Fixed build and Ssl::BIO_new_SBuf() broken/added by 5107d2c (#53)

Fixed BIO_new_SBuf() compilation with OpenSSL v1.1 (and others that
HAVE_LIBCRYPTO_BIO_METH_NEW).

Do not leak the BIO object allocated in Ssl::InRamCertificateDbKey().

Throw instead of returning nil from Ssl::BIO_new_SBuf().

Polished BIO_new_SBuf() description to better reflect reality.

diff --git a/src/ssl/support.cc b/src/ssl/support.cc
index e80ea8936299cb111c76aafef5dee58ce0f9c1aa..99b73f2ef67e1ae5bc51fe1cbfe98a513e695c32 100644 (file)
--- a/src/ssl/support.cc
+++ b/src/ssl/support.cc
@@ -1391,8 +1391,8 @@ void Ssl::InRamCertificateDbKey(const Ssl::CertificateProperties &certProperties
     key.append(certProperties.signHash ? EVP_MD_name(certProperties.signHash) : "-");
 
     if (certProperties.mimicCert) {
-        BIO *bio = BIO_new_SBuf(&key);
-        ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509), bio, (ASN1_VALUE *)certProperties.mimicCert.get());
+        Ssl::BIO_Pointer bio(BIO_new_SBuf(&key));
+        ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509), bio.get(), (ASN1_VALUE *)certProperties.mimicCert.get());
     }
 }
 
@@ -1416,6 +1416,7 @@ int
 bio_sbuf_write(BIO* bio, const char* data, int len)
 {
     SBuf *buf = static_cast<SBuf *>(BIO_get_data(bio));
+    // TODO: Convert exceptions into BIO errors
     buf->append(data, len);
     return len;
 }
@@ -1423,6 +1424,7 @@ bio_sbuf_write(BIO* bio, const char* data, int len)
 int
 bio_sbuf_puts(BIO* bio, const char* data)
 {
+    // TODO: use bio_sbuf_write() instead
     SBuf *buf = static_cast<SBuf *>(BIO_get_data(bio));
     size_t oldLen = buf->length();
     buf->append(data);
@@ -1434,6 +1436,7 @@ bio_sbuf_ctrl(BIO* bio, int cmd, long num, void* ptr) {
     SBuf *buf = static_cast<SBuf *>(BIO_get_data(bio));
     switch (cmd) {
     case BIO_CTRL_RESET:
+        // TODO: Convert exceptions into BIO errors
         buf->clear();
         return 1;
     case BIO_CTRL_FLUSH:
@@ -1443,28 +1446,10 @@ bio_sbuf_ctrl(BIO* bio, int cmd, long num, void* ptr) {
     }
 }
 
-
-#if HAVE_LIBCRYPTO_BIO_METH_NEW
-static BIO_METHOD *BioSBufMethods = nullptr;
-#else
-static BIO_METHOD BioSBufMethods = {
-    BIO_TYPE_MEM,
-    "Squid SBuf",
-    bio_sbuf_write,
-    nullptr,
-    bio_sbuf_puts,
-    nullptr,
-    bio_sbuf_ctrl,
-    bio_sbuf_create,
-    bio_sbuf_destroy,
-    NULL,
-
-};
-#endif
-
 BIO *Ssl::BIO_new_SBuf(SBuf *buf)
 {
 #if HAVE_LIBCRYPTO_BIO_METH_NEW
+    static BIO_METHOD *BioSBufMethods = nullptr;
     if (!BioSBufMethods) {
         BioSBufMethods = BIO_meth_new(BIO_TYPE_MEM, "Squid-SBuf");
         BIO_meth_set_write(BioSBufMethods, bio_sbuf_write);
@@ -1476,10 +1461,21 @@ BIO *Ssl::BIO_new_SBuf(SBuf *buf)
         BIO_meth_set_destroy(BioSBufMethods, bio_sbuf_destroy);
     }
 #else
-    BIO *bio = BIO_new(&BioSBufMethods);
+    static BIO_METHOD *BioSBufMethods = new BIO_METHOD({
+        BIO_TYPE_MEM,
+        "Squid SBuf",
+        bio_sbuf_write,
+        nullptr,
+        bio_sbuf_puts,
+        nullptr,
+        bio_sbuf_ctrl,
+        bio_sbuf_create,
+        bio_sbuf_destroy,
+        NULL
+    });
 #endif
-    if (!bio)
-        return nullptr;
+    BIO *bio = BIO_new(BioSBufMethods);
+    Must(bio);
     BIO_set_data(bio, buf);
     BIO_set_init(bio, 1);
     return bio;

diff --git a/src/ssl/support.h b/src/ssl/support.h
index b28322daf169e4149e1f0d6153c5c92280367946..ecbd21c674bfef24b5f5f3b9f35e8002f83a497e 100644 (file)
--- a/src/ssl/support.h
+++ b/src/ssl/support.h
@@ -330,7 +330,8 @@ void InRamCertificateDbKey(const Ssl::CertificateProperties &certProperties, SBu
 
 /**
   \ingroup ServerProtocolSSLAPI
-  Generates an OpenSSL BIO for writting to an SBuf object
+  Creates and returns an OpenSSL BIO object for writing to `buf` (or throws).
+  TODO: Add support for reading from `buf`.
  */
 BIO *BIO_new_SBuf(SBuf *buf);
 } //namespace Ssl