Hi,
in my process, I expecienced too many SSL_accept() crashed when processing
SSLv3 client request.
(gdb) info stack
#0 0xb76e3f7a in SSL_accept () from /lib/libssl.so.1.0.0
#1 0x00000000 in ?? ()
#2 0xb76e3f56 in SSL_accept () from /lib/libssl.so.1.0.0
#3 0xbfc2ff23 in ?? ()
#4 0x08049d57 in do_ssl_accept (client_cb=0x9f79790) at rhttpd.cc:823
$12 = {version = 768, type = 8192, method = 0x0, rbio = 0x9f799e0, wbio =
0x9f799e0, bbio = 0x0, rwstate = 1, in_handshake = 0, handshake_func =
0xb76d5d00 <ssl23_accept>, server = 1, new_session = 0, quiet_shutdown = 0,
shutdown = 0, state = 8720, rstate = 240,
init_buf = 0x9f79a28, init_msg = 0x0, init_num = 0, init_off = 0, packet =
0x9fa3e30 "\026\003", packet_length = 11, s2 = 0x0, s3 = 0x9f9e4a8, d1 = 0x0,
read_ahead = 0, msg_callback = 0, msg_callback_arg = 0x0, hit = 0, param =
0x9f78288, cipher_list = 0x0,
cipher_list_by_id = 0x0, mac_flags = 0, enc_read_ctx = 0x0, read_hash = 0x0,
expand = 0x0, enc_write_ctx = 0x0, write_hash = 0x0, compress = 0x0, cert =
0x9f79948, sid_ctx_length = 0, sid_ctx = '\0' <repeats 31 times>, session =
0x0, generate_session_id = 0,
verify_mode = 0, verify_callback = 0, info_callback = 0, error = 0,
error_code = 0, psk_client_callback = 0, psk_server_callback = 0, ctx =
0x9f77e60, debug = 0, verify_result = 0, ex_data = {sk = 0x0, dummy = 0},
client_CA = 0x0, references = 1,
options = 2147486719, mode = 0, max_cert_list = 102400, first_packet = 0,
client_version = 771, max_send_fragment = 16384, tlsext_debug_cb = 0,
tlsext_debug_arg = 0x0, tlsext_hostname = 0x0, servername_done = 0,
tlsext_status_type = -1, tlsext_status_expected = 0,
tlsext_ocsp_ids = 0x0, tlsext_ocsp_exts = 0x0, tlsext_ocsp_resp = 0x0,
tlsext_ocsp_resplen = -1, tlsext_ticket_expected = 0,
tlsext_ecpointformatlist_length = 0, tlsext_ecpointformatlist = 0x0,
tlsext_ellipticcurvelist_length = 0, tlsext_ellipticcurvelist = 0x0,
tlsext_opaque_prf_input = 0x0, tlsext_opaque_prf_input_len = 0,
tlsext_session_ticket = 0x0, tls_session_ticket_ext_cb = 0,
tls_session_ticket_ext_cb_arg = 0x0, tls_session_secret_cb = 0,
tls_session_secret_cb_arg = 0x0, initial_ctx = 0x9f77e60,
next_proto_negotiated = 0x0, next_proto_negotiated_len = 0 '\0',
srtp_profiles = 0x0, srtp_profile = 0x0, tlsext_heartbeat = 0,
tlsext_hb_pending = 0, tlsext_hb_seq = 153, renegotiate = 167221624, srp_ctx =
{SRP_cb_arg = 0x0, TLS_ext_srp_username_callback = 0,
SRP_verify_param_callback = 0, SRP_give_srp_client_pwd_callback = 0, login
= 0x0, N = 0x0, g = 0x0, s = 0x0, B = 0x0, A = 0x0, a = 0x0, b = 0x9f786d0, v =
0x9f7b2f8, info = 0xb76b52e8 "@", strength = 0, srp_Mask = 0}}
Somehow the method became 0x0 when processing SSLv3. for now all crashes
occured with SSLv3 client requests. We have to disable SSLv2 and SSLv3 support
in the process.
Could anyone help check what happened to make the "method" become 0x0 when
processing SSLv3?
Thanks,
Murphy.zhao
_______________________________________________
openssl-bugs-mod mailing list
[email protected]
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
