New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
server segfault when using session_secret_cb (hostapd eap-fast) #24213
Labels
branch: master
Merge to master branch
branch: 3.2
Merge to openssl-3.2
branch: 3.3
Merge to openssl-3.3
severity: important
Important bugs affecting a released version
severity: regression
The issue/pr is a regression from previous released version
triaged: bug
The issue/pr is/fixes a bug
Comments
t8m
added
branch: master
Merge to master branch
triaged: bug
The issue/pr is/fixes a bug
severity: important
Important bugs affecting a released version
severity: regression
The issue/pr is a regression from previous released version
branch: 3.2
Merge to openssl-3.2
branch: 3.3
Merge to openssl-3.3
and removed
issue: bug report
The issue was opened to report a bug
labels
Apr 22, 2024
Mat to investigate root cause of this issue |
I have managed to write a test case that reproduces this. Investigating. |
mattcaswell
added a commit
to mattcaswell/openssl
that referenced
this issue
Apr 30, 2024
Setting the server sig algs sets up the certificate "s3->tmp.valid_flags". These are needed when calling ssl3_choose_cipher() which can happen immediately after calling the session_secret_cb Fixes openssl#24213
Fix for this in #24309 |
openssl-machine
pushed a commit
that referenced
this issue
May 6, 2024
Setting the server sig algs sets up the certificate "s3->tmp.valid_flags". These are needed when calling ssl3_choose_cipher() which can happen immediately after calling the session_secret_cb Fixes #24213 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #24309) (cherry picked from commit 91c7ab2)
openssl-machine
pushed a commit
that referenced
this issue
May 6, 2024
Setting the server sig algs sets up the certificate "s3->tmp.valid_flags". These are needed when calling ssl3_choose_cipher() which can happen immediately after calling the session_secret_cb Fixes #24213 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #24309) (cherry picked from commit 91c7ab2)
Sashan
pushed a commit
to Sashan/openssl
that referenced
this issue
May 6, 2024
Setting the server sig algs sets up the certificate "s3->tmp.valid_flags". These are needed when calling ssl3_choose_cipher() which can happen immediately after calling the session_secret_cb Fixes openssl#24213 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#24309)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
branch: master
Merge to master branch
branch: 3.2
Merge to openssl-3.2
branch: 3.3
Merge to openssl-3.3
severity: important
Important bugs affecting a released version
severity: regression
The issue/pr is a regression from previous released version
triaged: bug
The issue/pr is/fixes a bug
When using openssl 3.2.1 with the hostapd application, a segfault is thrown when an EAP-FAST station (client) associates.
Segmentation fault occurs at line 3325 of <ssl/t1_lib.c>, tls1_check_chain() when trying to access *pvalid.
The root cause appears to be that the SSL_CONNECTION valid_flags have not been allocated in this instance.
The issue occurs after the session_secret_cb processing in tls_early_post_process_client_hello():<ssl/statem/statem_srvr.c>,
during the call to ssl3_choose_cipher().
Adding code to allocate the valid_flags prior to calling session_secret_cb() does prevent the segfault.
The issue does not occur with openssl-3.1.4 as valid_flags[] was a fixed length array (was not allocated).
The text was updated successfully, but these errors were encountered: