app_http_tls_cb(): fix crash on inconsistency w.r.t. use of TLS

This happens if use_ssl is not set but an SSL_CTX is provided.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18674)

diff --git a/apps/lib/apps.c b/apps/lib/apps.c
index 53303303b437b03836a9291da91412ad5b5a4229..7fa667bc666a4cb6389fe92b18e2c20ea9d0d514 100644 (file)
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@@ -2450,7 +2450,9 @@ BIO *app_http_tls_cb(BIO *bio, void *arg, int connect, int detail)
     APP_HTTP_TLS_INFO *info = (APP_HTTP_TLS_INFO *)arg;
     SSL_CTX *ssl_ctx = info->ssl_ctx;
 
-    if (connect && detail) { /* connecting with TLS */
+    if (ssl_ctx == NULL) /* not using TLS */
+        return bio;
+    if (connect) {
         SSL *ssl;
         BIO *sbio = NULL;
 
@@ -2530,6 +2532,11 @@ ASN1_VALUE *app_http_get_asn1(const char *url, const char *proxy,
                        "missing SSL_CTX");
         goto end;
     }
+    if (!use_ssl && ssl_ctx != NULL) {
+        ERR_raise_data(ERR_LIB_HTTP, ERR_R_PASSED_INVALID_ARGUMENT,
+                       "SSL_CTX given but use_ssl == 0");
+        goto end;
+    }
 
     info.server = server;
     info.port = port;