb 100644 --- a/release/src/router/matrixssl/src/matrixConfig.h +++ b/release/src/router/matrixssl/src/matrixConfig.h @@ -90,7 +90,7 @@ extern "C" { cache and memory pools with a mutex. By default this is off, so that on POSIX platforms, pthreads isn't req'd */ -/* #define USE_MULTITHREADING */ +#define USE_MULTITHREADING /******************************************************************************/ /* diff --git a/release/src/router/matrixssl/src/pki/x509.c b/release/src/router/matrixssl/src/pki/x509.c index bac7725aec..fdd3e67866 100644 --- a/release/src/router/matrixssl/src/pki/x509.c +++ b/release/src/router/matrixssl/src/pki/x509.c @@ -1577,13 +1577,16 @@ static int32 matrixX509ValidateCertInternal(psPool_t *pool, if (sigType == RSA_SIG) { sslAssert(sigLen <= sizeof(sigOut)); + /* note: on error & no CA, flag as invalid, but don't exit as error here (<1.8.7? behavior) -- zzz */ if (matrixRsaDecryptPub(pool, &(ic->publicKey), subjectCert->signature, subjectCert->signatureLen, sigOut, sigLen) < 0) { matrixStrDebugMsg("Unable to RSA decrypt signature\n", NULL); - return -1; + if (issuerCert) return -1; + rc = -1; + } else { + rc = psAsnConfirmSignature(subjectCert->sigHash, sigOut, sigLen); } - rc = psAsnConfirmSignature(subjectCert->sigHash, sigOut, sigLen); } /* If this is a chain test, fail on any gaps in the chain diff --git a/release/src/router/mdu/Makefile b/release/src/router/mdu/Makefile index d98050253a..59b18f0583 100644 --- a/release/src/router/mdu/Makefile +++ b/release/src/router/mdu/Makefile @@ -11,7 +11,7 @@ all: mdu mdu: $(OBJS) @echo " [mdu] CC -o $@" $(CC) $(LDFLAGS) -o $@ $^ -L../nvram -lnvram -L../shared -lshared -L../mssl -lmssl -# +# $(CC) $(LDFLAGS) -o $@ $^ -L../nvram -lnvram -L../shared -lshared ../mssl/libmssl.a ../matrixssl/src/libmatrixsslstatic.a $(SIZECHECK) $(CPTMP) diff --git a/release/src/router/shared/tomato_version b/release/src/router/shared/tomato_version index 54dad08272..64ca5e68da 100644 --- a/release/src/router/shared/tomato_version +++ b/release/src/router/shared/tomato_version @@ -1 +1 @@ -1.26.0000 \ No newline at end of file +1.27.0000 \ No newline at end of file -- 2.11.4.GIT