packages/openssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
openssl/Don-t-attempt-to-duplicate-the-BIO-state-in-SSL_dup.patch

60 lines
2.0 KiB
Diff
Raw Blame History

From 4864a232ee7f901388532f65911866ca2478cfa9 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Tue, 16 Jun 2020 17:40:40 +0100
Subject: [PATCH 034/147] Don't attempt to duplicate the BIO state in SSL_dup
SSL_dup attempted to duplicate the BIO state if the source SSL had BIOs
configured for it. This did not work.
Firstly the SSL_dup code was passing a BIO ** as the destination
argument for BIO_dup_state. However BIO_dup_state expects a BIO * for that
parameter. Any attempt to use this will either (1) fail silently, (2) crash
or fail in some other strange way.
Secondly many BIOs do not implement the BIO_CTRL_DUP ctrl required to make
this work.
Thirdly, if rbio == wbio in the original SSL object, then an attempt is made
to up-ref the BIO in the new SSL object - even though it hasn't been set
yet and is NULL. This results in a crash.
This appears to have been broken for a very long time with at least some of
the problems described above coming from SSLeay. The simplest approach is
to just remove this capability from the function.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12245)
---
ssl/ssl_lib.c | 15 ---------------
1 files changed, 15 deletions(-)
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 1d96eb4..f6a4964 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -3841,21 +3841,6 @@ SSL *SSL_dup(SSL *s)
if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data))
goto err;
- /* setup rbio, and wbio */
- if (s->rbio != NULL) {
- if (!BIO_dup_state(s->rbio, (char *)&ret->rbio))
- goto err;
- }
- if (s->wbio != NULL) {
- if (s->wbio != s->rbio) {
- if (!BIO_dup_state(s->wbio, (char *)&ret->wbio))
- goto err;
- } else {
- BIO_up_ref(ret->rbio);
- ret->wbio = ret->rbio;
- }
- }
-
ret->server = s->server;
if (s->handshake_func) {
if (s->server)
--
1.8.3.1
Reference in New Issue View Git Blame Copy Permalink