Uploaded image for project: 'Qpid Proton'
  1. Qpid Proton
  2. PROTON-2535

TLS library - false indication of user data in OpenSSL

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • proton-c-0.37.0
    • None
    • proton-c
    • None
    • OpenSSL

    Description

      pn_tls_need_decrypt_output_buffers can falsely indicate the availability of user data.  For example if there is a handshake failure, BIO_pending can indicate the presence of bytes but BIO_read will return -1 and the appropriate error.

      An application may be fooled into providing a decrypt output buffer that won't be immediately be returned after the next pn_tls_process() step, since no bytes will be read into it.

      Attachments

        Activity

          People

            cliffjansen Clifford Jansen
            cliffjansen Clifford Jansen
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated: