Skip Menu |
 
Ticket metadata
The Basics
Id: 3571
Status: resolved
Priority: 0/
Queue: OpenSSL-Bugs

Custom Fields
Milestone: (no value)
Subsystem: (no value)
Severity: (no value)
Broken in: (no value)

People
Owner: Nobody in particular
Requestors: Nick Mathewson
Frank Schmirler
Cc:
AdminCc:

More about the requestors

Nick Mathewson

Comments about this user: No comment entered about this user
Groups this user belongs to
  • Everyone
  • Unprivileged

Frank Schmirler

Comments about this user: No comment entered about this user
Groups this user belongs to
  • Everyone
  • Unprivileged

New reminder:
Subject:
Owner:
Due:

Dates
Created: Fri Oct 17 19:17:49 2014
Starts: Not set
Started: Mon Oct 20 16:45:55 2014
Last Contact: Not set
Due: Not set
Closed: Mon Oct 27 17:09:53 2014
Updated: Mon Oct 27 17:09:54 2014 by Emilia Käsper



CC: rt@openssl.org
Subject: Re: [PATCH] Segfault in 1.0.1j BIO_reset() compiled with no-ssl2 no-ssl3
Date: Fri, 17 Oct 2014 12:47:37 +0200
To: openssl-users@openssl.org
From: "Frank Schmirler" <openssl@schmirler.de>
Download (untitled) / with headers
text/plain 675b
On Thu, 16 Oct 2014 16:33:28 +0200, Frank Schmirler wrote
Show quoted text
> I get the following segfault when trying to send an SSLv3 request to
> the reverse proxy "pound", running on openssl-1.0.1j with SSLv2/3 disabled:
>
> Program received signal SIGSEGV, Segmentation fault.
> 0xb77498fa in ssl_ctrl (b=0xb7001010, cmd=1, num=0, ptr=0x0) at bio_ssl.c:312
> 312 if (ssl->handshake_func == ssl->method->ssl_connect)

Problem is that ssl23_get_server_method(SSL3_VERSION) returns NULL when
compiled with "no-ssl3", setting ssl->method to NULL. The attached patch adds
a define to ssl23_get_client_hello(...) to treat the "no-ssl3" just like the
"SSL_OP_NO_SSLv3" flag.

Regards,
Frank
Download openssl-1.0.1j-no_ssl3.patch
application/x-download 531b

Message body not shown because it is not plain text.

Subject: Re: [openssl.org #3571] Re: [PATCH] Segfault in 1.0.1j BIO_reset() compiled with no-ssl2 no-ssl3
Date: Mon, 20 Oct 2014 11:10:31 +0200
To: rt@openssl.org
From: "Frank Schmirler" <openssl@schmirler.de>
Download (untitled) / with headers
text/plain 892b
On Fri, 17 Oct 2014 21:17:49 +0200, The default queue via RT wrote
Show quoted text
> On Thu, 16 Oct 2014 16:33:28 +0200, Frank Schmirler wrote
> > I get the following segfault when trying to send an SSLv3 request to
> > the reverse proxy "pound", running on openssl-1.0.1j with SSLv2/3 disabled:
> >
> > Program received signal SIGSEGV, Segmentation fault.
> > 0xb77498fa in ssl_ctrl (b=0xb7001010, cmd=1, num=0, ptr=0x0) at bio_ssl.c:312
> > 312 if (ssl->handshake_func == ssl->method->ssl_connect)
>
> Problem is that ssl23_get_server_method(SSL3_VERSION) returns NULL when
> compiled with "no-ssl3", setting ssl->method to NULL. The attached
> patch adds a define to ssl23_get_client_hello(...) to treat the "no-
> ssl3" just like the "SSL_OP_NO_SSLv3" flag.

The same problem will also occur in an SSLv2 style handshake. Find attached an
extended patch. Works without problems now.

Regards,
Frank
Download openssl-1.0.1j-no_ssl3.patch
application/x-download 836b

Message body not shown because it is not plain text.

Subject: Re: [openssl.org #3571] Re: [PATCH] Segfault in 1.0.1j BIO_reset() compiled with no-ssl2 no-ssl3
Date: Mon, 20 Oct 2014 18:39:59 +0200
To: Frank Schmirler via RT <rt@openssl.org>
From: Kurt Roeckx <kurt@roeckx.be>
On Mon, Oct 20, 2014 at 11:10:51AM +0200, Frank Schmirler via RT wrote:
Show quoted text
> On Fri, 17 Oct 2014 21:17:49 +0200, The default queue via RT wrote
> > On Thu, 16 Oct 2014 16:33:28 +0200, Frank Schmirler wrote
> > > I get the following segfault when trying to send an SSLv3 request to
> > > the reverse proxy "pound", running on openssl-1.0.1j with SSLv2/3 disabled:
> > >
> > > Program received signal SIGSEGV, Segmentation fault.
> > > 0xb77498fa in ssl_ctrl (b=0xb7001010, cmd=1, num=0, ptr=0x0) at bio_ssl.c:312
> > > 312 if (ssl->handshake_func == ssl->method->ssl_connect)
> >
> > Problem is that ssl23_get_server_method(SSL3_VERSION) returns NULL when
> > compiled with "no-ssl3", setting ssl->method to NULL. The attached
> > patch adds a define to ssl23_get_client_hello(...) to treat the "no-
> > ssl3" just like the "SSL_OP_NO_SSLv3" flag.
>
> The same problem will also occur in an SSLv2 style handshake. Find attached an
> extended patch. Works without problems now.

Can you try the attached patch instead?


Kurt
Download pr3571.patch
text/x-diff 663b

Message body is not shown because sender requested not to inline it.

CC: yawning@torproject.org, Peter Palfrader <weasel@torproject.org>
Subject: Crash bug in latest openssl versions due to ssl_st.method==NULL
Date: Sun, 19 Oct 2014 15:14:19 -0400
To: Ben Laurie <ben@links.org>, Adam Langley <agl@imperialviolet.org>, Geoff Thorpe <geoff@openssl.org>, rt@openssl.org
From: Nick Mathewson <nickm@freehaven.net>
Download (untitled) / with headers
text/plain 1.2k
Show quoted text
>From an examination, this is at worst a null pointer dereference, and
it's readily inferred from a ticket on our public bugtracker, so I'm
sending this in the clear.

Because of patch 26a59d9b46574e457870197dffa802871b4c8fc7 from Geoff
Thorpe (hi!) , if openssl is built with no-ssl3, and you connect to it
with SSL v3, then the s->method pointer is set to NULL. This can
cause a variety of functions to crash if you call them on your error
path, since nearly everything expects s->method to be set and doesn't
check it.

In Tor's case, the crash happens in a bit of code in our cleanup
function that does "SSL_set_tlsext_host_name(... , NULL);" to work
around the bug that Ben fixed in
241d088156cdd12bce84b26dbc9060972ef73d96. But probably this kind of
thing can happen to other programs too.

I'd suggest that the code in ssl23_get_client_hello() should instead
do something like this:

SSL_METHOD *new_method = ssl23_get_server_method(s->version);
if (new_method == NULL)
{
SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
goto err;
}
else
s->method = new_method;

Does that seem sensible? I might well be missing something; my
understanding of this code is shallow.
Subject: Re: [openssl.org #3571] Re: [PATCH] Segfault in 1.0.1j BIO_reset() compiled with no-ssl2 no-ssl3
Date: Tue, 21 Oct 2014 10:11:20 +0200
To: rt@openssl.org
From: "Frank Schmirler" <openssl@schmirler.de>
Download (untitled) / with headers
text/plain 199b
On Mon, 20 Oct 2014 18:45:55 +0200, Kurt Roeckx via RT wrote
Show quoted text
> Can you try the attached patch instead?

Definitely the better approach to fix the problem. Works as expected, thanks!

Regards,
Frank
Subject: Re: [openssl.org #3571] Re: [PATCH] Segfault in 1.0.1j BIO_reset() compiled with no-ssl2 no-ssl3
Date: Tue, 21 Oct 2014 21:35:17 +0200
To: rt@openssl.org
From: Kurt Roeckx <kurt@roeckx.be>
Download (untitled) / with headers
text/plain 297b
On Tue, Oct 21, 2014 at 10:11:36AM +0200, Frank Schmirler via RT wrote:
Show quoted text
> On Mon, 20 Oct 2014 18:45:55 +0200, Kurt Roeckx via RT wrote
> > Can you try the attached patch instead?
>
> Definitely the better approach to fix the problem. Works as expected, thanks!

Commited to all branches.


Kurt