Date: Sun, 13 Apr 2014 10:09:36 +0200 (CEST) From: Christian Kratzer <ck-lists@cksoft.de> To: freebsd-security@freebsd.org Cc: Christian Kratzer <ck@cksoft.de> Subject: OpenSSL followup SSL_MODE_RELEASE_BUFFERS Message-ID: <alpine.BSF.2.00.1404130957330.17735@pohjola.cksoft.de>
next in thread | raw e-mail | index | archive | help
Hi,
apparentyly openbsd has more or less silently fixed an older openssl issue that has been stuck in the openssl bug tracker:
The openbsd patch:
http://www.openbsd.org/errata55.html#004_openssl
http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig
The original issue:
http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse
Here is the openssl bug:
http://rt.openssl.org/Ticket/Display.html?id=2167
The patch;
diff -u -p -u -r1.20 -r1.20.4.1
--- lib/libssl/src/ssl/s3_pkt.c 27 Feb 2014 21:04:57 -0000 1.20
+++ lib/libssl/src/ssl/s3_pkt.c 12 Apr 2014 17:01:14 -0000 1.20.4.1
@@ -1054,7 +1054,7 @@ start:
{
s->rstate=SSL_ST_READ_HEADER;
rr->off=0;
- if (s->mode & SSL_MODE_RELEASE_BUFFERS)
+ if (s->mode & SSL_MODE_RELEASE_BUFFERS && s->s3->rbuf.left == 0)
ssl3_release_read_buffer(s);
}
}
Can somebody rattle openssl upstream to get them to comment on this ?
Should freebsd roll out a patch ?
Greetings
Christian
--
Christian Kratzer CK Software GmbH
Email: ck@cksoft.de Wildberger Weg 24/2
Phone: +49 7032 893 997 - 0 D-71126 Gaeufelden
Fax: +49 7032 893 997 - 9 HRB 245288, Amtsgericht Stuttgart
Mobile: +49 171 1947 843 Geschaeftsfuehrer: Christian Kratzer
Web: http://www.cksoft.de/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.1404130957330.17735>