nicolabs/mosquitto
1
0
Fork 0
mirror of https://github.com/eclipse-mosquitto/mosquitto.git synced 2026-04-10 14:54:31 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Check *_get_ex_data() and *_set_ex_data() return values.

Browse source 
Closes #3389. Thanks to Qingpeng Du.
This commit is contained in:
Roger A. Light 2025-10-11 14:30:00 +01:00
parent 2c4967a2a4
commit 0e04dfc032
3 changed files with 16 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
client/client_shared.c
View file

@ -1361,7 +1361,10 @@ static int client_tls_opts_set(struct mosquitto *mosq, struct mosq_config *cfg)
err_printf(cfg, "Error: Unable to create SSL_CTX.\n"); err_printf(cfg, "Error: Unable to create SSL_CTX.\n");
return 1; return 1;
} }
SSL_CTX_set_ex_data(cfg->ssl_ctx, tls_ex_index_cfg, cfg); if(!SSL_CTX_set_ex_data(cfg->ssl_ctx, tls_ex_index_cfg, cfg)){
err_printf(cfg, "Error: Unable to set SSL_CTX ex data.\n");
return 1;
}
mosquitto_void_option(mosq, MOSQ_OPT_SSL_CTX, cfg->ssl_ctx); mosquitto_void_option(mosq, MOSQ_OPT_SSL_CTX, cfg->ssl_ctx);
mosquitto_int_option(mosq, MOSQ_OPT_SSL_CTX_WITH_DEFAULTS, 1); mosquitto_int_option(mosq, MOSQ_OPT_SSL_CTX_WITH_DEFAULTS, 1);
SSL_CTX_set_keylog_callback(cfg->ssl_ctx, tls_keylog_callback); SSL_CTX_set_keylog_callback(cfg->ssl_ctx, tls_keylog_callback);

9
lib/net_mosq.c
View file

@ -689,6 +689,8 @@ static int net__init_ssl_ctx(struct mosquitto *mosq)
uint8_t tls_alpn_wire[256]; uint8_t tls_alpn_wire[256];
uint8_t tls_alpn_len; uint8_t tls_alpn_len;
net__init_tls();
#ifndef WITH_BROKER #ifndef WITH_BROKER
if(mosq->user_ssl_ctx){ if(mosq->user_ssl_ctx){
mosq->ssl_ctx = mosq->user_ssl_ctx; mosq->ssl_ctx = mosq->user_ssl_ctx;
@ -705,7 +707,6 @@ static int net__init_ssl_ctx(struct mosquitto *mosq)
* has not been set, or if both of MOSQ_OPT_SSL_CTX and * has not been set, or if both of MOSQ_OPT_SSL_CTX and
* MOSQ_OPT_SSL_CTX_WITH_DEFAULTS are set. */ * MOSQ_OPT_SSL_CTX_WITH_DEFAULTS are set. */
if(mosq->tls_cafile || mosq->tls_capath || mosq->tls_psk || mosq->tls_use_os_certs){ if(mosq->tls_cafile || mosq->tls_capath || mosq->tls_psk || mosq->tls_use_os_certs){
net__init_tls();
if(!mosq->ssl_ctx){ if(!mosq->ssl_ctx){
mosq->ssl_ctx = SSL_CTX_new(TLS_client_method()); mosq->ssl_ctx = SSL_CTX_new(TLS_client_method());
@ -922,7 +923,11 @@ int net__socket_connect_step3(struct mosquitto *mosq, const char *host)
return MOSQ_ERR_TLS; return MOSQ_ERR_TLS;
} }
SSL_set_ex_data(mosq->ssl, tls_ex_index_mosq, mosq); if(!SSL_set_ex_data(mosq->ssl, tls_ex_index_mosq, mosq)){
net__socket_close(mosq);
net__print_ssl_error(mosq, "while setting SSL ex data");
return MOSQ_ERR_TLS;
}
bio = BIO_new_socket(mosq->sock, BIO_NOCLOSE); bio = BIO_new_socket(mosq->sock, BIO_NOCLOSE);
if(!bio){ if(!bio){
net__socket_close(mosq); net__socket_close(mosq);

7
src/net.c
View file

@ -250,8 +250,11 @@ struct mosquitto *net__socket_accept(struct mosquitto__listener_sock *listensock
context__cleanup(new_context, true); context__cleanup(new_context, true);
return NULL; return NULL;
} }
SSL_set_ex_data(new_context->ssl, tls_ex_index_context, new_context); if(!SSL_set_ex_data(new_context->ssl, tls_ex_index_context, new_context)
SSL_set_ex_data(new_context->ssl, tls_ex_index_listener, new_context->listener); || !SSL_set_ex_data(new_context->ssl, tls_ex_index_listener, new_context->listener)){
context__cleanup(new_context, true);
return NULL;
}
new_context->want_write = true; new_context->want_write = true;
bio = BIO_new_socket(new_sock, BIO_NOCLOSE); bio = BIO_new_socket(new_sock, BIO_NOCLOSE);
SSL_set_bio(new_context->ssl, bio, bio); SSL_set_bio(new_context->ssl, bio, bio);