Overview

File libtcnative-1-0-bsc1199170.patch of Package libtcnative-1-0.25248

From 5ac1175a0cf24aae2a285b3f3fb877ff83aef0c0 Mon Sep 17 00:00:00 2001
From: Mark Thomas <markt@apache.org>
Date: Tue, 3 May 2022 17:13:20 +0100
Subject: [PATCH] Fix BZ 66035 - avoid crash reading session ID after handshake
 failure

https://bz.apache.org/bugzilla/show_bug.cgi?id=66035
---
 native/src/ssl.c                  |    4 ++++
 xdocs/miscellaneous/changelog.xml |    4 ++++
 2 files changed, 8 insertions(+)

--- a/native/src/ssl.c
+++ b/native/src/ssl.c
@@ -2011,6 +2011,10 @@ TCN_IMPLEMENT_CALL(jbyteArray, SSL, getS
     }
     UNREFERENCED(o);
     session = SSL_get_session(ssl_);
+    if (NULL == session) {
+        return NULL;
+    }
+
     session_id = SSL_SESSION_get_id(session, &len);

     if (len == 0 || session_id == NULL) {
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -37,6 +37,10 @@
 <section name="Changes in 1.2.23">
   <changelog>
     <fix>
+      <bug>66035</bug>: Fix crash when attempting to read TLS session ID after a
+      handshake failure. (schultz/markt)
+    </fix>
+    <fix>
       Make file fixes to enable building with APR 1.7.x. (markt)
     </fix>
     <fix>
openSUSE Build Service is sponsored by
Places