The branch master has been updated via 606c79e29bbc26c27c3b85cc52fe7d72051184de (commit) from a497a90213b50c499f2a385e63e1fa6e13ef283a (commit)
- Log ----------------------------------------------------------------- commit 606c79e29bbc26c27c3b85cc52fe7d72051184de Author: Dr. David von Oheimb <david.von.ohe...@siemens.com> Date: Thu Nov 18 20:43:06 2021 +0100 HTTP client: Work around the 'gets' method not being supported by SSL BIOs It turned out that loading non-ASN.1 contents using the HTTP client fails over TLS because SSL BIOs do not support the gets method. This PR provides a workaround by using the less efficient BIO_get_line() function in case BIO_gets() returns -2, which means that it is not supported by the BIO. Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17317) ----------------------------------------------------------------------- Summary of changes: crypto/http/http_client.c | 23 ++++++++++++++++------- 1 file changed, 16 insertions(+), 7 deletions(-) diff --git a/crypto/http/http_client.c b/crypto/http/http_client.c index b4d42f2eb0..ef0114240b 100644 --- a/crypto/http/http_client.c +++ b/crypto/http/http_client.c @@ -488,7 +488,7 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx) long n; size_t resp_len; const unsigned char *p; - char *key, *value, *line_end = NULL; + char *buf, *key, *value, *line_end = NULL; if (rctx == NULL) { ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER); @@ -501,11 +501,20 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx) rctx->redirection_url = NULL; next_io: + buf = (char *)rctx->buf; if ((rctx->state & OHS_NOREAD) == 0) { - if (rctx->expect_asn1) + if (rctx->expect_asn1) { n = BIO_read(rctx->rbio, rctx->buf, rctx->buf_size); - else - n = BIO_gets(rctx->rbio, (char *)rctx->buf, rctx->buf_size); + } else { + (void)ERR_set_mark(); + n = BIO_gets(rctx->rbio, buf, rctx->buf_size); + if (n == -2) { /* some BIOs, such as SSL, do not support "gets" */ + (void)ERR_pop_to_mark(); + n = BIO_get_line(rctx->rbio, buf, rctx->buf_size); + } else { + (void)ERR_clear_last_mark(); + } + } if (n <= 0) { if (BIO_should_retry(rctx->rbio)) return -1; @@ -606,7 +615,7 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx) } goto next_io; } - n = BIO_gets(rctx->mem, (char *)rctx->buf, rctx->buf_size); + n = BIO_gets(rctx->mem, buf, rctx->buf_size); if (n <= 0) { if (BIO_should_retry(rctx->mem)) @@ -624,7 +633,7 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx) /* First line */ if (rctx->state == OHS_FIRSTLINE) { - switch (parse_http_line1((char *)rctx->buf, &found_keep_alive)) { + switch (parse_http_line1(buf, &found_keep_alive)) { case HTTP_STATUS_CODE_OK: rctx->state = OHS_HEADERS; goto next_line; @@ -642,7 +651,7 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx) goto next_line; } } - key = (char *)rctx->buf; + key = buf; value = strchr(key, ':'); if (value != NULL) { *(value++) = '\0';