Leif Hedstrom created TS-2843:
---------------------------------
Summary: Buffer overflow in SSL error messages
Key: TS-2843
URL: https://issues.apache.org/jira/browse/TS-2843
Project: Traffic Server
Issue Type: Bug
Components: SSL
Reporter: Leif Hedstrom
With a bad TLS config, I was getting the following errors, which looks like
it's reading buffers beyond "EOL".
{code}
May 24 22:31:55 ats-int traffic_server[12696]: {0x2b89afcc6900} ERROR:
<SSLUtils.cc:971 (SSLInitServerContext)>
SSL::47870359922944:error:06065064:digital envelope
routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:596���
May 24 22:31:55 ats-int traffic_server[12696]: {0x2b89afcc6900} ERROR:
<SSLUtils.cc:971 (SSLInitServerContext)> SSL::47870359922944:error:0906A065:PEM
routines:PEM_do_header:bad decrypt:pem_lib.c:483���
May 24 22:31:55 ats-int traffic_server[12696]: {0x2b89afcc6900} ERROR:
<SSLUtils.cc:971 (SSLInitServerContext)> SSL::47870359922944:error:140B0009:SSL
routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:669���
{code}
--
This message was sent by Atlassian JIRA
(v6.2#6252)
