Uploaded image for project: 'Couchbase C client library libcouchbase'
  1. Couchbase C client library libcouchbase
  2. CCBC-814

SSL connections broken with OpenSSL 1.1

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.8.0
    • Component/s: library
    • Labels:
      None

      Description

      Fedora 26 and Debian 9 have OpenSSL 1.1 by default.
      BUF_MEM in OpenSSL has been optimized, and now our growing function cannot rely on its length and max fields. This leads to passing NULL pointer to read function, and eventually to errno 14 Bad address.

        Attachments

        For Gerrit Dashboard: CCBC-814
        # Subject Branch Project Status CR V

          Activity

          Hide
          avsej Sergey Avseyev added a comment -

          This is likely the change, which changed behaviour: https://github.com/openssl/openssl/commit/9fe9d0461ea

          It seems like now BIO_get_mem_ptr() returns readonly view of the buffer, and we should not grow it

          Show
          avsej Sergey Avseyev added a comment - This is likely the change, which changed behaviour: https://github.com/openssl/openssl/commit/9fe9d0461ea It seems like now BIO_get_mem_ptr() returns readonly view of the buffer, and we should not grow it

            People

            • Assignee:
              avsej Sergey Avseyev
              Reporter:
              avsej Sergey Avseyev
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Gerrit Reviews

                There are no open Gerrit changes

                  PagerDuty

                  Error rendering 'com.pagerduty.jira-server-plugin:PagerDuty'. Please contact your Jira administrators.