On Thu, 16 Oct 2014 16:33:28 +0200, Frank Schmirler wrote > I get the following segfault when trying to send an SSLv3 request to > the reverse proxy "pound", running on openssl-1.0.1j with SSLv2/3 disabled: > > Program received signal SIGSEGV, Segmentation fault. > 0xb77498fa in ssl_ctrl (b=0xb7001010, cmd=1, num=0, ptr=0x0) at bio_ssl.c:312 > 312 if (ssl->handshake_func == ssl->method->ssl_connect)
Problem is that ssl23_get_server_method(SSL3_VERSION) returns NULL when compiled with "no-ssl3", setting ssl->method to NULL. The attached patch adds a define to ssl23_get_client_hello(...) to treat the "no-ssl3" just like the "SSL_OP_NO_SSLv3" flag. Regards, Frank
openssl-1.0.1j-no_ssl3.patch
Description: application/download
