Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.6:Update
stunnel.18715
stunnel-CVE-2021-20230.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File stunnel-CVE-2021-20230.patch of Package stunnel.18715
The fix for CVE-2021-20230 was later modified in the update to version 5.58: https://github.com/mtrojnar/stunnel/commit/80f351bc063f0e6341bfe73f0dd5efeb90b0f4e8 Index: stunnel-5.57/src/verify.c =================================================================== --- stunnel-5.57.orig/src/verify.c +++ stunnel-5.57/src/verify.c @@ -220,15 +220,15 @@ NOEXPORT int verify_callback(int preveri return 0; /* reject */ if(c->opt->redirect_addr.names) { SSL_SESSION *sess=SSL_get1_session(c->ssl); - if(sess) { - int ok=SSL_SESSION_set_ex_data(sess, - index_session_authenticated, NULL); + if(!sess) + return 0; /* reject */ + if(!SSL_SESSION_set_ex_data(sess, + index_session_authenticated, NULL)) { + sslerror("SSL_SESSION_set_ex_data"); SSL_SESSION_free(sess); - if(!ok) { - sslerror("SSL_SESSION_set_ex_data"); - return 0; /* reject */ - } + return 0; /* reject */ } + SSL_SESSION_free(sess); return 1; /* accept */ } return 0; /* reject */ Index: stunnel-5.57/tests/recipes/028_redirect_chain =================================================================== --- stunnel-5.57.orig/tests/recipes/028_redirect_chain +++ stunnel-5.57/tests/recipes/028_redirect_chain @@ -32,7 +32,7 @@ start() { accept = 127.0.0.1:${https1} exec = ${script_path}/execute execArgs = execute 028_redirect_chain_error - redirect = ${http2} + redirect = 127.0.0.1:${http2} cert = ${script_path}/certs/server_cert.pem verifyChain = yes CAfile = ${script_path}/certs/CACert.pem
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor