mirror of
https://git.haproxy.org/git/haproxy.git/
synced 2025-08-07 07:37:02 +02:00
BUG/MEDIUM: ssl: segfault when cipher is NULL
The patch which fixes the certificate selection uses
SSL_CIPHER_get_id() to skip the SCSV ciphers without checking if cipher
is NULL. This patch fixes the issue by skipping any NULL cipher in the
iteration.
Problem was reported in #2329.
Need to be backported where 23093c72f1
was
backported. No release was made with this patch so the severity is
MEDIUM.
This commit is contained in:
parent
47ed1181f2
commit
e7bae7a0b6
@ -2506,13 +2506,16 @@ int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *arg)
|
||||
#else
|
||||
cipher = SSL_CIPHER_find(ssl, cipher_suites);
|
||||
#endif
|
||||
if (!cipher)
|
||||
continue;
|
||||
|
||||
cipher_id = SSL_CIPHER_get_id(cipher);
|
||||
/* skip the SCSV "fake" signaling ciphersuites because they are NID_auth_any (RFC 7507) */
|
||||
if (cipher_id == SSL3_CK_SCSV || cipher_id == SSL3_CK_FALLBACK_SCSV)
|
||||
continue;
|
||||
|
||||
if (cipher && ( SSL_CIPHER_get_auth_nid(cipher) == NID_auth_ecdsa
|
||||
|| SSL_CIPHER_get_auth_nid(cipher) == NID_auth_any)) {
|
||||
if (SSL_CIPHER_get_auth_nid(cipher) == NID_auth_ecdsa
|
||||
|| SSL_CIPHER_get_auth_nid(cipher) == NID_auth_any) {
|
||||
has_ecdsa_sig = 1;
|
||||
break;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user