Project

General

Profile

Actions
Copy link

Bug #11810

closed

[PATCH] OpenSSL::SSL::SSLcontext#{alpn,npn}_select_cb= does not work properly

Bug #11810: [PATCH] OpenSSL::SSL::SSLcontext#{alpn,npn}_select_cb= does not work properly

Added by rhenium (Kazuki Yamaguchi) almost 10 years ago. Updated almost 9 years ago.

Status:
Closed
Assignee:
-
Target version:
-
ruby -v:
ruby 2.3.0dev (2015-12-13 trunk 53061) [x86_64-linux]
Backport:
2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: DONE
[ruby-core:72082]

Description

The protocol list passed to the callback function (set by SSL_CTX_set_alpn_select_cb, SSL_CTX_set_next_proto_select_cb) is not null-terminated string.
This issue seems to have been existing since first NPN was supported (r36871).

This patch also removes the code checking the length of protocol name, because it is already validated by OpenSSL.

Files

0001-ext-openssl-ossl_ssl.c-ssl_npn_select_cb_common-fix-.patch (1.27 KB) 0001-ext-openssl-ossl_ssl.c-ssl_npn_select_cb_common-fix-.patch rhenium (Kazuki Yamaguchi), 12/12/2015 05:09 PM

Updated by naruse (Yui NARUSE) almost 10 years ago Actions
Copy link
 #1

  • Status changed from Open to Closed

Applied in changeset r53064.

  • ext/openssl/ossl_ssl.c (ssl_npn_select_cb_common): fix parsing
    protocol list.
    The protocol list from OpenSSL is not null-terminated.
    patched by Kazuki Yamaguchi [Bug #11810] [ruby-core:72082]

Updated by usa (Usaku NAKAMURA) almost 9 years ago Actions
Copy link
 #2 [ruby-core:78146]

  • Backport changed from 2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: UNKNOWN to 2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: DONE

ruby_2_2 r56798 merged revision(s) 53064.

Actions
Copy link

Also available in: PDF Atom