I just tried the openssl s_client command with the same CA certificate, and it
also dumped core.
I will be really glad if someone could tell me what might be going wrong here.
Following is the information about the system, gcc / make versions, tusc output
and the backtrace of the core file.
bash-2.05b$ uname -a
HP-UX ia64-bld B.11.23 U ia64 3226910008 unlimited-user license
bash-2.05b$ gcc -v
Reading specs from /usr/local/lib/gcc/ia64-hp-hpux11.23/3.4.3/specs
Configured with: /scratch/zack/pkgbuild/3.3.1/hpux-11/gcc-3.4.3/configure
--enable-languages=c,c++ --enable-threads=posix --with-gnu-as --without-gnu-ld
--with-as=/usr/local/bin/as --prefix=/usr/local
Thread model: posix
gcc version 3.4.3
bash-2.05b$ make -v
GNU Make 3.80
Copyright (C) 2002 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
bash-2.05b$ ./Configure hpux-ia64-gcc
bash-2.05b$ make
bash-2.05b$ ldd apps/openssl
libdl.so.1 => /usr/lib/hpux32/libdl.so.1
libc.so.1 => /usr/lib/hpux32/libc.so.1
libdl.so.1 => /usr/lib/hpux32/libdl.so.1
bash-2.05b$ file apps/openssl
apps/openssl: ELF-32 executable object file - IA64
bash-2.05b$ tusc ./apps/openssl s_client -ssl3 -connect swdev8:4000 -CAfile
/tmp/cacert.pem -debug
<snip>
open("/tmp/cacert.pem", O_RDONLY|0x800, 0666)
.................................................................. = 3
brk(0x40084000)
................................................................................................
= 0
ioctl(3, TCGETA, 0x7fffeca0)
...................................................................................
ERR#25 ENOTTY
read(3, "- - - - - B E G I N C E R T I ".., 8192)
............................................................ = 1184
brk(0x4008c000)
................................................................................................
= 0
brk(0x4008d000)
................................................................................................
= 0
brk(0x40091000)
................................................................................................
= 0
Received signal 11, SIGSEGV, in user mode, [SIG_DFL], partial siginfo
Siginfo: si_code: SEGV_ACCERR, faulting address: 0x8, si_errno: 0
PC: 00000001000000a0.0 break.m 0x16000
exit(11) [implicit]
............................................................................................
WIFSIGNALED(SIGSEGV)|WCOREDUMP
<snip>
Here is the backtrace of the core file:
bash-2.05b$ gdb apps/openssl
HP gdb 5.2.03 for HP Itanium (32 or 64 bit) and target HP-UX 11.2x.
Copyright 1986 - 2001 Free Software Foundation, Inc.
Hewlett-Packard Wildebeest 5.2.03 (based on GDB) is covered by the
GNU General Public License. Type "show copying" to see the conditions to
change it and/or distribute copies. Type "show warranty" for warranty/support.
..
(gdb) core-file core
Core was generated by `openssl'.
Program terminated with signal 11, Segmentation fault.
SEGV_ACCERR - Invalid Permissions for object
#0 0x41c3550:1 in BUF_MEM_grow+0x131 ()
(gdb) bt
#0 0x41c3550:1 in BUF_MEM_grow+0x131 ()
#1 0x4205a50:0 in x509_name_ex_d2i+0x290 ()
#2 0x42191b0:0 in ASN1_item_ex_d2i+0x980 ()
#3 0x42180f0:0 in asn1_template_noexp_d2i+0x580 ()
#4 0x42186a0:0 in asn1_template_ex_d2i+0x2e0 ()
#5 0x4218d00:0 in ASN1_item_ex_d2i+0x4d0 ()
#6 0x42180f0:0 in asn1_template_noexp_d2i+0x580 ()
#7 0x42186a0:0 in asn1_template_ex_d2i+0x2e0 ()
#8 0x4218d00:0 in ASN1_item_ex_d2i+0x4d0 ()
#9 0x4219be0:0 in ASN1_item_d2i+0x70 ()
#10 0x42066e0:0 in d2i_X509+0x40 ()
#11 0x4228480:0 in PEM_X509_INFO_read_bio+0x500 ()
#12 0x4246d50:0 in X509_load_cert_crl_file+0xc0 ()
#13 0x4247000:0 in by_file_ctrl+0xe0 ()
#14 0x42406d0:0 in X509_LOOKUP_ctrl+0xc0 ()
#15 0x42312a0:0 in X509_STORE_load_locations+0x90 ()
#16 0x4143e50:0 in SSL_CTX_load_verify_locations+0x40 ()
#17 0x40c8d00:0 in s_client_main+0x9a0 ()
#18 0x408c0e0:0 in do_cmd+0x130 ()
#19 0x408d620:0 in main+0xcf0 ()
----- Original Message -----
From: Urjit Gokhale (Gmail)
To: openssl-dev@openssl.org
Sent: Thursday, October 04, 2007 3:13 PM
Subject: SIGSEGV in SSL_CTX_load_verify_locations() on HP itanium ia64 (32
bit mode)
Hello everyone,
I have facing a SIGSEGV in SSL_CTX_load_verify_locations() on HP itanium
machine.
I am building two different applications and the openssl libraries in 32 bit.
The ssl libraries are statically linked with my applications.
When build in 64 bit mode, the applications works fine (openssl is also built
in 64 bit mode).
I wonder how the same source works with the same cacert.pem when build in 64
bit, and fails in 32 bit.
Are there any compiler flags I need to use while building openssl / my
applications in 32 bit?
Can I use any APIs that will give me more diagnostic information / errors ?
I build openssl in 32 bit mode with the following command:
$ ./Configure hpux-ia64-gcc
tusc output:
~~~~~~~~~~~~~~~~~~~~~~~~
Application 1:
<snip>
stat("prngseed.dat", 0x7fffb780)
...............................................................................
= 0
open("prngseed.dat", O_WRONLY|O_CREAT|O_TRUNC, 0666)
........................................................... ERR#13 EACCES
stat("prngseed.dat", 0x7fffb780)
...............................................................................
= 0
open("prngseed.dat", O_RDONLY, 0666)
...........................................................................
ERR#13 EACCES
brk(0x40080000)
................................................................................................
= 0
open("/tmp/cacert.pem", O_RDONLY|0x800, 0666)
.................................................................. = 6
ioctl(6, TCGETA, 0x7fffb5f0)
...................................................................................
ERR#25 ENOTTY
read(6, "- - - - - B E G I N C E R T I ".., 8192)
............................................................ = 1184
Received signal 11, SIGSEGV, in user mode, [SIG_DFL], partial siginfo
Siginfo: si_code: SEGV_ACCERR, faulting address: 0x8, si_errno: 0
PC: 00000001000000a0.0 break.m 0x16000
exit(11) [implicit]
............................................................................................
WIFSIGNALED(SIGSEGV)|WCOREDUMP
</snip>
Application 2:
<snip>
stat64("prngseed.dat", 0x7fffe360)
............................................................................. = 0
open("prngseed.dat", O_WRONLY|O_CREAT|O_TRUNC|0x800, 0666)
..................................................... ERR#13 EACCES
stat64("prngseed.dat", 0x7fffe360)
............................................................................. = 0
open("prngseed.dat", O_RDONLY|0x800, 0666)
..................................................................... ERR#13
EACCES
open("/tmp/cacert.pem", O_RDONLY|0x800, 0666)
.................................................................. = 6
ioctl(6, TCGETA, 0x7fffe1d0)
...................................................................................
ERR#25 ENOTTY
read(6, "- - - - - B E G I N C E R T I ".., 8192)
............................................................ = 1184
brk(0x400e0000)
................................................................................................
= 0
Received signal 11, SIGSEGV, in user mode, [caught], partial siginfo
Siginfo: si_code: SEGV_ACCERR, faulting address: 0x8, si_errno: 0
PC: 00000001000000a0.0 break.m 0x16000
getpid()
.......................................................................................................
= 21617 (21616)
(write(2, "( ", 1)
..............................................................................................
= 1
21617write(2, "2 1 6 1 7 ", 5)
......................................................................................
= 5
) write(2, ") ", 2)
............................................................................................
= 2
SIGSEGV/11 (segmentation violation)write(2, "S I G S E G V / 1 1 ( s e g m
".., 35) ............................................................. = 35
received, exiting.write(2, " r e c e i v e d , e x i t i ".., 19)
............................................................. = 19
write(2, "\n", 1)
..............................................................................................
= 1
</snip>
I will really appriciate any help I could get.
Thank you,
~ Urjit
