Re: [Mod_nss-list] NSSSessionTickets causes some segfault in error log

Rob Crittenden Wed, 02 Mar 2016 08:32:39 -0800

Oliver Graute wrote:
>>
>> Just an educated guess but looks like it is failing in a call to
>> ssl3_GetSessionTicketKeysPKCS11() which calls:
>>
>>     if (PR_CallOnceWithArg(&generate_session_keys_once,
>>             ssl3_GenerateSessionTicketKeysPKCS11, ss) != PR_SUCCESS)
>>         return SECFailure;
>>
>> Unfortunately the symbols are still missing from your build so its hard
>> to know why.
> 
> Hello,
> 
> after I disabled the stripping in my Yocto Environment I got finaly some
> debug symbols in my gdb on the target.
>  
> according to the gdb output (see below) the SegFault is located in:
> 
> nss/lib/ssl/ssl3ext.c:166
> 
> static PRStatus
> ssl3_GenerateSessionTicketKeysPKCS11(void *data)
>  {
>      SECStatus rv;
>      sslSocket *ss = (sslSocket *)data;
>      SECKEYPrivateKey *svrPrivKey = ss->serverCerts[kt_rsa].SERVERKEY;
>      SECKEYPublicKey *svrPubKey = 
> ss->serverCerts[kt_rsa].serverKeyPair->pubKey;
> 
> 
> it looks for me that the access to the array goes wrong here (kt_rsa)
> I wonder why he tries to access a rsa cert here, instead of some ECC certs.
> 
> Should I file a bug for this? if yes where is the right place?
> 
> Probably a fix for me is to replace kt_rsa with kt_ecdh here. I'll try
> it tomorrow.


Yes, I'd suggest you file a bug on it. The NSS bug tracker is at
https://bugzilla.mozilla.org/

rob

> 
> Best regards,
> 
> Oliver
> 
> 
> gdb httpd
> GNU gdb (GDB) 7.9.1
> Copyright (C) 2015 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
> and "show warranty" for details.
> This GDB was configured as "arm-poky-linux-gnueabi".
> Type "show configuration" for configuration details.
> For bug reporting instructions, please see:
> <http://www.gnu.org/software/gdb/bugs/>.
> Find the GDB manual and other documentation resources online at:
> <http://www.gnu.org/software/gdb/documentation/>.
> For help, type "help".
> Type "apropos word" to search for commands related to "word"...
> Reading symbols from httpd...done.
> (gdb) run -X -e debug -k start
> Starting program: /usr/sbin/httpd -X -e debug -k start
> [Thread debugging using libthread_db enabled]
> Using host libthread_db library "/lib/libthread_db.so.1".
> [Wed Mar 02 14:44:57.512652 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module authn_file_module from 
> /usr/lib/apache2/modules/mod_authn_file.so
> [Wed Mar 02 14:44:57.568812 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module authn_core_module from 
> /usr/lib/apache2/modules/mod_authn_core.so
> [Wed Mar 02 14:44:57.624501 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module authz_host_module from 
> /usr/lib/apache2/modules/mod_authz_host.so
> [Wed Mar 02 14:44:57.685207 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module authz_groupfile_module from 
> /usr/lib/apache2/modules/mod_authz_groupfile.so
> [Wed Mar 02 14:44:57.742440 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module authz_user_module from 
> /usr/lib/apache2/modules/mod_authz_user.so
> [Wed Mar 02 14:44:57.807374 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module authz_core_module from 
> /usr/lib/apache2/modules/mod_authz_core.so
> [Wed Mar 02 14:44:57.868316 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module access_compat_module from 
> /usr/lib/apache2/modules/mod_access_compat.so
> [Wed Mar 02 14:44:57.932376 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module auth_basic_module from 
> /usr/lib/apache2/modules/mod_auth_basic.so
> [Wed Mar 02 14:44:58.000811 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module socache_shmcb_module from 
> /usr/lib/apache2/modules/mod_socache_shmcb.so
> [Wed Mar 02 14:44:58.069304 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module reqtimeout_module from 
> /usr/lib/apache2/modules/mod_reqtimeout.so
> [Wed Mar 02 14:44:58.138680 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module filter_module from 
> /usr/lib/apache2/modules/mod_filter.so
> [Wed Mar 02 14:44:58.247928 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module deflate_module from 
> /usr/lib/apache2/modules/mod_deflate.so
> [Wed Mar 02 14:44:58.322509 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module mime_module from /usr/lib/apache2/modules/mod_mime.so
> [Wed Mar 02 14:44:58.408413 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module log_config_module from 
> /usr/lib/apache2/modules/mod_log_config.so
> [Wed Mar 02 14:44:58.481900 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module env_module from /usr/lib/apache2/modules/mod_env.so
> [Wed Mar 02 14:44:58.564765 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module headers_module from 
> /usr/lib/apache2/modules/mod_headers.so
> [Wed Mar 02 14:44:58.643176 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module setenvif_module from 
> /usr/lib/apache2/modules/mod_setenvif.so
> [Wed Mar 02 14:44:58.723306 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module version_module from 
> /usr/lib/apache2/modules/mod_version.so
> [Wed Mar 02 14:45:00.884109 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module nss_module from /usr/lib/apache2/modules/libmodnss.so
> [Wed Mar 02 14:45:00.987275 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module mpm_prefork_module from 
> /usr/lib/apache2/modules/mod_mpm_prefork.so
> [Wed Mar 02 14:45:01.079230 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module unixd_module from /usr/lib/apache2/modules/mod_unixd.so
> [Wed Mar 02 14:45:01.177941 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module status_module from 
> /usr/lib/apache2/modules/mod_status.so
> [Wed Mar 02 14:45:01.281979 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module autoindex_module from 
> /usr/lib/apache2/modules/mod_autoindex.so
> [Wed Mar 02 14:45:01.378092 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module dir_module from /usr/lib/apache2/modules/mod_dir.so
> [Wed Mar 02 14:45:01.476646 2016] [so:debug] [pid 460] mod_so.c(266): 
> AH01575: loaded module alias_module from /usr/lib/apache2/modules/mod_alias.so
> [ 2985.141330] TCP: request_sock_TCP: Possible SYN flooding on port 443. 
> Dropping request.  Check SNMP counters.
> 
> Program received signal SIGSEGV, Segmentation fault.
> ssl3_GenerateSessionTicketKeysPKCS11 (data=0x17b040) at ssl3ext.c:166
> 166     ssl3ext.c: No such file or directory.
> 
> (gdb) backtrace
> #0  ssl3_GenerateSessionTicketKeysPKCS11 (data=0x17b040) at ssl3ext.c:166
> #1  0x769ac830 in PR_CallOnceWithArg (
>     once=0x76b5e04c <generate_session_keys_once>,
>     func=0x76b366d0 <ssl3_GenerateSessionTicketKeysPKCS11>,
>     arg=arg@entry=0x17b040)
>     at 
> /home/graute/5411_IBIS/yocto/build-imx6ulevk/tmp/work/cortexa7hf-vfp-neon-poky-linux-gnueabi/nspr/4.10.8-r1/nspr-4.10.8/nspr/pr/src/misc/prinit.c:804
> #2  0x76b359ac in ssl3_GetSessionTicketKeysPKCS11 (ss=ss@entry=0x17b040,
>     aes_key=0x7effea44, aes_key@entry=0x7effea3c, mac_key=0x7effea48,
>     mac_key@entry=0x7effea40) at ssl3ext.c:197
> #3  0x76b37980 in ssl3_SendNewSessionTicket (ss=ss@entry=0x17b040)
>     at ssl3ext.c:1132
> #4  0x76b2d5bc in ssl3_HandleFinished (hashes=<optimized out>,
>     length=<optimized out>,
>     b=0x18284c 
> ")|\217\266\373f\216\206vq?\r\004\254\250\254\301\344\373\037\261}*d\252\027\022\005\035\202\240\340\065v\214\225M\036^p\002!",
>  ss=0x17b040)
>     at ssl3con.c:11293
> #5  ssl3_HandleHandshakeMessage (ss=ss@entry=0x17b040,
>     b=0x18284c 
> ")|\217\266\373f\216\206vq?\r\004\254\250\254\301\344\373\037\261}*d\252\027\022\005\035\202\240\340\065v\214\225M\036^p\002!",
>     length=<optimized out>) at ssl3con.c:11649
> #6  0x76b2f914 in ssl3_HandleHandshake (origBuf=0xd, ss=0x17b040)
>     at ssl3con.c:11723
> ---Type <return> to continue, or q <return> to quit---
> #7  ssl3_HandleRecord (ss=ss@entry=0x17b040, cText=cText@entry=0x7efff7ec,
>     databuf=0xd, databuf@entry=0x17b2c0) at ssl3con.c:12392
> #8  0x76b30be8 in ssl3_GatherCompleteHandshake (ss=0x17b040, flags=0)
>     at ssl3gthr.c:378
> #9  0x76b31764 in ssl_GatherRecord1stHandshake (ss=0x17b040) at sslcon.c:1213
> #10 0x76b39d28 in ssl_Do1stHandshake (ss=ss@entry=0x17b040) at sslsecur.c:109
> #11 0x76b3afc0 in ssl_SecureRecv (ss=0x17b040, buf=0x187088 "", len=8192,
>     flags=0) at sslsecur.c:1227
> #12 0x76b3ea50 in ssl_Read (fd=<optimized out>, buf=0x187088, len=8192)
>     at sslsock.c:2397
> #13 0x76b6c4e4 in nss_io_input_read (inctx=inctx@entry=0x187068,
>     buf=buf@entry=0x187088 "", len=len@entry=0x7efff8c4)
>     at 
> /home/graute/5411_IBIS/yocto/build-imx6ulevk/tmp/work/cortexa7hf-vfp-neon-poky-linux-gnueabi/modnss/1.0.12-r0/mod_nss-1.0.12/nss_engine_io.c:353
> #14 0x76b6d190 in nss_io_input_getline (len=0x7efff8b8, buf=0x187088 "",
>     inctx=0x187068)
>     at 
> /home/graute/5411_IBIS/yocto/build-imx6ulevk/tmp/work/cortexa7hf-vfp-neon-poky-linux-gnueabi/modnss/1.0.12-r0/mod_nss-1.0.12/nss_engine_io.c:460
> #15 nss_io_filter_input (f=0x189090, bb=0x18df58, mode=<optimized out>,
>     block=<optimized out>, readbytes=0)
>     at 
> /home/graute/5411_IBIS/yocto/build-imx6ulevk/tmp/work/cortexa7hf-vfp-neon-poky-linux-gnueabi/modnss/1.0.12-r0/mod_nss-1.0.12/nss_engine_io.c:790
> #16 0x0002d9a0 in ap_rgetline_core (s=s@entry=0x18d0d0, n=20, read=0x18d0b8,
> 
> _______________________________________________
> Mod_nss-list mailing list
> [email protected]
> https://www.redhat.com/mailman/listinfo/mod_nss-list
> 

_______________________________________________
Mod_nss-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/mod_nss-list

Re: [Mod_nss-list] NSSSessionTickets causes some segfault in error log

Reply via email to