Project homepage Mailing List  Warmcat.com  API Docs  Github Mirror 
{"schema":"libjg2-1", "vpath":"/git/", "avatar":"/git/avatar/", "alang":"", "gen_ut":1747287454, "reponame":"openssl", "desc":"OpenSSL", "owner": { "name": "Andy Green", "email": "andy@warmcat.com", "md5": "c50933ca2aa61e0fe2c43d46bb6b59cb" },"url":"https://warmcat.com/repo/openssl", "f":3, "items": [ {"schema":"libjg2-1", "cid":"ba7e6a3672a142200dcdb909f193842a", "commit": {"type":"commit", "time": 1516816956, "time_ofs": 0, "oid_tree": { "oid": "ed4062bac466192046e01bf0179ce0966efa6914", "alias": []}, "oid":{ "oid": "10ee72461254643bd152a7f3f6112edb6f517d4b", "alias": []}, "msg": "Enable the cookie callbacks to work even in TLS in the apps", "sig_commit": { "git_time": { "time": 1516816956, "offset": 0 }, "name": "Matt Caswell", "email": "matt@openssl.org", "md5": "10f7b441a32d5790efad9fc68cae4af2" }, "sig_author": { "git_time": { "time": 1505229549, "offset": 60 }, "name": "Matt Caswell", "email": "matt@openssl.org", "md5": "10f7b441a32d5790efad9fc68cae4af2" }}, "body": "Enable the cookie callbacks to work even in TLS in the apps\n\nReviewed-by: Ben Kaduk \u003ckaduk@mit.edu\u003e\n(Merged from https://github.com/openssl/openssl/pull/4435)\n" , "diff": "diff --git a/apps/apps.h b/apps/apps.h\nindex 6d0d701..601797b 100644\n--- a/apps/apps.h\n+++ b/apps/apps.h\n@@ -46,6 +46,8 @@ extern BIO *bio_out;\n extern BIO *bio_err;\n extern const unsigned char tls13_aes128gcmsha256_id[];\n extern const unsigned char tls13_aes256gcmsha384_id[];\n+extern BIO_ADDR *ourpeer;\n+\n BIO *dup_bio_in(int format);\n BIO *dup_bio_out(int format);\n BIO *dup_bio_err(int format);\ndiff --git a/apps/s_cb.c b/apps/s_cb.c\nindex c7c9ecb..575fb04 100644\n--- a/apps/s_cb.c\n+++ b/apps/s_cb.c\n@@ -686,9 +686,9 @@ int generate_cookie_callback(SSL *ssl, unsigned char *cookie,\n unsigned int *cookie_len)\n {\n unsigned char *buffer;\n- size_t length;\n+ size_t length \u003d 0;\n unsigned short port;\n- BIO_ADDR *peer \u003d NULL;\n+ BIO_ADDR *lpeer \u003d NULL, *peer \u003d NULL;\n \n /* Initialize a random secret */\n if (!cookie_initialized) {\n@@ -699,17 +699,24 @@ int generate_cookie_callback(SSL *ssl, unsigned char *cookie,\n cookie_initialized \u003d 1;\n }\n \n- peer \u003d BIO_ADDR_new();\n- if (peer \u003d\u003d NULL) {\n- BIO_printf(bio_err, \u0022memory full\u005cn\u0022);\n- return 0;\n- }\n+ if (SSL_is_dtls(ssl)) {\n+ lpeer \u003d peer \u003d BIO_ADDR_new();\n+ if (peer \u003d\u003d NULL) {\n+ BIO_printf(bio_err, \u0022memory full\u005cn\u0022);\n+ return 0;\n+ }\n \n- /* Read peer information */\n- (void)BIO_dgram_get_peer(SSL_get_rbio(ssl), peer);\n+ /* Read peer information */\n+ (void)BIO_dgram_get_peer(SSL_get_rbio(ssl), peer);\n+ } else {\n+ peer \u003d ourpeer;\n+ }\n \n /* Create buffer with peer's address and port */\n- BIO_ADDR_rawaddress(peer, NULL, \u0026length);\n+ if (!BIO_ADDR_rawaddress(peer, NULL, \u0026length)) {\n+ BIO_printf(bio_err, \u0022Failed getting peer address\u005cn\u0022);\n+ return 0;\n+ }\n OPENSSL_assert(length !\u003d 0);\n port \u003d BIO_ADDR_rawport(peer);\n length +\u003d sizeof(port);\n@@ -723,7 +730,7 @@ int generate_cookie_callback(SSL *ssl, unsigned char *cookie,\n buffer, length, cookie, cookie_len);\n \n OPENSSL_free(buffer);\n- BIO_ADDR_free(peer);\n+ BIO_ADDR_free(lpeer);\n \n return 1;\n }\ndiff --git a/apps/s_socket.c b/apps/s_socket.c\nindex 74cf8d2..a9e46f9 100644\n--- a/apps/s_socket.c\n+++ b/apps/s_socket.c\n@@ -35,6 +35,9 @@ typedef unsigned int u_int;\n # include \u003copenssl/bio.h\u003e\n # include \u003copenssl/err.h\u003e\n \n+/* Keep track of our peer's address for the cookie callback */\n+BIO_ADDR *ourpeer \u003d NULL;\n+\n /*\n * init_client - helper routine to set up socket communication\n * @sock: pointer to storage of resulting socket.\n@@ -212,8 +215,15 @@ int do_server(int *accept_sock, const char *host, const char *port,\n *accept_sock \u003d asock;\n for (;;) {\n if (type \u003d\u003d SOCK_STREAM) {\n+ BIO_ADDR_free(ourpeer);\n+ ourpeer \u003d BIO_ADDR_new();\n+ if (ourpeer \u003d\u003d NULL) {\n+ BIO_closesocket(asock);\n+ ERR_print_errors(bio_err);\n+ goto end;\n+ }\n do {\n- sock \u003d BIO_accept_ex(asock, NULL, 0);\n+ sock \u003d BIO_accept_ex(asock, ourpeer, 0);\n } while (sock \u003c 0 \u0026\u0026 BIO_sock_should_retry(sock));\n if (sock \u003c 0) {\n ERR_print_errors(bio_err);\n@@ -264,6 +274,8 @@ int do_server(int *accept_sock, const char *host, const char *port,\n if (family \u003d\u003d AF_UNIX)\n unlink(host);\n # endif\n+ BIO_ADDR_free(ourpeer);\n+ ourpeer \u003d NULL;\n return ret;\n }\n \n","s":{"c":1747287454,"u": 41205}} ],"g": 42103,"chitpc": 0,"ehitpc": 0,"indexed":0 , "ab": 0, "si": 0, "db":0, "di":0, "sat":0, "lfc": "0000"}