[openssl-dev] [openssl.org #4060] AutoReply: a crash happened inside SSL_Connect function

Matt Caswell via RT rt at openssl.org
Tue Sep 29 14:55:23 UTC 2015 


On 29/09/15 15:45, Tiantian Liu via RT wrote:
> Hi Matt,
> Thanks for prompt response!
> While I confirm with you that my application crashed INSIDE the SSL_connect() function.

Your previous email indicated it was not crashing with SSLv23_method():
"While the above code didn't work. I couldn't reach the server. Though
the SSL_connect() didn't crash, it returned as..."

So my advice was meant for that scenario.

> So SSL_connect has no chance to return the 'res' value to me for analysis. 
> Because I inserted a debug message before and after SSL_connect(). You can see it in the following code.  
> 
>        /*
>             My debug statement wrote the " Going to call SSL_connect() 15" into my trace file
>             And this message string is THE LAST message in my trace file.
>       */	
>         if (isDiag) {
>         	SerialWriteTestLine_int_Time("Going to call SSL_connect()", timeout, diag);
>         }
> 		res = SSL_connect(ssl);
>       /*
>            Oooop!!! The following statement was not executed! No debug message in my trace file anymore.
>       */
>         if (isDiag) {
>         	SerialWriteTestLine_int_Time("SSL_connect res ", res, diag);
>         }
> 		if (res <= 0) {
> 			sslerror = SSL_get_error(ssl, res);
> 			if (sslerror == SSL_ERROR_WANT_READ) {
> 				isexp = is_expired(exptime);
> 				if (isexp == 1) {
> 					if (isDiag) {
> 						SerialWriteTestLine_int_Time("ConnectSSL [SSL_connect(ssl)] failed Timeout", timeout, diag);
> 					}
> 					strcpy(error, "SSL connect error");
> 					return 0;
> 				}
> 				continue;
> 			}
> 
> So, do you have any idea to get more information inside the SSL_connect?

If its actually crashing then we need to see a backtrace and a wireshark
packet capture.

> Should I re-compile and re-install OpenSSL lib?
> I tried to configure OpenSSL with option '-d' to enable the debug feature, while I got compilation error.
> 

You should not get a compilation error. Please post the steps you took
to compile the library and the compilation error you received.


Matt

More information about the openssl-dev mailing list