On 12.05.2015 18:29, Eckert, Doug wrote: > With that in mind, I compiled stunnel v5.03 with same OpenSSL 1.0.1.513 > and iFix IV71446m9a applied as with the v5.17 attempt. I'm able to > create sessions with no problem. The internal error/bad magic does not > occur.
Additional security checks to the OpenSSL memory management functions were introduced in stunnel 5.09. The enclosed patch disables them in the latest stunnel 5.17. Mike
--- tls.c.orig 2015-05-12 21:30:56.109277103 +0200
+++ tls.c 2015-05-12 21:32:04.813322506 +0200
@@ -41,7 +41,9 @@
volatile int tls_initialized=0;
NOEXPORT void tls_platform_init();
+#if 0
NOEXPORT void free_function(void *);
+#endif
/**************************************** thread local storage */
@@ -50,8 +52,10 @@
tls_platform_init();
tls_initialized=1;
ui_tls=tls_alloc(NULL, NULL, "ui");
+#if 0
CRYPTO_set_mem_ex_functions(str_alloc_detached_debug,
str_realloc_debug, free_function);
+#endif
}
/* this has to be the first function called by a new thread */
@@ -177,9 +181,11 @@
/**************************************** OpenSSL allocator hook */
+#if 0
NOEXPORT void free_function(void *ptr) {
/* CRYPTO_set_mem_ex_functions() needs a function rather than a macro */
str_free(ptr);
}
+#endif
/* end of tls.c */
signature.asc
Description: OpenPGP digital signature
_______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
