mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-02-17 14:32:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

app_http_tls_cb(): fix crash on inconsistency w.r.t. use of TLS

Browse Source 
This happens if use_ssl is not set but an SSL_CTX is provided.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18674)
This commit is contained in:
Dr. David von Oheimb 2022-06-28 11:30:50 +02:00 committed by Hugo Landau
parent 33478aedaf
commit 96e13a1679
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
apps/lib/apps.c
View File

@ -2450,7 +2450,9 @@ BIO *app_http_tls_cb(BIO *bio, void *arg, int connect, int detail)
APP_HTTP_TLS_INFO *info = (APP_HTTP_TLS_INFO *)arg;
SSL_CTX *ssl_ctx = info->ssl_ctx;
if (connect && detail) { /* connecting with TLS */
if (ssl_ctx == NULL) /* not using TLS */
return bio;
if (connect) {
SSL *ssl;
BIO *sbio = NULL;
@ -2530,6 +2532,11 @@ ASN1_VALUE *app_http_get_asn1(const char *url, const char *proxy,
"missing SSL_CTX");
goto end;
}
if (!use_ssl && ssl_ctx != NULL) {
ERR_raise_data(ERR_LIB_HTTP, ERR_R_PASSED_INVALID_ARGUMENT,
"SSL_CTX given but use_ssl == 0");
goto end;
}
info.server = server;
info.port = port;