ssl certificate ver=3

2 files changed, 8 insertions, 3 deletions

diff --git a/src/SSL_Analyze.c b/src/SSL_Analyze.c
index a7471ce..4d5730f 100644
--- a/src/SSL_Analyze.c
+++ b/src/SSL_Analyze.c
@@ -19,7 +19,7 @@
 
 ssl_prog_runtime_parameter_t 	g_ssl_prog_para;
 
-int SSL_VERSION_1_20181204 = 0;
+int SSL_VERSION_1_20181206 = 0;
 
 void ssl_history()
 {
@@ -64,6 +64,8 @@ void ssl_history()
 //2018-11-08 V0.2 multi-san
 //2018-11-29 V0.2 san dictator_malloc
 //2018-12-04 V0.2 openssl parse certificate bug
+//2018-12-06 V0.2 certificate maxnum
+
 
 
 //to do 
diff --git a/src/SSL_Certificate.c b/src/SSL_Certificate.c
index bb4fcf7..2b9c564 100644
--- a/src/SSL_Certificate.c
+++ b/src/SSL_Certificate.c
@@ -27,11 +27,13 @@
 //debug
 #define PRINTF_CERTIFICATE		0
 
+#define CERT_VER_MAXNUM			3
 const stValueString_t g_astCertVersions[] =
 {
     {   0, "v1" },
     {   1, "v2" },
-    {   2, "v3" },
+    {   2, "v3" },    
+    {   3, "v4" },
     {   0, NULL },
 };
 
@@ -1047,7 +1049,8 @@ UCHAR  fn_pGetSSLInfo(char *pcCert, int iLen, ssl_stream *a_ssl_stream,  struct
 	if(NULL!=x509_handle->cert_info)
 	{
 		/*version*/
-		int ver = X509_get_version(x509_handle);		
+		int ver = X509_get_version(x509_handle);
+		if(ver>CERT_VER_MAXNUM) return SSL_RETURN_NORM;
 		memcpy(a_ssl_stream->stSSLCert->SSLVersion, 
 				g_astCertVersions[ver].pcString, 
 				1 + strlen((const char *)g_astCertVersions[ver].pcString));