From: Joe Orton Date: Wed, 3 Jul 2013 08:00:28 +0000 (+0000) Subject: Merge 1488296 from trunk: X-Git-Tag: 2.4.5~51 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=d772a545746e1c57c1e72aabbeea3e0de2ef220a;p=apache Merge 1488296 from trunk: * modules/ssl/ssl_util_ocsp.c (read_response): Ignore empty buckets in the brigade, which can be left over from line splitting. Fixes case where the OCSP response was only partially read from the wire. Reviewed by: jorton, jim, sf git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1499241 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index a6edf941f5..63ce0a3e39 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,9 @@ Changes with Apache 2.4.5 + *) mod_ssl: Fix possible truncation of OCSP responses when reading from the + server. [Joe Orton] + *) core: Support the SINGLE_LISTEN_UNSERIALIZED_ACCEPT optimization on Linux kernel versions 3.x and above. PR 55121. [Bradley Heilbrun ] diff --git a/modules/ssl/ssl_util_ocsp.c b/modules/ssl/ssl_util_ocsp.c index e5c5e58da2..757df05f40 100644 --- a/modules/ssl/ssl_util_ocsp.c +++ b/modules/ssl/ssl_util_ocsp.c @@ -236,7 +236,7 @@ static OCSP_RESPONSE *read_response(apr_socket_t *sd, BIO *bio, conn_rec *c, apr_bucket *e = APR_BRIGADE_FIRST(bb); rv = apr_bucket_read(e, &data, &len, APR_BLOCK_READ); - if (rv == APR_EOF || (rv == APR_SUCCESS && len == 0)) { + if (rv == APR_EOF) { ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, APLOGNO(01984) "OCSP response: got EOF"); break; @@ -246,6 +246,12 @@ static OCSP_RESPONSE *read_response(apr_socket_t *sd, BIO *bio, conn_rec *c, "error reading response from OCSP server"); return NULL; } + if (len == 0) { + /* Ignore zero-length buckets (possible side-effect of + * line splitting). */ + apr_bucket_delete(e); + continue; + } count += len; if (count > MAX_CONTENT) { ap_log_cerror(APLOG_MARK, APLOG_ERR, rv, c, APLOGNO(01986)