You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Michael Kaufmann <ma...@michael-kaufmann.ch> on 2018/10/18 07:39:51 UTC
Crash with SSL renegotiations in 2.4.x branch
Hi,
there's a bug in the current 2.4.x branch of httpd which leads to
crashes for SSL renegotiations.
The variable "ctx" is always NULL in ssl_engine_kernel.c,
ssl_hook_Access_classic(), and it's used here:
if (!(cert_store ||
(cert_store = SSL_CTX_get_cert_store(ctx))))
...
In trunk, this bug has been fixed in r1828793. Please backport this
for 2.4.37.
Regards,
Michael
Re: Crash with SSL renegotiations in 2.4.x branch
Posted by Michael Kaufmann <ma...@michael-kaufmann.ch>.
> Backported in 1844223, will be part of 2.4.37.
>
> Thanks again!
>
> Rainer
Great! Thanks a lot for proposing & backporting.
Regards,
Michael
Re: Crash with SSL renegotiations in 2.4.x branch
Posted by Rainer Jung <ra...@kippdata.de>.
Am 18.10.2018 um 11:09 schrieb Rainer Jung:
> Hi Michael,
>
> Am 18.10.2018 um 09:39 schrieb Michael Kaufmann:
>> Hi,
>>
>> there's a bug in the current 2.4.x branch of httpd which leads to
>> crashes for SSL renegotiations.
>>
>> The variable "ctx" is always NULL in ssl_engine_kernel.c,
>> ssl_hook_Access_classic(), and it's used here:
>>
>> if (!(cert_store ||
>> (cert_store = SSL_CTX_get_cert_store(ctx))))
>> ...
>>
>> In trunk, this bug has been fixed in r1828793. Please backport this
>> for 2.4.37.
>
> Thanks for letting us know. Indeed the backport is missing.
>
> Unfortunately the test suite seems to not cover the case that triggers
> the crash. It seems to be when OptRenegotiate is set and we do have
> client certs from the original handshake, but those certs were not
> verified and we want a reneg now.
>
> I will propose for backport now.
Backported in 1844223, will be part of 2.4.37.
Thanks again!
Rainer
Re: Crash with SSL renegotiations in 2.4.x branch
Posted by Rainer Jung <ra...@kippdata.de>.
Hi Michael,
Am 18.10.2018 um 09:39 schrieb Michael Kaufmann:
> Hi,
>
> there's a bug in the current 2.4.x branch of httpd which leads to
> crashes for SSL renegotiations.
>
> The variable "ctx" is always NULL in ssl_engine_kernel.c,
> ssl_hook_Access_classic(), and it's used here:
>
> if (!(cert_store ||
> (cert_store = SSL_CTX_get_cert_store(ctx))))
> ...
>
> In trunk, this bug has been fixed in r1828793. Please backport this for
> 2.4.37.
Thanks for letting us know. Indeed the backport is missing.
Unfortunately the test suite seems to not cover the case that triggers
the crash. It seems to be when OptRenegotiate is set and we do have
client certs from the original handshake, but those certs were not
verified and we want a reneg now.
I will propose for backport now.
Regards,
Rainer