diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-04-21 13:28:00 +0200 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2021-04-22 20:39:00 +0200 |
commit | ef203432f7b551382216e9aa7de00039e6d45ac0 (patch) | |
tree | 29a89425afc407737375cc58858cc200b35f1968 /apps | |
parent | 078fa35c7bd7e7392b07e032297a341fef695c42 (diff) |
apps/cmp.c and APP_HTTP_TLS_INFO: Fix use-after-free and add proper free() function
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14971)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/cmp.c | 10 | ||||
-rw-r--r-- | apps/include/apps.h | 1 | ||||
-rw-r--r-- | apps/lib/apps.c | 19 |
3 files changed, 16 insertions, 14 deletions
diff --git a/apps/cmp.c b/apps/cmp.c index da28c3215e..1fbf10c4a4 100644 --- a/apps/cmp.c +++ b/apps/cmp.c @@ -2851,15 +2851,7 @@ int cmp_main(int argc, char **argv) OSSL_CMP_CTX_print_errors(cmp_ctx); ossl_cmp_mock_srv_free(OSSL_CMP_CTX_get_transfer_cb_arg(cmp_ctx)); - { - APP_HTTP_TLS_INFO *http_tls_info = - OSSL_CMP_CTX_get_http_cb_arg(cmp_ctx); - - if (http_tls_info != NULL) { - SSL_CTX_free(http_tls_info->ssl_ctx); - OPENSSL_free(http_tls_info); - } - } + APP_HTTP_TLS_INFO_free(OSSL_CMP_CTX_get_http_cb_arg(cmp_ctx)); X509_STORE_free(OSSL_CMP_CTX_get_certConf_cb_arg(cmp_ctx)); OSSL_CMP_CTX_free(cmp_ctx); X509_VERIFY_PARAM_free(vpm); diff --git a/apps/include/apps.h b/apps/include/apps.h index 2709b0ccaf..2d102246f8 100644 --- a/apps/include/apps.h +++ b/apps/include/apps.h @@ -271,6 +271,7 @@ typedef struct app_http_tls_info_st { } APP_HTTP_TLS_INFO; BIO *app_http_tls_cb(BIO *hbio, /* APP_HTTP_TLS_INFO */ void *arg, int connect, int detail); +void APP_HTTP_TLS_INFO_free(APP_HTTP_TLS_INFO *info); # ifndef OPENSSL_NO_SOCK ASN1_VALUE *app_http_get_asn1(const char *url, const char *proxy, const char *no_proxy, SSL_CTX *ssl_ctx, diff --git a/apps/lib/apps.c b/apps/lib/apps.c index 7eadf5a4b5..e39e7cd061 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -2392,12 +2392,12 @@ static const char *tls_error_hint(void) /* HTTP callback function that supports TLS connection also via HTTPS proxy */ BIO *app_http_tls_cb(BIO *hbio, void *arg, int connect, int detail) { - APP_HTTP_TLS_INFO *info = (APP_HTTP_TLS_INFO *)arg; - SSL_CTX *ssl_ctx = info->ssl_ctx; - SSL *ssl; - BIO *sbio = NULL; - if (connect && detail) { /* connecting with TLS */ + APP_HTTP_TLS_INFO *info = (APP_HTTP_TLS_INFO *)arg; + SSL_CTX *ssl_ctx = info->ssl_ctx; + SSL *ssl; + BIO *sbio = NULL; + if ((info->use_proxy && !OSSL_HTTP_proxy_connect(hbio, info->server, info->port, NULL, NULL, /* no proxy credentials */ @@ -2418,6 +2418,7 @@ BIO *app_http_tls_cb(BIO *hbio, void *arg, int connect, int detail) hbio = BIO_push(sbio, hbio); } else if (!connect && !detail) { /* disconnecting after error */ const char *hint = tls_error_hint(); + if (hint != NULL) ERR_add_error_data(2, " : ", hint); /* @@ -2428,6 +2429,14 @@ BIO *app_http_tls_cb(BIO *hbio, void *arg, int connect, int detail) return hbio; } +void APP_HTTP_TLS_INFO_free(APP_HTTP_TLS_INFO *info) +{ + if (info != NULL) { + SSL_CTX_free(info->ssl_ctx); + OPENSSL_free(info); + } +} + ASN1_VALUE *app_http_get_asn1(const char *url, const char *proxy, const char *no_proxy, SSL_CTX *ssl_ctx, const STACK_OF(CONF_VALUE) *headers, |