[openssl-users] Segmentation fault ssl23_connect()

Sanjaya Joshi joshi.sanjaya at gmail.com
Sun Apr 16 19:17:26 UTC 2017


Hello,

I use openldap_2.3.39 to initiate secure LDAP connection (starttls) to
external LDAP server. The used openssl version is 1.0.2k.

While establishing the secure connection from client, i observe the
following segmentation fault occasionally (Not always reproducible).

Any pointers please ?

"
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Core was generated by `/opt/nsn/pac_bor_qx_e1/bin/border'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007fd6b8271bd9 in sk_value () from /usr/lib64/libcrypto.so.1.0.0
(gdb) bt
#0  0x00007fd6b8271bd9 in sk_value () from /usr/lib64/libcrypto.so.1.0.0
#1  0x00007fd6b3495516 in ssl23_connect () from /usr/lib64/libssl.so.1.0.0
#2  0x00007fd6b7d2d6cf in ldap_int_tls_connect (ld=0x7fd6880486d0,
conn=0x7fd68802d9e0) at tls.c:805
#3  0x00007fd6b7d2ece0 in ldap_int_tls_start (ld=0x7fd6880486d0,
conn=0x7fd68802d9e0, srv=0x0) at tls.c:1511
#4  0x00007fd6b7d2f6e9 in ldap_install_tls (ld=0x7fd6880486d0) at tls.c:1935
#5  0x00007fd6bb46c6c1 in open_connection_as
(ldap_host_address=0x7fd68805de90 "10.55.433.1", port=389, client_access=0,
    user_dn=0x7fd6880543c8
"uid=user1,ou=people,ou=accounts,dc=sasa,dc=test,dc=net",
    user_pwd=0x7fd6962d3c70 "saaadh45sks", ldap_handle=0x7fd6962d2838,
network_timeout=5000, request_id=0x7fd6962d144c,
    error_string=0x7fd6962d1440, isSecure=2, cacertFile=0x7fd688048bf8
"/etc/certs/cacert.pem",
    ciphers=0x7fd68805e138
"DHE-RSA-AES256-SHA:AES256-SHA:DHE-RSA-AES128-SHA:AES128-SHA",
reqCert=0x7fd6962d2558) at ../src/api.c:1048
#6  0x00007fd6bb46ca97 in open_secure_connection_starttls_request
(ldap_host_address=0x7fd68805de90 "10.55.433.1", port=389,
    client_access=0, user_dn=0x7fd6880543c8
"uid=user1,ou=people,ou=accounts,dc=sasa,dc=test,dc=net",
    user_pwd=0x7fd6962d3c70 "saaadh45sks", ldap_handle=0x7fd6962d2838,
network_timeout=5000, request_id=0x7fd6962d144c,
    error_string=0x7fd6962d1440, cacertFile=0x7fd688048bf8
"/etc/certs/cacert.pem",
    ciphers=0x7fd68805e138
"DHE-RSA-AES256-SHA:AES256-SHA:DHE-RSA-AES128-SHA:AES128-SHA",
reqCert=0x7fd6962d2558) at ../src/api.c:1258
#7  0x00007fd6b9c899c8 in tryConnectExtLdap (host=0x7fd68805de90
"10.55.433.1", port=389,
    binddn=0x7fd6962d3380
"uid=user1,ou=people,ou=accounts,dc=sasa,dc=test,dc=net",
pwd=0x7fd6962d3c70 "saaadh45sks",
    _extHandle=@0x7fd6962d2838: 0x7fd6880486d0, peopledn=0x7fd6880495b0
"ou=people,ou=accounts,dc=sasa,dc=test,dc=net", secureMode=0,
    cacertFile=..., ciphers=..., reqCert=5, timeout_ms=5000)
    at ../../src/acct.cpp:1694
#8  0x00007fd6b9c88df1 in validate_account (accountName=0x7fd6962d3380
"uid=user1,ou=people,ou=accounts,dc=sasa,dc=test,dc=net",
    accountPassword=0x7fd6962d3c70 "saaadh45sks") at ../../src/acct.cpp:1623
#9  0x0000000000479d3a in set_acc (userName=userName at entry=0x7fd6962d3870
"user1",
    password=password at entry=0x7fd6962d3c70 "saaadh45sks") at
../src/borfunc_cou.c:4066
#10 0x000000000045217b in _71571_2 (_T=0x42907000) at
../src/bor7qxqx.sdl:600
#11 0x000000000044fd45 in _s71571_ACTIVE (_T=<optimized out>) at
_Sborha7ACTIVE.c:33
#12 0x00007fd6b6ec8a65 in call_transition (msg=0x7fd6bc0d8948, process=96)
    at /home/core/threadmain.c:656
#13 call_transition_with_fatal_sig_catching (thread=<optimized out>,
thread at entry=0x25d7d90, process=process at entry=96,
    msg=msg at entry=0x7fd6bc0d8948) at /home/core/threadmain.c:669
#14 0x00007fd6b6ec9499 in execute_user_code (msg=0x7fd6bc0d8948,
process=96, thread=0x25d7d90)
    at /home/core/threadmain.c:687
#15 exec_main_loop (thread=0x25d7d90) at /home/core/threadmain.c:882
#16 thread_context_main (arg=<optimized out>) at /home/core/threadmain.c:592
#17 0x00007fd6b64f2f50 in ?? () from /lib64/libc.so.6
#18 0x0000000000000000 in ?? ()
(gdb)
"

Regards,
Sanjaya
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170417/6aeca6f8/attachment.html>


More information about the openssl-users mailing list