Merge pull request #141 from cofyc/fix

cofyc · web-flow · commit fb612245d1fa · 2018-02-24T06:47:17.000+08:00
Fixes multiple certs issue
diff --git a/dnscrypt.c b/dnscrypt.c
@@ -66,7 +66,7 @@ find_cert(const struct context *c,
     if (dns_query_len <= DNSCRYPT_QUERY_HEADER_SIZE) {
         return NULL;
     }
-    for (i = 0U; i < c->signed_certs_count; i++) {
+    for (i = 0U; i < c->certs_count; i++) {
         if (memcmp(certs[i].magic_query, magic_query, DNSCRYPT_MAGIC_HEADER_LEN) == 0) {
             return &certs[i];
         }
diff --git a/dnscrypt.h b/dnscrypt.h
@@ -149,6 +149,7 @@ struct context {
     struct SignedCert *signed_certs;
     size_t signed_certs_count;
     dnsccert *certs;
+    size_t certs_count;
     uint8_t provider_publickey[crypto_sign_ed25519_PUBLICKEYBYTES];
     uint8_t provider_secretkey[crypto_sign_ed25519_SECRETKEYBYTES];
     char *crypt_secretkey_file;
diff --git a/main.c b/main.c
@@ -231,7 +231,7 @@ filter_signed_certs(struct context *c)
                 filtered_certs[j].version_minor[0] == c->signed_certs[i].version_minor[0] &&
                 filtered_certs[j].version_minor[1] == c->signed_certs[i].version_minor[1]) {
                 found = 1;
-                if (filtered_certs[j].serial < c->signed_certs[i].serial) {
+                if (ntohl(*(uint32_t *)filtered_certs[j].serial) < ntohl(*(uint32_t *)c->signed_certs[i].serial)) {
                     filtered_certs[j] = c->signed_certs[i];
                 }
             }
@@ -295,6 +295,7 @@ match_cert_to_keys(struct context *c) {
     size_t keypair_id, signed_cert_id, cert_id;
 
     c->certs = sodium_allocarray(c->signed_certs_count, sizeof *c->certs);
+    c->certs_count = c->signed_certs_count;
     cert_id = 0U;
 
     for(keypair_id=0; keypair_id < c->keypairs_count; keypair_id++) {
diff --git a/version.h b/version.h
@@ -2,6 +2,6 @@
 #ifndef VERSION_H
 #define VERSION_H
 
-const char *the_version = "0.4.0-4.g9cf954e";
+const char *the_version = "0.4.0-5.g100b339";
 
 #endif

Original file line number	Diff line number	Diff line change
`@@ -66,7 +66,7 @@ find_cert(const struct context *c,`
`66`	`66`	`if (dns_query_len <= DNSCRYPT_QUERY_HEADER_SIZE) {`
`67`	`67`	`return NULL;`
`68`	`68`	`}`
`69`		`- for (i = 0U; i < c->signed_certs_count; i++) {`
	`69`	`+ for (i = 0U; i < c->certs_count; i++) {`
`70`	`70`	`if (memcmp(certs[i].magic_query, magic_query, DNSCRYPT_MAGIC_HEADER_LEN) == 0) {`
`71`	`71`	`return &certs[i];`
`72`	`72`	`}`
Original file line number	Diff line number	Diff line change
`@@ -231,7 +231,7 @@ filter_signed_certs(struct context *c)`
`231`	`231`	`filtered_certs[j].version_minor[0] == c->signed_certs[i].version_minor[0] &&`
`232`	`232`	`filtered_certs[j].version_minor[1] == c->signed_certs[i].version_minor[1]) {`
`233`	`233`	`found = 1;`
`234`		`- if (filtered_certs[j].serial < c->signed_certs[i].serial) {`
	`234`	`+ if (ntohl((uint32_t )filtered_certs[j].serial) < ntohl((uint32_t )c->signed_certs[i].serial)) {`
`235`	`235`	`filtered_certs[j] = c->signed_certs[i];`
`236`	`236`	`}`
`237`	`237`	`}`
`@@ -295,6 +295,7 @@ match_cert_to_keys(struct context *c) {`
`295`	`295`	`size_t keypair_id, signed_cert_id, cert_id;`
`296`	`296`
`297`	`297`	`c->certs = sodium_allocarray(c->signed_certs_count, sizeof *c->certs);`
	`298`	`+ c->certs_count = c->signed_certs_count;`
`298`	`299`	`cert_id = 0U;`
`299`	`300`
`300`	`301`	`for(keypair_id=0; keypair_id < c->keypairs_count; keypair_id++) {`