[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug #62137] wget segfaults when using openssl and a FTPS server in TLS
|
From: |
BurningZeRoad |
|
Subject: |
[bug #62137] wget segfaults when using openssl and a FTPS server in TLS 1.3 |
|
Date: |
Thu, 3 Mar 2022 06:14:59 -0500 (EST) |
URL:
<https://savannah.gnu.org/bugs/?62137>
Summary: wget segfaults when using openssl and a FTPS server
in TLS 1.3
Project: GNU Wget
Submitted by: burningzeroad
Submitted on: jeu. 03 mars 2022 11:14:57 UTC
Category: Crash/Freeze/Infloop
Severity: 3 - Normal
Priority: 5 - Normal
Status: None
Privacy: Public
Assigned to: None
Originator Name: Bruno Fleurette
Originator Email:
Open/Closed: Open
Release: None
Discussion Lock: Any
Operating System: GNU/Linux
Reproducibility: Every Time
Fixed Release: None
Planned Release: None
Regression: None
Work Required: None
Patch Included: Yes
_______________________________________________________
Details:
Hello,
I was faced with this segfault when downloading a file from FileZilla server
1.3.0 :
~ # wget -c ftps://192.168.137.243/test.zip -O /var/tmp/test.zip
--2022-03-03 11:39:46-- ftps://192.168.137.243/test.zip
=> '/var/tmp/test.zip'
Connecting to 192.168.137.243:21... connected.
==> AUTH TLS ... WARNING: cannot verify 192.168.137.243's certificate, issued
by 'CN=filezilla-server self signed certificate':
Self-signed certificate encountered.
WARNING: certificate common name 'filezilla-server self signed
certificate' doesn't match requested host name '192.168.137.243'.
done.
Logging in as anonymous ... Logged in!
==> PBSZ 0 ... done. ==> PROT P ... done.
==> SYST ... done. ==> PWD ... done.
==> TYPE I ... done. ==> CWD not needed.
==> SIZE test.zip ... 3269601
==> PASV ... done. ==> RETR test.zip ... done.
Length: 3269601 (3.1M) (unauthoritative)
Segmentation fault
My wget was compiled with openssl 1.1.1i library.
And the segfault occured when resuming the SSL session for the data transfer.
At this time, the session previously saved in ctx->sess is no more valid (it
has been changed by the openssl lib). This is apparently a specific behavior
in openssl when using TLS 1.3.
Here you are my patch for this issue in wget 1.21.3:
--- org/src/openssl.c 2022-03-03 11:19:09.513659802 +0100
+++ new/src/openssl.c 2022-03-03 11:29:48.870596212 +0100
@@ -825,6 +825,7 @@
{
/* attempt to resume a previous SSL session */
ctx = (struct openssl_transport_context *) fd_transport_context
(*continue_session);
+ ctx->sess = SSL_get0_session (ctx->conn);
if (!ctx || !ctx->sess || !SSL_set_session (conn, ctx->sess))
goto error;
}
_______________________________________________________
File Attachments:
-------------------------------------------------------
Date: jeu. 03 mars 2022 11:14:57 UTC Name:
wget-1.21.3-openssl-tls1.3-segfault.patch Size: 482o By: burningzeroad
<http://savannah.gnu.org/bugs/download.php?file_id=52954>
_______________________________________________________
Reply to this item at:
<https://savannah.gnu.org/bugs/?62137>
_______________________________________________
Message posté via Savannah
https://savannah.gnu.org/
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [bug #62137] wget segfaults when using openssl and a FTPS server in TLS 1.3,
BurningZeRoad <=