Uploaded image for project: 'Traffic Server'
  1. Traffic Server
  2. TS-3790

action=tunnel in ssl_multicert.config will cause crash

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 6.0.0
    • Component/s: SSL
    • Labels:
      None

      Description

      Enabled an old line in my ssl_multicert.config and accidentally tested the action=tunnel feature. It caused the traffic_server process to crash. The code was assuming that a handShakeBuffer must be present if we are deciding to do a blind tunnel, but that is only the case if the decision is made in the SNI callback. I'm going to attach a patch that fixes the problem.

      Example line that will trigger the issue. Packets addressed to 1.2.3.4 will try to convert to blind tunnel before any SSL handshake processing is attempted.

      dest_ip=1.2.3.4 action=tunnel ssl_cert_name=servercert.pem ssl_key_name=privkey.pem
      

        Attachments

        1. ts-3790.diff
          4 kB
          Susan Hinrichs

          Activity

            People

            • Assignee:
              shinrich Susan Hinrichs
              Reporter:
              shinrich Susan Hinrichs
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: