From 02cb6fc6f2d744c74cb4ec6b0674ab1ed49c1b20 Mon Sep 17 00:00:00 2001 From: S-P Chan Date: Thu, 30 Jun 2022 07:19:18 +0800 Subject: [PATCH] tls: cert serial number can exceed uint64 Addresses #3168 --- src/modules/tls/tls_select.c | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/src/modules/tls/tls_select.c b/src/modules/tls/tls_select.c index 985e6dcec179..9785ac36c034 100644 --- a/src/modules/tls/tls_select.c +++ b/src/modules/tls/tls_select.c @@ -632,21 +632,28 @@ static int pv_validity(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) static int get_sn(str* res, int* ires, int local, sip_msg_t* msg) { - static char buf[INT2STR_MAX_LEN]; + static char buf[80]; // handle 256-bits log(2^256,10) X509* cert; struct tcp_connection* c; char* sn; - int num; + BIGNUM* bn; if (get_cert(&cert, &c, msg, local) < 0) return -1; - num = ASN1_INTEGER_get(X509_get_serialNumber(cert)); - sn = int2str(num, &res->len); + bn = BN_new(); + ASN1_INTEGER_to_BN(X509_get_serialNumber(cert), bn); + sn = BN_bn2dec(bn); + res->len = strlen(sn); memcpy(buf, sn, res->len); res->s = buf; - if (ires) *ires = num; + + // cannot store serial number in int size var + // if (ires) *ires = num; if (!local) X509_free(cert); tcpconn_put(c); + + BN_free(bn); + OPENSSL_free(sn); return 0; } @@ -678,12 +685,13 @@ static int pv_sn(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) BUG("could not determine certificate\n"); return pv_get_null(msg, param, res); } - - if (get_sn(&res->rs, &res->ri, local, msg) < 0) { + + // serial no can be > 2^64 cannot store in res->ri + if (get_sn(&res->rs, NULL, local, msg) < 0) { return pv_get_null(msg, param, res); } - res->flags = PV_VAL_STR | PV_VAL_INT; + res->flags = PV_VAL_STR; return 0; }