From: Hugo Landau <hlandau@openssl.org>
Date: Tue, 1 Mar 2022 16:47:03 +0000 (+0000)
Subject: s_server: Do not use SSL_sendfile when KTLS is not being used
X-Git-Tag: openssl-3.2.0-alpha1~2891
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=aea68b0ddb7113b982ab503bf830d641e8425759;p=thirdparty%2Fopenssl.git

s_server: Do not use SSL_sendfile when KTLS is not being used

Fix a bug in `openssl s_server -WWW` where it would attempt to invoke
`SSL_sendfile` if `-ktls -sendfile` was passed on the command line, even
if KTLS has not actually been enabled, for example because it is not
supported by the host. Since `SSL_sendfile` is only supported when KTLS
is actually being used, this resulted in a failure to serve requests.

Fixes #17503.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17788)
---

diff --git a/apps/s_server.c b/apps/s_server.c
index 45c112345f5..724f3f4ba85 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -3010,6 +3010,9 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
     int total_bytes = 0;
 #endif
     int width;
+#ifndef OPENSSL_NO_KTLS
+    int use_sendfile_for_req = use_sendfile;
+#endif
     fd_set readfds;
     const char *opmode;
 #ifdef CHARSET_EBCDIC
@@ -3340,7 +3343,11 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
             }
             /* send the file */
 #ifndef OPENSSL_NO_KTLS
-            if (use_sendfile) {
+            if (use_sendfile_for_req && !BIO_get_ktls_send(SSL_get_wbio(con))) {
+                BIO_printf(bio_err, "Warning: sendfile requested but KTLS is not available\n");
+                use_sendfile_for_req = 0;
+            }
+            if (use_sendfile_for_req) {
                 FILE *fp = NULL;
                 int fd;
                 struct stat st;