Change #267342
| Category | curl |
| Changed by | Sergio Correia <scorreia@redhat.com> |
| Changed at | Sat 16 May 2026 01:06:56 |
| Repository | https://github.com/curl/curl.git |
| Project | curl |
| Branch | master |
| Revision | 61d59c9e39b451b30feb431b780a5cc325757921 |
Comments
x509asn1: fix DH public key parameter extraction The dh(g) parameter was read from param->beg instead of from the cursor p returned by parsing dh(p). This caused dh(g) to always report the same value as dh(p) when inspecting DH certificates via CURLOPT_CERTINFO on non-OpenSSL backends. The DSA branch correctly advances the cursor; the DH branch lost this during what appears to be a copy-paste. Add unit1676 to verify that dh(p) and dh(g) report distinct values using a hand-crafted minimal DER certificate. Assisted by: Claude Opus 4.6 Signed-off-by: Sergio Correia <scorreia@redhat.com> Closes #21595
Changed files
- lib/vtls/x509asn1.c
- tests/data/Makefile.am
- tests/data/test1676
- tests/unit/Makefile.inc
- tests/unit/unit1676.c