From 95d79ffe36e6ffce71d8425657e198b78982d6ed Mon Sep 17 00:00:00 2001 From: joerg Date: Fri, 25 Apr 2008 19:58:17 +0000 Subject: Fix a potential DOS when using SSL. Bump revision. --- www/lighttpd/distinfo | 4 ++- www/lighttpd/patches/patch-aa | 69 +++++++++++++++++++++++++++++++++++++++++++ www/lighttpd/patches/patch-ac | 22 ++++++++++++++ 3 files changed, 94 insertions(+), 1 deletion(-) create mode 100644 www/lighttpd/patches/patch-aa create mode 100644 www/lighttpd/patches/patch-ac (limited to 'www') diff --git a/www/lighttpd/distinfo b/www/lighttpd/distinfo index 75fdcc9cb17..435f2eae953 100644 --- a/www/lighttpd/distinfo +++ b/www/lighttpd/distinfo @@ -1,6 +1,8 @@ -$NetBSD: distinfo,v 1.13 2008/03/15 10:53:50 joerg Exp $ +$NetBSD: distinfo,v 1.14 2008/04/25 19:58:17 joerg Exp $ SHA1 (lighttpd-1.4.19.tar.gz) = 79e2d61dd9017c3c50c0fe98b2289cae5c1255ee RMD160 (lighttpd-1.4.19.tar.gz) = 7dbe2a22051e18f4037b48ee4811e2c9738d20cf Size (lighttpd-1.4.19.tar.gz) = 815568 bytes +SHA1 (patch-aa) = 4e3a6bf761bc0e0b8b2ff75fbec739d2cad145ab SHA1 (patch-ab) = b02003db1b2ac978846eb0f7be178b91f59fc176 +SHA1 (patch-ac) = eca334f430362b2095727e28b9cc15f757fd440d diff --git a/www/lighttpd/patches/patch-aa b/www/lighttpd/patches/patch-aa new file mode 100644 index 00000000000..1ab9dbad3da --- /dev/null +++ b/www/lighttpd/patches/patch-aa @@ -0,0 +1,69 @@ +$NetBSD: patch-aa,v 1.9 2008/04/25 19:58:17 joerg Exp $ + +From SVN: Fix potential DOS by clearing SSL error queue. + +--- src/connections.c.orig 2008-04-25 18:28:26.000000000 +0200 ++++ src/connections.c +@@ -199,6 +199,7 @@ static int connection_handle_read_ssl(se + + /* don't resize the buffer if we were in SSL_ERROR_WANT_* */ + ++ ERR_clear_error(); + do { + if (!con->ssl_error_want_reuse_buffer) { + b = buffer_init(); +@@ -1668,19 +1669,47 @@ int connection_state_machine(server *srv + } + #ifdef USE_OPENSSL + if (srv_sock->is_ssl) { +- int ret; ++ int ret, ssl_r; ++ unsigned long err; ++ ERR_clear_error(); + switch ((ret = SSL_shutdown(con->ssl))) { + case 1: + /* ok */ + break; + case 0: +- SSL_shutdown(con->ssl); +- break; ++ ERR_clear_error(); ++ if (-1 != (ret = SSL_shutdown(con->ssl))) break; ++ ++ // fall through + default: +- log_error_write(srv, __FILE__, __LINE__, "sds", "SSL:", +- SSL_get_error(con->ssl, ret), +- ERR_error_string(ERR_get_error(), NULL)); +- return -1; ++ ++ switch ((ssl_r = SSL_get_error(con->ssl, ret))) { ++ case SSL_ERROR_WANT_WRITE: ++ case SSL_ERROR_WANT_READ: ++ break; ++ case SSL_ERROR_SYSCALL: ++ /* perhaps we have error waiting in our error-queue */ ++ if (0 != (err = ERR_get_error())) { ++ do { ++ log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:", ++ ssl_r, ret, ++ ERR_error_string(err, NULL)); ++ } while ((err = ERR_get_error())); ++ } else { ++ log_error_write(srv, __FILE__, __LINE__, "sddds", "SSL (error):", ++ ssl_r, r, errno, ++ strerror(errno)); ++ } ++ break; ++ ++ default: ++ while ((err = ERR_get_error())) { ++ log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:", ++ ssl_r, ret, ++ ERR_error_string(err, NULL)); ++ } ++ break; ++ } + } + } + #endif diff --git a/www/lighttpd/patches/patch-ac b/www/lighttpd/patches/patch-ac new file mode 100644 index 00000000000..2f5f47fbde8 --- /dev/null +++ b/www/lighttpd/patches/patch-ac @@ -0,0 +1,22 @@ +$NetBSD: patch-ac,v 1.5 2008/04/25 19:58:17 joerg Exp $ + +From SVN: Fix potential DOS by clearing SSL error queue. + +--- src/network_openssl.c.orig 2008-04-25 18:29:42.000000000 +0200 ++++ src/network_openssl.c +@@ -85,6 +85,7 @@ int network_write_chunkqueue_openssl(ser + * + */ + ++ ERR_clear_error(); + if ((r = SSL_write(ssl, offset, toSend)) <= 0) { + unsigned long err; + +@@ -187,6 +188,7 @@ int network_write_chunkqueue_openssl(ser + + close(ifd); + ++ ERR_clear_error(); + if ((r = SSL_write(ssl, s, toSend)) <= 0) { + unsigned long err; + -- cgit v1.2.3