This patch might be the fix for this issue. This is commit eac93901e7 in the
upstream kopanocore repo. I'll test and report back the results.
>From eac93901e73cc52d37fb4494c5711bc68dc32e60 Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jeng...@inai.de>
Date: Thu, 7 Mar 2019 22:35:37 +0100
Subject: [PATCH] server: check for NULL SSL context before calling
soap_ssl_error
There may be a time where soap->ssl is NULL (like, when initializing
the context failed?), but soap_ssl_error from gsoap-2.8.80 does not
test for this condition.
References: KC-1422, KC-1437
---
provider/server/ECSoapServerConnection.cpp | 4 ++--
provider/server/ECThreadManager.cpp | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/provider/server/ECSoapServerConnection.cpp b/provider/server/ECSoapServerConnection.cpp
index c2a5925b0..a02692183 100644
--- a/provider/server/ECSoapServerConnection.cpp
+++ b/provider/server/ECSoapServerConnection.cpp
@@ -268,13 +268,13 @@ ECRESULT ECSoapServerConnection::ListenSSL(const char *lpServerName,
"EC") // unique name for SSL session cache
)
{
soap_set_fault(lpsSoap.get());
#if GSOAP_VERSION >= 20873
- auto se = soap_ssl_error(lpsSoap.get(), 0, SSL_ERROR_NONE);
+ auto se = lpsSoap->ssl != nullptr ? soap_ssl_error(lpsSoap.get(), 0, SSL_ERROR_NONE) : 0;
#else
- auto se = soap_ssl_error(lpsSoap.get(), 0);
+ auto se = lpsSoap->ssl != nullptr ? soap_ssl_error(lpsSoap.get(), 0) : 0;
#endif
ec_log_crit("K-2170: Unable to setup SSL context: soap_ssl_server_context: %s: %s", *soap_faultdetail(lpsSoap.get()), se);
return KCERR_CALL_FAILED;
}
auto er = kc_ssl_options(lpsSoap.get(), server_ssl_protocols.get(), server_ssl_ciphers, pref_ciphers, server_ssl_curves);
diff --git a/provider/server/ECThreadManager.cpp b/provider/server/ECThreadManager.cpp
index bf04aa32a..79dd05abb 100644
--- a/provider/server/ECThreadManager.cpp
+++ b/provider/server/ECThreadManager.cpp
@@ -125,13 +125,13 @@ void WORKITEM::run()
// For SSL connections, we first must do the handshake and pass it back to the queue
if (soap->ctx && soap->ssl == nullptr) {
err = soap_ssl_accept(soap);
if (err) {
#if GSOAP_VERSION >= 20873
- auto se = soap_ssl_error(soap, 0, SSL_ERROR_NONE);
+ auto se = soap->ssl != nullptr ? soap_ssl_error(soap, 0, SSL_ERROR_NONE) : 0;
#else
- auto se = soap_ssl_error(soap, 0);
+ auto se = soap->ssl != nullptr ? soap_ssl_error(soap, 0) : 0;
#endif
ec_log_warn("K-2171: soap_ssl_accept: %s: %s", *soap_faultdetail(soap), se);
ec_log_debug("%s: %s", GetSoapError(err).c_str(), *soap_faultstring(soap));
}
} else {
--
2.20.1