| Frédéric Lécaille | 9b53b4c | 2018-06-20 07:26:44 +0200 | [diff] [blame] | 1 | # commit 28962c9 |
| 2 | # BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot |
| 3 | # |
| 4 | # We never saw unexplicated crash with SSL, so I suppose that we are |
| 5 | # luck, or the slot 0 is always reserved. Anyway the usage of the macro |
| 6 | # SSL_get_app_data() and SSL_set_app_data() seem wrong. This patch change |
| 7 | # the deprecated functions SSL_get_app_data() and SSL_set_app_data() |
| 8 | # by the new functions SSL_get_ex_data() and SSL_set_ex_data(), and |
| 9 | # it reserves the slot in the SSL memory space. |
| 10 | # |
| 11 | # For information, this is the two declaration which seems wrong or |
| 12 | # incomplete in the OpenSSL ssl.h file. We can see the usage of the |
| 13 | # slot 0 whoch is hardcoded, but never reserved. |
| 14 | # |
| 15 | # #define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)arg)) |
| 16 | # #define SSL_get_app_data(s) (SSL_get_ex_data(s,0)) |
| 17 | |
| 18 | |
| 19 | varnishtest "OpenSSL bug: Random crashes" |
| 20 | feature ignore_unknown_macro |
| 21 | |
| 22 | |
| 23 | haproxy h1 -conf { |
| 24 | global |
| 25 | tune.ssl.default-dh-param 2048 |
| 26 | tune.ssl.capture-cipherlist-size 1 |
| 27 | |
| 28 | listen frt |
| 29 | mode http |
| 30 | bind "fd@${frt}" ssl crt ${testdir}/common.pem |
| 31 | http-request redirect location / |
| 32 | } -start |
| 33 | |
| Frédéric Lécaille | 49076c3 | 2018-07-12 10:48:06 +0200 | [diff] [blame] | 34 | shell { |
| 35 | HOST=${h1_frt_addr} |
| 36 | if [ "${h1_frt_addr}" = "::1" ] ; then |
| Frédéric Lécaille | faf4aac | 2018-07-13 10:44:12 +0200 | [diff] [blame] | 37 | HOST="\[::1\]" |
| Frédéric Lécaille | 49076c3 | 2018-07-12 10:48:06 +0200 | [diff] [blame] | 38 | fi |
| 39 | for i in 1 2 3 4 5; do |
| 40 | curl -i -k https://$HOST:${h1_frt_port} & pids="$pids $!" |
| 41 | done |
| 42 | wait $pids |
| 43 | } |