Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix HTTPS proxy regressions caused by the MultiSSL patches #1871

Closed
wants to merge 3 commits into from
Closed

Fix HTTPS proxy regressions caused by the MultiSSL patches #1871

wants to merge 3 commits into from

Commits on Sep 6, 2017

  1. vtls: fix memory corruption 

    Ever since 70f1db3 (vtls: encapsulate SSL backend-specific data,
2017-07-28), the code handling HTTPS proxies was broken because the
pointer to the SSL backend data was not swapped between
conn->ssl[sockindex] and conn->proxy_ssl[sockindex] as intended, but
instead set to NULL (causing segmentation faults).

[jes: provided the commit message, tested and verified the patch]

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
    @jay @dscho
    jay authored and dscho committed Sep 6, 2017
    Configuration menu
    Copy the full SHA
    6de62c3 View commit details
    Browse the repository at this point in the history

  2. OpenSSL: fix erroneous SSL backend encapsulation 

    In d65e6cc (vtls: prepare the SSL backends for encapsulated private
data, 2017-06-21), this developer prepared for a separation of the
private data of the SSL backends from the general connection data.

This conversion was partially automated (search-and-replace) and
partially manual (e.g. proxy_ssl's backend data).

Sadly, there was a crucial error in the manual part, where the wrong
handle was used: rather than connecting ssl[sockindex]' BIO to the
proxy_ssl[sockindex]', we reconnected proxy_ssl[sockindex]. The reason
was an incorrect location to paste "BACKEND->"... d'oh.

Reported by Jay Satiro in curl#1855.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
    @dscho
    dscho committed Sep 6, 2017
    Configuration menu
    Copy the full SHA
    ba37014 View commit details
    Browse the repository at this point in the history

  3. OpenSSL: fix yet another mistake while encapsulating SSL backend data 

    Another mistake in my manual fixups of the largely mechanical
search-and-replace ("connssl->" -> "BACKEND->"), just like the previous
commit concerning HTTPS proxies (and hence not caught during my
earlier testing).

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
    @dscho
    dscho committed Sep 6, 2017
    Configuration menu
    Copy the full SHA
    281b30c View commit details
    Browse the repository at this point in the history