On Thu Nov 06 10:38:23 2014, [email protected] wrote: > HI all > > CentOS x86_64 release 6.6 (Final) > > OpenSSL> version > OpenSSL 1.0.1e-fips 11 Feb 2013 > > # rpm -qa | grep openssl > openssl-devel-1.0.1e-30.el6_6.2.x86_64 > openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64 > openssl-1.0.1e-30.el6_6.2.x86_64 > > > Please look to > https://issues.asterisk.org/jira/browse/ASTERISK-24472 > > Again bug in DTLS in OpenSSL?
Hmmm...tricky. The crashes you are seeing appear to occur in a number of different places rather than the same place everytime. This might suggest some kind of memory issues?? The valgrind output is showing some significant problems...some of which seem to be in OpenSSL and some of which seem to be in your application. You should focus on trying to resolve those. The OpenSSL issues seem to be largely (but not exclusively) occuring in the handling of session tickets. I've run some tests locally with session tickets using valgrind and s_server/s_client, and valgrind is not reporting any problems. Is it possible for you to use standard OpenSSL rather than rpms for further testing? Ideally you should use the latest standard 1.0.1 version, as there have been a number of DTLS related issues that have been fixed in recent months. Also can you rerun the valgrind tests having ensured that you configure OpenSSL with -DPURIFY. Without that defined you will get false positives reported from valgrind. The version that you are using is also quite difficult to track against the source because it (probably) has some distro specific patches so line numbers are not matching up. It would also be useful to run valgrind with --track-origins=yes Matt ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
