SLFO-pool/curl
SHA256
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
eb6d4068f5
curl/curl-CVE-2024-2379.patch

48 lines
1.7 KiB
Diff
Raw Blame History

From aedbbdf18e689a5eee8dc39600914f5eda6c409c Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 11 Mar 2024 10:53:08 +0100
Subject: [PATCH] vquic-tls: return appropirate errors on wolfSSL errors
Reported-by: Dexter Gerig
Closes #13107
---
lib/vquic/vquic-tls.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/lib/vquic/vquic-tls.c b/lib/vquic/vquic-tls.c
index cc7794e405a5f6..dbde21f476f1dc 100644
--- a/lib/vquic/vquic-tls.c
+++ b/lib/vquic/vquic-tls.c
@@ -375,6 +375,7 @@ static CURLcode curl_wssl_init_ctx(struct quic_tls_ctx *ctx,
char error_buffer[256];
ERR_error_string_n(ERR_get_error(), error_buffer, sizeof(error_buffer));
failf(data, "wolfSSL failed to set ciphers: %s", error_buffer);
+ result = CURLE_BAD_FUNCTION_ARGUMENT;
goto out;
}
@@ -382,6 +383,7 @@ static CURLcode curl_wssl_init_ctx(struct quic_tls_ctx *ctx,
conn_config->curves :
(char *)QUIC_GROUPS) != 1) {
failf(data, "wolfSSL failed to set curves");
+ result = CURLE_BAD_FUNCTION_ARGUMENT;
goto out;
}
@@ -392,6 +394,7 @@ static CURLcode curl_wssl_init_ctx(struct quic_tls_ctx *ctx,
wolfSSL_CTX_set_keylog_callback(ctx->ssl_ctx, keylog_callback);
#else
failf(data, "wolfSSL was built without keylog callback");
+ result = CURLE_NOT_BUILT_IN;
goto out;
#endif
}
@@ -414,6 +417,7 @@ static CURLcode curl_wssl_init_ctx(struct quic_tls_ctx *ctx,
" CAfile: %s CApath: %s",
ssl_cafile ? ssl_cafile : "none",
ssl_capath ? ssl_capath : "none");
+ result = CURLE_SSL_CACERT;
goto out;
}
infof(data, " CAfile: %s", ssl_cafile ? ssl_cafile : "none");
Reference in New Issue View Git Blame Copy Permalink