Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing Error Check in function SSL_CTX_use_certificate() #224

Closed
lc3412 opened this issue Sep 25, 2018 · 2 comments
Closed

Missing Error Check in function SSL_CTX_use_certificate() #224

lc3412 opened this issue Sep 25, 2018 · 2 comments
Assignees
@droe
Labels
bug released
Milestone
0.5.4

Comments

@lc3412
Copy link

lc3412 commented Sep 25, 2018

Function SSL_CTX_use_certificate() returns 1 on success. Otherwise need to check out the error stack to find out the reason. However , the return value of function SSL_CTX_use_certificate() is not checked on line 769. See the following code:

line: 769

sslsplit/pxyconn.c

Lines 769 to 775 in 19a16bd

SSL_CTX_use_certificate(sslctx, crt);
SSL_CTX_use_PrivateKey(sslctx, key);
for (int i = 0; i < sk_X509_num(chain); i++) {
X509 *c = sk_X509_value(chain, i);
ssl_x509_refcount_inc(c); /* next call consumes a reference */
SSL_CTX_add_extra_chain_cert(sslctx, c);
}

==================================================================================

We find the return value of this call been checked in the same file
Such as,
line: 1146

sslsplit/pxyconn.c

Lines 1146 to 1147 in 19a16bd

if (!SSL_CTX_use_certificate(sslctx, ctx->opts->clientcrt))
log_dbg_printf("loading client certificate failed");

Chi Li, Zuxing Gu, Jiecheng Wu
@sonertari
Copy link
Collaborator

Also in ssl.c on line 1269. SSL_CTX_use_certificate() is declared with __warn_unused_result__ attribute, but interestingly compilers do not give any warning.

@droe droe self-assigned this Sep 25, 2018
droe added a commit that referenced this issue Sep 25, 2018
@droe
Improve error handling for cert and key loading
71edc9f 
Issue:		#224 #225
@droe droe added this to the 0.5.4 milestone Sep 25, 2018
@droe
Copy link
Owner

droe commented Sep 25, 2018

Thank you for reporting this issue.

@droe droe closed this as completed Sep 25, 2018
@rbk0 rbk0 mentioned this issue Feb 7, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@droe droe

Labels
bug released
Projects
None yet
Milestone
0.5.4
Development

No branches or pull requests
3 participants
@droe @sonertari @lc3412