Project

General

Profile

Actions
Copy link

Bug #11810

closed

[PATCH] OpenSSL::SSL::SSLcontext#{alpn,npn}_select_cb= does not work properly

Added by rhenium (Kazuki Yamaguchi) over 8 years ago. Updated over 7 years ago.

Status:
Closed
Assignee:
-
Target version:
-
ruby -v:
ruby 2.3.0dev (2015-12-13 trunk 53061) [x86_64-linux]
Backport:
2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: DONE
[ruby-core:72082]

Description

The protocol list passed to the callback function (set by SSL_CTX_set_alpn_select_cb, SSL_CTX_set_next_proto_select_cb) is not null-terminated string.
This issue seems to have been existing since first NPN was supported (r36871).

This patch also removes the code checking the length of protocol name, because it is already validated by OpenSSL.

Files

0001-ext-openssl-ossl_ssl.c-ssl_npn_select_cb_common-fix-.patch (1.27 KB) 0001-ext-openssl-ossl_ssl.c-ssl_npn_select_cb_common-fix-.patch rhenium (Kazuki Yamaguchi), 12/12/2015 05:09 PM
Actions
Copy link
 #1

Updated by naruse (Yui NARUSE) over 8 years ago

  • Status changed from Open to Closed

Applied in changeset r53064.

  • ext/openssl/ossl_ssl.c (ssl_npn_select_cb_common): fix parsing
    protocol list.
    The protocol list from OpenSSL is not null-terminated.
    patched by Kazuki Yamaguchi [Bug #11810] [ruby-core:72082]
Actions
Copy link
 #2 [ruby-core:78146]

Updated by usa (Usaku NAKAMURA) over 7 years ago

  • Backport changed from 2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: UNKNOWN to 2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: DONE

ruby_2_2 r56798 merged revision(s) 53064.

Actions
Copy link

Also available in: Atom PDF

Like0
Like0Like0