[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Tue Aug 11 21:21:47 UTC 2015
The branch master has been updated
via f75d5171be0b3b5419c8974133e1573cf976a8bb (commit)
via d8e8590ed90eba6ef651d09d77befb14f980de2c (commit)
from 6142f5c640f98429d4798b8418e8cc2cf6cc1fb8 (commit)
- Log -----------------------------------------------------------------
commit f75d5171be0b3b5419c8974133e1573cf976a8bb
Author: Matt Caswell <matt at openssl.org>
Date: Tue Aug 11 19:38:39 2015 +0100
Fix "make test" seg fault with SCTP enabled
When config'd with "sctp" running "make test" causes a seg fault. This is
actually due to the way ssltest works - it dives under the covers and frees
up BIOs manually and so some BIOs are NULL when the SCTP code does not
expect it. The simplest fix is just to add some sanity checks to make sure
the BIOs aren't NULL before we use them.
This problem occurs in master and 1.0.2. The fix has also been applied to
1.0.1 to keep the code in sync.
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit d8e8590ed90eba6ef651d09d77befb14f980de2c
Author: Matt Caswell <matt at openssl.org>
Date: Tue Aug 11 19:36:43 2015 +0100
Fix missing return value checks in SCTP
There are some missing return value checks in the SCTP code. In master this
was causing a compilation failure when config'd with
"--strict-warnings sctp".
Reviewed-by: Tim Hudson <tjh at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
ssl/d1_both.c | 7 +++++--
ssl/d1_clnt.c | 16 ++++++++++++----
ssl/d1_srvr.c | 18 +++++++++++++-----
3 files changed, 30 insertions(+), 11 deletions(-)
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index ec47b94..2c3ab54 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -1365,9 +1365,12 @@ int dtls1_shutdown(SSL *s)
{
int ret;
#ifndef OPENSSL_NO_SCTP
- if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
+ BIO *wbio;
+
+ wbio = SSL_get_wbio(s);
+ if (wbio != NULL && BIO_dgram_is_sctp(wbio) &&
!(s->shutdown & SSL_SENT_SHUTDOWN)) {
- ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
+ ret = BIO_dgram_sctp_wait_for_dry(wbio);
if (ret < 0)
return -1;
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index 566c154..d411614 100644
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -364,11 +364,15 @@ int dtls1_connect(SSL *s)
sizeof(DTLS1_SCTP_AUTH_LABEL),
DTLS1_SCTP_AUTH_LABEL);
- SSL_export_keying_material(s, sctpauthkey,
+ if (SSL_export_keying_material(s, sctpauthkey,
sizeof(sctpauthkey),
labelbuffer,
sizeof(labelbuffer), NULL, 0,
- 0);
+ 0) <= 0) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
BIO_ctrl(SSL_get_wbio(s),
BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
@@ -493,9 +497,13 @@ int dtls1_connect(SSL *s)
snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
DTLS1_SCTP_AUTH_LABEL);
- SSL_export_keying_material(s, sctpauthkey,
+ if (SSL_export_keying_material(s, sctpauthkey,
sizeof(sctpauthkey), labelbuffer,
- sizeof(labelbuffer), NULL, 0, 0);
+ sizeof(labelbuffer), NULL, 0, 0) <= 0) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
sizeof(sctpauthkey), sctpauthkey);
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index 19562e1..555bbdf 100644
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -417,9 +417,13 @@ int dtls1_accept(SSL *s)
snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
DTLS1_SCTP_AUTH_LABEL);
- SSL_export_keying_material(s, sctpauthkey,
- sizeof(sctpauthkey), labelbuffer,
- sizeof(labelbuffer), NULL, 0, 0);
+ if (SSL_export_keying_material(s, sctpauthkey,
+ sizeof(sctpauthkey), labelbuffer,
+ sizeof(labelbuffer), NULL, 0, 0) <= 0) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
sizeof(sctpauthkey), sctpauthkey);
@@ -606,9 +610,13 @@ int dtls1_accept(SSL *s)
snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
DTLS1_SCTP_AUTH_LABEL);
- SSL_export_keying_material(s, sctpauthkey,
+ if (SSL_export_keying_material(s, sctpauthkey,
sizeof(sctpauthkey), labelbuffer,
- sizeof(labelbuffer), NULL, 0, 0);
+ sizeof(labelbuffer), NULL, 0, 0) <= 0) {
+ ret = -1;
+ s->state = SSL_ST_ERR;
+ goto end;
+ }
BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
sizeof(sctpauthkey), sctpauthkey);
More information about the openssl-commits
mailing list