Actions
Bug #11369
closed
Check length of selected NPN protocol
Status:
Closed
Assignee:
-
Target version:
-
ruby -v:
ruby 2.3.0dev (2015-07-16 openbsd 51261) [x86_64-openbsd]
Description
This fixes a failure when running on LibreSSL, where an exception
wouldn't be raised if the callback returned a selected protocol
that was too long (more than 255 bytes). Instead, it would silently
truncate the selected protocol by casting the length from int to
unsigned char.
Files
Updated by naruse (Yui NARUSE) over 8 years ago
- Backport changed from 2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: UNKNOWN to 2.0.0: REQUIRED, 2.1: REQUIRED, 2.2: REQUIRED
Updated by naruse (Yui NARUSE) over 8 years ago
- Status changed from Open to Closed
Applied in changeset r52227.
- ext/openssl/ossl_ssl.c (ssl_npn_select_cb): explicitly raise error
in ext/openssl instead of OpenSSL itself because LibreSSL
silently truncate the selected protocol name by casting the length
from int to unsigned char. [Bug #11369]
Patch by Jeremy Evans merch-redmine@jeremyevans.net
Updated by usa (Usaku NAKAMURA) over 8 years ago
- Backport changed from 2.0.0: REQUIRED, 2.1: REQUIRED, 2.2: REQUIRED to 2.0.0: REQUIRED, 2.1: DONE, 2.2: REQUIRED
ruby_2_1 r52356 merged revision(s) 52227,52228.
ruby 2.1 doesn't have alpn_select_cb, so r52228 is not necessary. but I backported a part of it for keep the base of code as same with trunk as possible.
Updated by nagachika (Tomoyuki Chikanaga) over 8 years ago
- Backport changed from 2.0.0: REQUIRED, 2.1: DONE, 2.2: REQUIRED to 2.0.0: REQUIRED, 2.1: DONE, 2.2: DONE
Backported r52227 and (partially) r52228 into ruby_2_2 branch at r52772.
Actions
Like0
Like0Like0Like0Like0