Crash with SSL transfers since upgraded to OpenSSL 1.0 beta
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
DC++ |
Fix Released
|
High
|
Unassigned |
Bug Description
To reproduce the crash
start an SSL download from someone with high upload bandwith. 200-300KiB/sec or more
while the high speed download runs, select 20-30 filelists from an adc hub and download them at once
this should trigger the crash within seconds, at least at me
It can crash with lower speed transfers as well, but it can take up to several days to crash then. I experience this since the upgrade to Beta 1 of OpenSSL 1.0.0.
bzr 1773, WinXP, also tested with another build with gcc (given by poy) so it shouldn't be a compiling issue.
I can't reproduce the crash with the MSVC build of the same revision.
--
Connected to SSL client using DHE-RSA-AES256-SHA
Thrown: SocketException: Kapcsolat lez+írva
BufferedSocket:
threadAccBeufpf[New thread 5400.0x924]
BufferedtSocket
0xbf4e6a0
eredSocket:
BufferedSocket:
BufCfCeored Soc0noxknnebenf
(to) So CS osSLntS ancLer ltcict el0enidxteb n tfuteos 9ui9SnsS8ig0L n
gDtcH lhDEriH-
26D5-H6-ESS-HHRAAS
A-AES256-SH
Program received signal SIGSEGV, Segmentation fault.
[Switching to thread 5400.0x1460]
0x77c46fa3 in msvcrt!memcpy () from C:\WINDOWS\
(gdb) bt full
#0 0x77c46fa3 in msvcrt!memcpy () from C:\WINDOWS\
No symbol table info available.
#1 0x006a3005 in EVP_MD_CTX_copy_ex (out=0xb8bb9f0, in=0xc417aa8)
at ./crypto/
tmp_buf = <value optimized out>
#2 0x006af074 in HMAC_CTX_copy (dctx=0xb8bb9bc, sctx=0xc417a74)
at ./crypto/
No locals.
#3 0x0b8bb9a8 in ?? ()
No symbol table info available.
#4 0x006f63e1 in pkey_hmac_copy (dst=0xb8bb968, src=0xc1b0d68)
at ./crypto/
sctx = (HMAC_PKEY_CTX *) 0xc417a60
#5 0x006b41ad in EVP_PKEY_CTX_dup (pctx=0xc1b0d68)
at ./crypto/
rctx = (EVP_PKEY_CTX *) 0xb8bb968
#6 0x129ffd14 in ?? ()
No symbol table info available.
#7 0x006a3021 in EVP_MD_CTX_copy_ex (out=0xa658e0, in=0x129ffcfc)
at ./crypto/
tmp_buf = (
unsigned char *) 0xb8bb8e8 "\rs¦\
s¦\rs¦
zzzzzt¦t¦"
#8 0x006b700e in EVP_DigestSignFinal (ctx=0x129ffcfc, sigret=0x129ffd88 "",
siglen=
md = "\037r\
00\000\
\213\v\020py\v"
mdlen = <value optimized out>
r = <value optimized out>
tmp_ctx = {digest = 0x0, engine = 0x0, flags = 0, md_data = 0x0,
pctx = 0x0, update = 0}
#9 0x0068750b in tls1_mac (ssl=0xc0371d0, md=0x129ffd88 "", send=0)
at ./ssl/t1_enc.c:899
rec = (SSL3_RECORD *) 0xc2ff9ec
seq = (unsigned char *) 0xc2ff8e8 ""
hash = (EVP_MD_CTX *) 0xcc6fae0
md_size = 20
hmac = {digest = 0x9f4b28, engine = 0x0, flags = 8, md_data = 0x0,
pctx = 0xc1b0d68, update = 0x6f61f4 <int_update>}
mac_ctx = (EVP_MD_CTX *) 0x129ffcfc
buf = "\027\003\001\000"
stream_mac = 0
t = <value optimized out>
#10 0x00680123 in ssl3_read_bytes (s=0xc0371d0, type=23,
buf=0x129ffe97 "\022@P+\f", len=1, peek=1) at ./ssl/s3_pkt.c:447
al = <value optimized out>
i = <value optimized out>
ret = <value optimized out>
n = 17736
cb = (void (*)(const SSL *, int, int)) 0
#11 0x0067dc8d in ssl3_read_internal (s=0xc0371d0, buf=0x129ffe97, len=1,
peek=1) at ./ssl/s3_lib.c:3254
ret = <value optimized out>
#12 0x00608260 in dcpp::SSLSocket
waitFor=2) at dcpp/SSLSocket.
c = 18 '\022'
#13 0x00558885 in dcpp::BufferedS
at dcpp/BufferedSo
waitFor = -2142251686
#14 0x0055977a in dcpp::BufferedS
at dcpp/BufferedSo
e = (const Exception &) @0x7c810669: {<exception> = {
_vptr$exception = 0x5053ed33, data_ = {px_ = 0xeee9006a},
throw_function_ = 0x0, throw_file_ = 0x0, throw_line_ = 786438}, error = {
static npos = 4294967295,
_M_dataplus = {<allocator<char>> = {<new_allocator
>}, <No data fields>},
_M_p = 0xeee9006a <Address 0xeee9006a out of bounds>}}}
#15 0x007f6502 in dcpp::Thread:
t = (Thread *) 0xcc35040
#16 0x7c80b699 in KERNEL32!
from C:\WINDOWS\
No symbol table info available.
#17 0x00000000 in ?? ()
No symbol table info available.
(gdb)
This could have something to do with CRYPTO_ set_locking_ callback( ) not being anywhere in DC++, which may be needed to set up openssl for thread safety: www.openssl. org/support/ faq.html# PROG1 www.openssl. org/docs/ crypto/ threads. html
http://
http://
It was added to StrongDC's CryptoManager a while ago, it should be easy to copy and paste the relevant code into DC++ to test this idea.