You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
87 lines
2.7 KiB
87 lines
2.7 KiB
From 90951497008967f10ba8f9927b53c6e6bc138540 Mon Sep 17 00:00:00 2001
|
|
From: Emeric Brun <ebrun@haproxy.comw>
|
|
Date: Wed, 12 Nov 2014 17:35:37 +0100
|
|
Subject: [PATCH 2/6] BUG/MEDIUM: ssl: fix bad ssl context init can cause
|
|
segfault in case of OOM.
|
|
|
|
Some SSL context's init functions errors were not handled and
|
|
can cause a segfault due to an incomplete SSL context
|
|
initialization.
|
|
|
|
This fix must be backported to 1.5.
|
|
(cherry picked from commit 5547615cdac377797ae351a2e024376dbf6d6963)
|
|
---
|
|
src/ssl_sock.c | 44 ++++++++++++++++++++++++++++++++++----------
|
|
1 file changed, 34 insertions(+), 10 deletions(-)
|
|
|
|
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
|
|
index f8bfbe7..620609f 100644
|
|
--- a/src/ssl_sock.c
|
|
+++ b/src/ssl_sock.c
|
|
@@ -2040,15 +2040,29 @@ static int ssl_sock_init(struct connection *conn)
|
|
return -1;
|
|
}
|
|
|
|
- SSL_set_connect_state(conn->xprt_ctx);
|
|
- if (objt_server(conn->target)->ssl_ctx.reused_sess)
|
|
- SSL_set_session(conn->xprt_ctx, objt_server(conn->target)->ssl_ctx.reused_sess);
|
|
-
|
|
/* set fd on SSL session context */
|
|
- SSL_set_fd(conn->xprt_ctx, conn->t.sock.fd);
|
|
+ if (!SSL_set_fd(conn->xprt_ctx, conn->t.sock.fd)) {
|
|
+ SSL_free(conn->xprt_ctx);
|
|
+ conn->xprt_ctx = NULL;
|
|
+ conn->err_code = CO_ER_SSL_NO_MEM;
|
|
+ return -1;
|
|
+ }
|
|
|
|
/* set connection pointer */
|
|
- SSL_set_app_data(conn->xprt_ctx, conn);
|
|
+ if (!SSL_set_app_data(conn->xprt_ctx, conn)) {
|
|
+ SSL_free(conn->xprt_ctx);
|
|
+ conn->xprt_ctx = NULL;
|
|
+ conn->err_code = CO_ER_SSL_NO_MEM;
|
|
+ return -1;
|
|
+ }
|
|
+
|
|
+ SSL_set_connect_state(conn->xprt_ctx);
|
|
+ if (objt_server(conn->target)->ssl_ctx.reused_sess) {
|
|
+ if(!SSL_set_session(conn->xprt_ctx, objt_server(conn->target)->ssl_ctx.reused_sess)) {
|
|
+ SSL_SESSION_free(objt_server(conn->target)->ssl_ctx.reused_sess);
|
|
+ objt_server(conn->target)->ssl_ctx.reused_sess = NULL;
|
|
+ }
|
|
+ }
|
|
|
|
/* leave init state and start handshake */
|
|
conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
|
|
@@ -2065,13 +2079,23 @@ static int ssl_sock_init(struct connection *conn)
|
|
return -1;
|
|
}
|
|
|
|
- SSL_set_accept_state(conn->xprt_ctx);
|
|
-
|
|
/* set fd on SSL session context */
|
|
- SSL_set_fd(conn->xprt_ctx, conn->t.sock.fd);
|
|
+ if (!SSL_set_fd(conn->xprt_ctx, conn->t.sock.fd)) {
|
|
+ SSL_free(conn->xprt_ctx);
|
|
+ conn->xprt_ctx = NULL;
|
|
+ conn->err_code = CO_ER_SSL_NO_MEM;
|
|
+ return -1;
|
|
+ }
|
|
|
|
/* set connection pointer */
|
|
- SSL_set_app_data(conn->xprt_ctx, conn);
|
|
+ if (!SSL_set_app_data(conn->xprt_ctx, conn)) {
|
|
+ SSL_free(conn->xprt_ctx);
|
|
+ conn->xprt_ctx = NULL;
|
|
+ conn->err_code = CO_ER_SSL_NO_MEM;
|
|
+ return -1;
|
|
+ }
|
|
+
|
|
+ SSL_set_accept_state(conn->xprt_ctx);
|
|
|
|
/* leave init state and start handshake */
|
|
conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
|
|
--
|
|
2.0.4
|
|
|