Author: kotkov Date: Tue Jun 28 09:36:08 2022 New Revision: 1902304 URL: http://svn.apache.org/viewvc?rev=1902304&view=rev Log: Fix the return value for unknown controls in the BIO control functions.
According to the BIO_ctrl() manual page [1]: [[[ Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl() operation. ]]] OpenSSL 3.0 adds support for Kernel TLS and uses new controls to determine if KTLS is used for sending or receiving: 1) BIO_get_ktls_send() 2) BIO_get_ktls_recv() These controls return 1 if KTLS is used and 0 if not [2]. As a result, OpenSSL believed that serf BIOs support KTLS and thus handle TLS header insertion and encryption/decryption in the BIO layer, breaking the use of HTTPS. This bug was observed in FreeBSD [3]. [1] https://www.openssl.org/docs/manmaster/man3/BIO_ctrl.html#NOTES [2] https://www.openssl.org/docs/manmaster/man3/BIO_ctrl.html#RETURN-VALUES [3] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253135 Patch by: Denis Kovalchuk <denis.kovalchuk{_AT_}visualsvn.com> * buckets/ssl_buckets.c (bio_bucket_ctrl, bio_file_ctrl): Return 0 for unknown controls. * test/MockHTTPinC/MockHTTP_server.c (bio_apr_socket_ctrl): Return 0 for unknown controls. Modified: serf/trunk/buckets/ssl_buckets.c serf/trunk/test/MockHTTPinC/MockHTTP_server.c Modified: serf/trunk/buckets/ssl_buckets.c URL: http://svn.apache.org/viewvc/serf/trunk/buckets/ssl_buckets.c?rev=1902304&r1=1902303&r2=1902304&view=diff ============================================================================== --- serf/trunk/buckets/ssl_buckets.c (original) +++ serf/trunk/buckets/ssl_buckets.c Tue Jun 28 09:36:08 2022 @@ -524,7 +524,7 @@ static long bio_bucket_ctrl(BIO *bio, in return ctx->hit_eof; default: /* abort(); */ - return 1; + return 0; } } @@ -546,7 +546,7 @@ static long bio_file_ctrl(BIO *bio, int return 0; default: /* abort(); */ - return 1; + return 0; } } Modified: serf/trunk/test/MockHTTPinC/MockHTTP_server.c URL: http://svn.apache.org/viewvc/serf/trunk/test/MockHTTPinC/MockHTTP_server.c?rev=1902304&r1=1902303&r2=1902304&view=diff ============================================================================== --- serf/trunk/test/MockHTTPinC/MockHTTP_server.c (original) +++ serf/trunk/test/MockHTTPinC/MockHTTP_server.c Tue Jun 28 09:36:08 2022 @@ -2339,7 +2339,7 @@ static long bio_apr_socket_ctrl(BIO *bio return ssl_ctx->hit_eof; default: /* abort(); */ - return 1; + return 0; } }
