forked from pool/openssl-1_1
Pedro Monreal Gonzalez
18ecb7a582
- Security fix: [bsc#1227138, CVE-2024-5535] * SSL_select_next_proto buffer overread * Add openssl-CVE-2024-5535.patch - Apply "openssl-CVE-2024-4741.patch" to fix a use-after-free security vulnerability. Calling the function SSL_free_buffers() potentially caused memory to be accessed that was previously freed in some situations and a malicious attacker could attempt to engineer a stituation where this occurs to facilitate a denial-of-service attack. [CVE-2024-4741, bsc#1225551] OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=164
28 lines
625 B
C
28 lines
625 B
C
#include <openssl/err.h>
|
|
#include <openssl/ssl.h>
|
|
|
|
int main() {
|
|
SSL_CTX *ctx = NULL;
|
|
SSL *ssl = NULL;
|
|
STACK_OF(SSL_CIPHER) *sk = NULL;
|
|
const SSL_METHOD *meth = TLS_server_method();
|
|
int i;
|
|
const char *p;
|
|
|
|
ctx = SSL_CTX_new(meth);
|
|
if (ctx == NULL)
|
|
return 1;
|
|
ssl = SSL_new(ctx);
|
|
if (ssl == NULL)
|
|
return 1;
|
|
sk = SSL_get_ciphers(ssl);
|
|
for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
|
|
const SSL_CIPHER *c = sk_SSL_CIPHER_value(sk, i);
|
|
p = SSL_CIPHER_get_name(c);
|
|
if (p == NULL)
|
|
break;
|
|
printf("%s\n", p);
|
|
}
|
|
return 0;
|
|
}
|