Bug 65160 - Custom OpenSSL BIO_ctrl methods return incorrect default value
Summary: Custom OpenSSL BIO_ctrl methods return incorrect default value
Status: NEW
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_ssl (show other bugs)
Version: 2.4.46
Hardware: PC FreeBSD
: P2 normal (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
Depends on:
Reported: 2021-02-26 21:30 UTC by John Baldwin
Modified: 2021-02-26 21:30 UTC (History)
0 users

bio_ctrl_methods.patch (1.58 KB, patch)
2021-02-26 21:30 UTC, John Baldwin
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description John Baldwin 2021-02-26 21:30:41 UTC
Created attachment 37747 [details]

This is similar to the bug I reported for serf at https://issues.apache.org/jira/browse/SERF-198.  Specifically, the BIO_ctrl(3) manual page documents that BIO control methods should return 0 for unknown requests.  Technically the custom BIO classes in mod_ssl look like filters rather than source/sink BIOs at least in name, but functionally they need to follow the same convention.

The specific breakage is that OpenSSL 3.0 introduces new control operations related to kernel TLS offload that are used by libssl to determine if a BIO is using kernel TLS offload.  A non-zero return value from the BIO_ctrl method is for these operations is interpreted by libssl as meaning that the BIO is using kernel TLS offload, and thus OpenSSL does not perform encrypt/decryption or append/strip trailers assuming the kernel will do that instead.  The current control methods were returning non-zero values meaning that OpenSSL would not encrypt/decrypt TLS records.  Note that OpenSSL 3.0 is still in beta, but FreeBSD 14-current also includes a back ported version of these patches in its OpenSSL 1.1.1 in the base system which is where this breakage was observed.

The attached patch changes the two BIO_ctrl methods in mod_ssl to return 0 for unknown requests.  It also clarifies that one of the control methods is now used by OpenSSL.