diff options
| author | Ilya Maximets <i.maximets@samsung.com> | 2019-06-25 17:28:02 +0300 |
|---|---|---|
| committer | Ilya Maximets <i.maximets@samsung.com> | 2019-06-28 12:26:32 +0300 |
| commit | d5d0c94551b619c865acfc3e6ba39089e9b7b2a1 (patch) | |
| tree | 9c19ff2cc19cd39a63b55f3f9107d7481e95f5fb /lib/stream-ssl.c | |
| parent | 730b34859f5a9ac8e7147a096815e52571edcc04 (diff) | |
| download | openvswitch-d5d0c94551b619c865acfc3e6ba39089e9b7b2a1.tar.gz | |
stream-ssl: Fix crash on NULL private key and valid certificate.
Running ovsdb-server with empty private-key and non-empty certificate
(or otherwise) causes crash:
# ovsdb-tool create ./etc/openvswitch/conf.db ./vswitch.ovsschema
# ovsdb-server --remote=punix:./db.sock \
--remote=db:Open_vSwitch,Open_vSwitch,manager_options \
--private-key=db:Open_vSwitch,SSL,private_key \
--certificate=db:Open_vSwitch,SSL,certificate \
--bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert
# ovs-vsctl --no-wait init
# ovs-vsctl --no-wait set-ssl pkey.key cert.cert ca.cert
# ovs-vsctl --no-wait set SSL . private_key='""'
# ovs-vsctl --no-wait set SSL . certificate='cert.new'
==25513==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000
==25513==The signal is caused by a READ memory access.
==25513==Hint: address points to the zero page.
#0 0x7ff7582aa0a9 in __GI___strlen_sse2
#1 0x7ff759bdde81 (/lib64/libasan.so.5+0xace81)
#2 0x7ff759479932 (/lib64/libcrypto.so.1.1+0xb3932)
#3 0x7ff759473c5a in BIO_ctrl (/lib64/libcrypto.so.1.1+0xadc5a)
#4 0x7ff7598decc1 in SSL_CTX_use_certificate_file (/lib64/libssl.so.1.1+0x40cc1)
#5 0x4dbaa7 in stream_ssl_set_certificate_file__ lib/stream-ssl.c:1170
#6 0x4dca2e in stream_ssl_set_key_and_cert lib/stream-ssl.c:1216
#7 0x4146b2 in reconfigure_ssl ovsdb/ovsdb-server.c:1254
#8 0x409c83 in main ovsdb/ovsdb-server.c:368
#9 0x7ff758233812 in __libc_start_main
#10 0x40f6bd in _start (ovsdb-server+0x40f6bd)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/lib64/libc.so.6+0x9a0a9) in __GI___strlen_sse2
==25513==ABORTING
Another way to reproduce is to use non-initialized DB entry for
private-key and a file for certificate in ovsdb-server cmdline.
The root cause is that stream_ssl_set_key_and_cert() triggers
configuration for both key and cert if any of them is valid, keeping
it possible for one of them to be NULL.
Fixes: 6f1e91b1d7c0 ("stream-ssl: Make changing keys and certificate at runtime reliable.")
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Acked-by: Ben Pfaff <blp@ovn.org>
Diffstat (limited to 'lib/stream-ssl.c')
| -rw-r--r-- | lib/stream-ssl.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/stream-ssl.c b/lib/stream-ssl.c index 81f240996..723fde9ad 100644 --- a/lib/stream-ssl.c +++ b/lib/stream-ssl.c @@ -1210,7 +1210,7 @@ stream_ssl_set_key_and_cert(const char *private_key_file, const char *certificate_file) { if (update_ssl_config(&private_key, private_key_file) - || update_ssl_config(&certificate, certificate_file)) { + && update_ssl_config(&certificate, certificate_file)) { stream_ssl_set_certificate_file__(certificate_file); stream_ssl_set_private_key_file__(private_key_file); } |