[discuss] debugging openvpn issue

Alexander Pyhalov Mon, 18 Sep 2017 11:48:26 -0700

Hello.

I'm trying to debug openvpn test case, and I'm completely puzzled.


I've looked at it 10 time before noticed, but...
We have in code src/openvpn/crypto_openssl.c:

734 int
735 cipher_ctx_reset(EVP_CIPHER_CTX *ctx, uint8_t *iv_buf)
736 {
737     return EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv_buf, -1);
738 }

And test  openvpn-2.4.3/tests/t_lpback.sh fails with

 line 48: 21901: Memory fault(coredump)
-n Testing cipher AES-128-OFB...
OK
-n Testing cipher AES-192-CBC...
OK
-n Testing cipher AES-192-CFB...
OK
-n Testing cipher AES-192-CFB1...
OK
-n Testing cipher AES-192-CFB8...
OK
-n Testing cipher AES-192-GCM...
FAILED

If we look at core, we'll see

 mdb core
Loading modules: [ libc.so.1 ld.so.1 ]

$C

08046378 libcrypto.so.1.0.0`aesni_gcm_init_key+0x117(8141d28, 0,80463f0, 1)080463a8 libcrypto.so.1.0.0`EVP_CipherInit_ex+0x48f(8141d28, 0, 0, 0,80463f0, 1)

080463d8 cipher_ctx_reset+0x1c(8141d28, 80463f0, 4, 0)

08046448 openvpn_encrypt_aead+0x280(80464b0, 64c, 38, 4, 815f94c,8046d20)

08046488 openvpn_encrypt+0x56(80464b0, 64c, 38, 0, 815f94c, 8046d20)
08046528 test_crypto+0x43b(8046d20, 8046bc8, 8046558, 80aa22b)
08046558 test_crypto_thread+0xa2(8046574, 80f173b, 80f8800, feffb0a8)
08046f08 do_test_crypto+0x98(8046f24, 80f8780, 80f8800, 80a7f6a)
080478a8 openvpn_main+0x210(6, 8047908, feef5315, 80eca4f)
080478c8 main+0x20(80478bc, fef6e688, 80478fc, 8070273, 6, 8047908)
080478fc _start+0x83(6, 8047a3c, 8047a53, 8047a61, 8047a6a, 8047a74)


Wait... Yes,

080463a8 libcrypto.so.1.0.0`EVP_CipherInit_ex+0x48f(8141d28, 0, 0, 0,80463f0, 1)

cipher_ctx_reset+0x1c::dis

cipher_ctx_reset+1:             movl   %esp,%ebp
cipher_ctx_reset+3:             subl   $0x8,%esp
cipher_ctx_reset+6:             subl   $0x8,%esp

cipher_ctx_reset+9: pushl $-0x1 <0xffffffff><<<<<<<<<<<How does it become 1?

cipher_ctx_reset+0xb:           pushl  0xc(%ebp)
cipher_ctx_reset+0xe:           pushl  $0x0
cipher_ctx_reset+0x10:          pushl  $0x0
cipher_ctx_reset+0x12:          pushl  $0x0
cipher_ctx_reset+0x14:          pushl  0x8(%ebp)

cipher_ctx_reset+0x17: call -0xc0f4<PLT=libcrypto.so.1.0.0`EVP_CipherInit_ex>

cipher_ctx_reset+0x1c:          addl   $0x20,%esp
cipher_ctx_reset+0x1f:          leave
cipher_ctx_reset+0x20:          ret
cipher_ctx_update_ad:           pushl  %ebp
cipher_ctx_update_ad+1:         movl   %esp,%ebp
cipher_ctx_update_ad+3:         subl   $0x18,%esp
cipher_ctx_update_ad+6:         subl   $0xc,%esp
cipher_ctx_update_ad+9:         pushl  0x10(%ebp)
cipher_ctx_update_ad+0xc:       pushl  0xc(%ebp)
cipher_ctx_update_ad+0xf:       leal   -0xc(%ebp),%eax
cipher_ctx_update_ad+0x12:      pushl  %eax

Do I misread mdb output? But how does -1 become 1 ????

--
System Administrator of Southern Federal University Computer Center

------------------------------------------
illumos-discuss
Archives: 
https://illumos.topicbox.com/groups/discuss/discussions/T69d517897898ac7e-Mf826ce6873f1a76c07cc22dc
Powered by Topicbox: https://topicbox.com

[discuss] debugging openvpn issue

Reply via email to