Frédéric Lécaille | 9b53b4c | 2018-06-20 07:26:44 +0200 | [diff] [blame] | 1 | # commit 28962c9 |
| 2 | # BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot |
| 3 | # |
| 4 | # We never saw unexplicated crash with SSL, so I suppose that we are |
| 5 | # luck, or the slot 0 is always reserved. Anyway the usage of the macro |
| 6 | # SSL_get_app_data() and SSL_set_app_data() seem wrong. This patch change |
| 7 | # the deprecated functions SSL_get_app_data() and SSL_set_app_data() |
| 8 | # by the new functions SSL_get_ex_data() and SSL_set_ex_data(), and |
| 9 | # it reserves the slot in the SSL memory space. |
| 10 | # |
| 11 | # For information, this is the two declaration which seems wrong or |
| 12 | # incomplete in the OpenSSL ssl.h file. We can see the usage of the |
| 13 | # slot 0 whoch is hardcoded, but never reserved. |
| 14 | # |
| 15 | # #define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)arg)) |
| 16 | # #define SSL_get_app_data(s) (SSL_get_ex_data(s,0)) |
| 17 | |
Frédéric Lécaille | dc1a3bd | 2019-03-29 15:07:24 +0100 | [diff] [blame] | 18 | #REGTEST_TYPE=bug |
Frédéric Lécaille | 9b53b4c | 2018-06-20 07:26:44 +0200 | [diff] [blame] | 19 | |
| 20 | varnishtest "OpenSSL bug: Random crashes" |
Ilya Shipitsin | 9ab3138 | 2019-04-17 12:19:56 +0500 | [diff] [blame] | 21 | #REQUIRE_OPTIONS=OPENSSL |
Frédéric Lécaille | 9b53b4c | 2018-06-20 07:26:44 +0200 | [diff] [blame] | 22 | feature ignore_unknown_macro |
| 23 | |
| 24 | |
| 25 | haproxy h1 -conf { |
| 26 | global |
| 27 | tune.ssl.default-dh-param 2048 |
| 28 | tune.ssl.capture-cipherlist-size 1 |
| 29 | |
| 30 | listen frt |
| 31 | mode http |
| 32 | bind "fd@${frt}" ssl crt ${testdir}/common.pem |
| 33 | http-request redirect location / |
| 34 | } -start |
| 35 | |
Frédéric Lécaille | 49076c3 | 2018-07-12 10:48:06 +0200 | [diff] [blame] | 36 | shell { |
| 37 | HOST=${h1_frt_addr} |
| 38 | if [ "${h1_frt_addr}" = "::1" ] ; then |
Frédéric Lécaille | faf4aac | 2018-07-13 10:44:12 +0200 | [diff] [blame] | 39 | HOST="\[::1\]" |
Frédéric Lécaille | 49076c3 | 2018-07-12 10:48:06 +0200 | [diff] [blame] | 40 | fi |
| 41 | for i in 1 2 3 4 5; do |
| 42 | curl -i -k https://$HOST:${h1_frt_port} & pids="$pids $!" |
| 43 | done |
| 44 | wait $pids |
| 45 | } |