Function SSL_CTX_new() returns NULL if the creation of a new SSL_CTX object failed. However , the return value of function SSL_CTX_new() is not checked. See the following code:
line : 1166
|
ssl_ctx = SSL_CTX_new(SSLv23_client_method()); |
|
/* For some reason this does not seem to work, but indications are that it should... |
|
Maybe something with how we create connections? TODO: Fix it... */ |
|
SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_NONE, cert_verify_callback); |
|
if (cipher != (char *)0) { |
|
if (!SSL_CTX_set_cipher_list(ssl_ctx, cipher)) { |
|
(void)fprintf(stderr, "%s: cannot set cipher list\n", argv0); |
|
ERR_print_errors_fp(stderr); |
|
close_connection(cnum); |
|
return; |
|
} |
|
} |
==============================================================================
We find the return value of this call been checked in openssl project with the version of openssl 1.1.2.
Such as in openssl/apps folder
line : 178
Ref : https://github.com/openssl/openssl/blob/0db957dbbcf6a432086ab913378c23636d8c374c/apps/ciphers.c#L178-L180
line 178: ctx = SSL_CTX_new(meth);
line 179: if (ctx == NULL)
line 180: goto err;
Chi Li, Zuxing Gu, Jiecheng Wu
Function SSL_CTX_new() returns NULL if the creation of a new SSL_CTX object failed. However , the return value of function SSL_CTX_new() is not checked. See the following code:
line : 1166
trafficserver/tools/http_load/http_load.c
Lines 1166 to 1177 in 5ee6a5f
==============================================================================
We find the return value of this call been checked in openssl project with the version of openssl 1.1.2.
Such as in openssl/apps folder
line : 178
Ref : https://github.com/openssl/openssl/blob/0db957dbbcf6a432086ab913378c23636d8c374c/apps/ciphers.c#L178-L180
Chi Li, Zuxing Gu, Jiecheng Wu