From: Samson S. Kolge <eglok1980@gmail.com>
Date: Fri, 4 Apr 2025 11:38:22 +0000 (+0530)
Subject: Fix SSL_new() with QUIC_server_method and improve formatting (Fixes #27255)
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5341e271d9eb211d3b61d370a68ee4ce4147cd12;p=thirdparty%2Fopenssl.git

Fix SSL_new() with QUIC_server_method and improve formatting (Fixes #27255)

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27264)
---

diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index 4e9b63b046d..6e3de7d5050 100644
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -561,6 +561,15 @@ SSL *ossl_quic_new(SSL_CTX *ctx)
     QUIC_CONNECTION *qc = NULL;
     SSL_CONNECTION *sc = NULL;
 
+    /*
+     * QUIC_server_method should not be used with SSL_new.
+     * It should only be used with SSL_new_listener.
+     */
+    if (ctx->method == OSSL_QUIC_server_method()) {
+        QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED, NULL);
+        return NULL;
+    }
+
     qc = OPENSSL_zalloc(sizeof(*qc));
     if (qc == NULL) {
         QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL);
diff --git a/test/quicapitest.c b/test/quicapitest.c
index 4782479cc64..2e2692ae5f1 100644
--- a/test/quicapitest.c
+++ b/test/quicapitest.c
@@ -2654,10 +2654,43 @@ static int test_ssl_new_from_listener(void)
     return testresult;
 }
 
-/***********************************************************************************/
+static int test_server_method_with_ssl_new(void)
+{
+    SSL_CTX *ctx = NULL;
+    SSL *ssl = NULL;
+    int ret = 0;
+    unsigned long err;
+
+    /* Create a new SSL_CTX using the QUIC server method */
+    ctx = SSL_CTX_new_ex(libctx, NULL, OSSL_QUIC_server_method());
+    if (!TEST_ptr(ctx))
+        goto end;
+
+    /* Try to create a new SSL object - this should fail */
+    ssl = SSL_new(ctx);
+
+    /* Check that SSL_new() returned NULL */
+    if (!TEST_ptr_null(ssl))
+        goto end;
 
+    /* Check for the expected error */
+    err = ERR_peek_error();
+    if (!TEST_true(ERR_GET_LIB(err) == ERR_LIB_SSL &&
+                   ERR_GET_REASON(err) == ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED))
+        goto end;
+
+    ret = 1;
+
+end:
+    SSL_free(ssl);
+    SSL_CTX_free(ctx);
+    return ret;
+}
+
+/***********************************************************************************/
 OPT_TEST_DECLARE_USAGE("provider config certsdir datadir\n")
 
+
 int setup_tests(void)
 {
     char *modulename;
@@ -2753,6 +2786,7 @@ int setup_tests(void)
 #ifndef OPENSSL_NO_SSL_TRACE
     ADD_TEST(test_new_token);
 #endif
+    ADD_TEST(test_server_method_with_ssl_new);
     return 1;
  err:
     cleanup_tests();