From: Alan T. DeKok Date: Tue, 13 Oct 2015 16:51:15 +0000 (-0400) Subject: Port fix from v3.1.x X-Git-Tag: release_3_0_11~254 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9f2f83128e64df51deb69839274550367039bb81;p=thirdparty%2Ffreeradius-server.git Port fix from v3.1.x --- diff --git a/src/main/tls.c b/src/main/tls.c index bc9e233d6a7..2d0ff04d38c 100644 --- a/src/main/tls.c +++ b/src/main/tls.c @@ -1303,8 +1303,11 @@ static SSL_SESSION *cbtls_get_session(SSL *ssl, unsigned char *data, int len, in { int rv, fd, todo; char filename[256]; - unsigned char *p; - unsigned char const *q; + + unsigned char const **o; + unsigned char **p; + uint8_t *q; + struct stat st; VALUE_PAIR *vps = NULL; @@ -1340,24 +1343,34 @@ static SSL_SESSION *cbtls_get_session(SSL *ssl, unsigned char *data, int len, in goto err; } - p = sess_data; + q = sess_data; todo = st.st_size; while (todo > 0) { - rv = read(fd, p, todo); + rv = read(fd, q, todo); if (rv < 1) { RWDEBUG("Failed reading persisted session: %s", fr_syserror(errno)); close(fd); goto err; } todo -= rv; - p += rv; + q += rv; } close(fd); - /* openssl mutates &p */ + /* + * OpenSSL mutates what's passed in, so we assign sess_data to q, + * so the value of q gets mutated, and not the value of sess_data. + * + * We then need a pointer to hold &q, but it can't be const, because + * clang complains about lack of consting in nested pointer types. + * + * So we memcpy the value of that pointer, to one that + * does have a const, which we then pass into d2i_SSL_SESSION *sigh*. + */ q = sess_data; - sess = d2i_SSL_SESSION(NULL, &q, st.st_size); - + p = &q; + memcpy(&o, &p, sizeof(o)); + sess = d2i_SSL_SESSION(NULL, o, st.st_size); if (!sess) { RWDEBUG("Failed loading persisted session: %s", ERR_error_string(ERR_get_error(), NULL)); goto err;