On Mon, Oct 20, 2014 at 11:10:51AM +0200, Frank Schmirler via RT wrote: > On Fri, 17 Oct 2014 21:17:49 +0200, The default queue via RT wrote > > On Thu, 16 Oct 2014 16:33:28 +0200, Frank Schmirler wrote > > > I get the following segfault when trying to send an SSLv3 request to > > > the reverse proxy "pound", running on openssl-1.0.1j with SSLv2/3 > > > disabled: > > > > > > Program received signal SIGSEGV, Segmentation fault. > > > 0xb77498fa in ssl_ctrl (b=0xb7001010, cmd=1, num=0, ptr=0x0) at > > > bio_ssl.c:312 > > > 312 if (ssl->handshake_func == > > > ssl->method->ssl_connect) > > > > Problem is that ssl23_get_server_method(SSL3_VERSION) returns NULL when > > compiled with "no-ssl3", setting ssl->method to NULL. The attached > > patch adds a define to ssl23_get_client_hello(...) to treat the "no- > > ssl3" just like the "SSL_OP_NO_SSLv3" flag. > > The same problem will also occur in an SSLv2 style handshake. Find attached an > extended patch. Works without problems now.
Can you try the attached patch instead? Kurt
diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c index 93ca7d5..de909b1 100644 --- a/ssl/s23_srvr.c +++ b/ssl/s23_srvr.c @@ -602,12 +602,14 @@ int ssl23_get_client_hello(SSL *s) if ((type == 2) || (type == 3)) { /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */ - s->method = ssl23_get_server_method(s->version); - if (s->method == NULL) + const SSL_METHOD *new_method; + new_method = ssl23_get_server_method(s->version); + if (new_method == NULL) { SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); goto err; } + s->method = new_method; if (!ssl_init_wbio_buffer(s,1)) goto err;