[openssl-users] OpenSSL 1.1.0 assertion failure: ssl_free_wbio_buffer()
Matt Caswell
matt at openssl.org
Mon Apr 16 13:15:38 UTC 2018
On 16/04/18 11:38, Matt Caswell wrote:
>
>
> On 16/04/18 09:19, Marcus.Schafheutle at gmx.de wrote:
>> SSL_set_bio(ssl, NULL, NULL); // free BIOs when finished
>
> There should be no reason to do this. The BIO's will get freed
> automatically by the SSL_free() call.
>
>
>> Is this a faulty behavior of OpenSSL 1.1.0 or is the fault on my side?
>
>
> This looks like a bug in OpenSSL. It should be able to tolerate passing
> NULL for wbio in the SSL_set_bio call, but apparently it can't in the
> case of a failed handshake. Please could you open an issue on github for
> this?
>
> The workaround is to remove the SSL_set_bio(SSL, NULL, NULL) call. It
> should not be necessary.
I created a fix and some tests here:
https://github.com/openssl/openssl/pull/5966
It turns out the assertion is completely bogus and can simply be removed.
Matt
More information about the openssl-users
mailing list