Package: libssl1.0.0 Version: 1.0.1e-1 Severity: important Tags: patch upstream
SSL_get_certificate results in a segfault when called before SSL_accept. Attached you find sample code that triggres the problem. In in the upstream openssl git repository this problem is already fixed with commit 147dbb2fe3bead7a10e2f280261b661ce7af7adc in the OpenSSL_1_0_1-stable branch (patch also attached). -- System Information: Debian Release: 7.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.8.0 (SMP w/12 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages libssl1.0.0 depends on: ii debconf [debconf-2.0] 1.5.49 ii libc6 2.13-38 ii multiarch-support 2.13-38 ii zlib1g 1:1.2.7.dfsg-13 libssl1.0.0 recommends no packages. libssl1.0.0 suggests no packages. -- debconf information: libssl1.0.0/restart-failed: libssl1.0.0/restart-services:
commit 147dbb2fe3bead7a10e2f280261b661ce7af7adc Author: Dr. Stephen Henson <st...@openssl.org> Date: Mon Feb 11 18:24:03 2013 +0000 Fix for SSL_get_certificate Now we set the current certificate to the one used by a server there is no need to call ssl_get_server_send_cert which will fail if we haven't sent a certificate yet. diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 14d143d..ff5a85a 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -2792,9 +2792,7 @@ void ssl_clear_cipher_ctx(SSL *s) /* Fix this function so that it takes an optional type parameter */ X509 *SSL_get_certificate(const SSL *s) { - if (s->server) - return(ssl_get_server_send_cert(s)); - else if (s->cert != NULL) + if (s->cert != NULL) return(s->cert->key->x509); else return(NULL);
/* compile: gcc -o ssl_test -lssl -g ssl_test.c -Wall */ #include <stdio.h> #include <openssl/ssl.h> #include <openssl/err.h> #define SERVER_KEY "server.key" #define SERVER_CRT "server.crt" #define RETURN_IF_ERROR(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(1); } int main(void){ X509* server_cert = NULL; SSL *ssl = NULL; SSL_CTX * ctx = NULL; SSL_library_init(); ctx = SSL_CTX_new(SSLv23_server_method()); if (ctx == NULL) { printf("SSL_CTX_new failed\n"); return 1; } SSL_CTX_set_options(ctx, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS|SSL_OP_TLS_BLOCK_PADDING_BUG|SSL_OP_NO_SSLv2); RETURN_IF_ERROR(SSL_CTX_use_RSAPrivateKey_file(ctx, SERVER_KEY, SSL_FILETYPE_PEM)) RETURN_IF_ERROR(SSL_CTX_use_certificate_file(ctx, SERVER_CRT, SSL_FILETYPE_PEM)) ssl = SSL_new(ctx); if (ssl == NULL) { printf("SSL_new failed\n"); return 1; } //-> SEGFAULT server_cert = SSL_get_certificate(ssl); if (server_cert == NULL) { printf("tls_connect: tls_get_certificate failed to return the server certificate.\n"); return 1; } SSL_free(ssl); SSL_CTX_free(ctx); return 0; }