[openssl-dev] [openssl.org #4566] Re: Fatal error: Command failed for target `link_shlib.solaris'
closing as requested by OP -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4566 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4566] Re: Fatal error: Command failed for target `link_shlib.solaris'
Close. It looks like it was cleared with Commit 5ec84dd75f7965942a55ef5382aa34b8417336c5. On Mon, Jun 13, 2016 at 4:12 PM, Jeffrey Waltonwrote: > Just pulled latest source (Camellia changes): > > $ git rev-parse HEAD > 96d06c213d5a2c1af42dd3b5d7bcc4a65df90738 > > Config OK, Make fails at. Verified twice: > > SHOBJECTS="./libcrypto.a "; ( :;LIBDEPS="${LIBDEPS:--lresolv > -lsocket -lnsl -ldl}"; SHAREDCMD="${SHAREDCMD:-gcc}"; > SHAREDFLAGS="${SHAREDFLAGS:--DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG > -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC > -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 > -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM > -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM > -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" > -DENGINESDIR="\"/usr/local/lib/engines\"" -m64 -Wall -DL_ENDIAN -O3 > -pthread -DFILIO_H -Wa,--noexecstack -fPIC -m64 -shared > -static-libgcc}"; LIBPATH=`for x in $LIBDEPS; do echo $x; done | sed > -e 's/^ *-L//;t' -e d | uniq`; LIBPATH=`echo $LIBPATH | sed -e 's/ > /:/g'`; echo LD_LIBRARY_PATH=$LIBPATH:$LD_LIBRARY_PATH ${SHAREDCMD} > ${SHAREDFLAGS} -o ./$SHLIB$SHLIB_SOVER$SHLIB_SUFFIX $ALLSYMSFLAGS > $SHOBJECTS $NOALLSYMSFLAGS $LIBDEPS; > LD_LIBRARY_PATH=$LIBPATH:$LD_LIBRARY_PATH ${SHAREDCMD} ${SHAREDFLAGS} > -o ./$SHLIB$SHLIB_SOVER$SHLIB_SUFFIX $ALLSYMSFLAGS $SHOBJECTS > $NOALLSYMSFLAGS $LIBDEPS ) && if [ -n "$INHIBIT_SYMLINKS" ]; then :; > else prev=$SHLIB$SHLIB_SOVER$SHLIB_SUFFIX; if [ -n "$SHLIB_COMPAT" > ]; then for x in $SHLIB_COMPAT; do ( :; rm -f > ./$SHLIB$x$SHLIB_SUFFIX; ln -s $prev ./$SHLIB$x$SHLIB_SUFFIX ); > prev=$SHLIB$x$SHLIB_SUFFIX; done; fi; if [ -n "$SHLIB_SOVER" ]; > then ( :; rm -f ./$SHLIB$SHLIB_SUFFIX; ln -s $prev > ./$SHLIB$SHLIB_SUFFIX ); fi; fi > make: Fatal error: Command failed for target `link_shlib.solaris' > Current working directory /export/home/jwalton/openssl > *** Error code 1 > make: Fatal error: Command failed for target `libcrypto.so' > > ** > > $ ./config > Operating system: i86pc-whatever-solaris2 > Configuring for solaris64-x86_64-gcc > Configuring OpenSSL version 1.1.0-pre6-dev (0x0x1016L) > no-asan [default] OPENSSL_NO_ASAN (skip dir) > no-crypto-mdebug [default] OPENSSL_NO_CRYPTO_MDEBUG (skip dir) > no-crypto-mdebug-backtrace [default] > OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE (skip dir) > no-ec_nistp_64_gcc_128 [default] OPENSSL_NO_EC_NISTP_64_GCC_128 (skip > dir) > no-egd [default] OPENSSL_NO_EGD (skip dir) > no-fuzz-afl [default] OPENSSL_NO_FUZZ_AFL (skip dir) > no-fuzz-libfuzzer [default] OPENSSL_NO_FUZZ_LIBFUZZER (skip dir) > no-heartbeats [default] OPENSSL_NO_HEARTBEATS (skip dir) > no-md2 [default] OPENSSL_NO_MD2 (skip dir) > no-rc5 [default] OPENSSL_NO_RC5 (skip dir) > no-sctp [default] OPENSSL_NO_SCTP (skip dir) > no-ssl-trace[default] OPENSSL_NO_SSL_TRACE (skip dir) > no-ssl3 [default] OPENSSL_NO_SSL3 (skip dir) > no-ssl3-method [default] OPENSSL_NO_SSL3_METHOD (skip dir) > no-ubsan[default] OPENSSL_NO_UBSAN (skip dir) > no-unit-test[default] OPENSSL_NO_UNIT_TEST (skip dir) > no-weak-ssl-ciphers [default] OPENSSL_NO_WEAK_SSL_CIPHERS (skip dir) > no-zlib [default] > no-zlib-dynamic [default] > Configuring for solaris64-x86_64-gcc > CC=gcc > CFLAG =-m64 -Wall -DL_ENDIAN -O3 -pthread -DFILIO_H -Wa,--noexecstack > SHARED_CFLAG =-fPIC > DEFINES =DSO_DLFCN HAVE_DLFCN_H NDEBUG OPENSSL_THREADS > OPENSSL_NO_STATIC_ENGINE OPENSSL_PIC OPENSSL_IA32_SSE2 > OPENSSL_BN_ASM_MONT OPENSSL_BN_ASM_MONT5 OPENSSL_BN_ASM_GF2m SHA1_ASM > SHA256_ASM SHA512_ASM MD5_ASM AES_ASM VPAES_ASM BSAES_ASM GHASH_ASM > ECP_NISTZ256_ASM POLY1305_ASM > LFLAG = > PLIB_LFLAG= > EX_LIBS =-lresolv -lsocket -lnsl -ldl > APPS_OBJ = > CPUID_OBJ =x86_64cpuid.o > UPLINK_OBJ= > BN_ASM=asm/x86_64-gcc.o x86_64-mont.o x86_64-mont5.o > x86_64-gf2m.o rsaz_exp.o rsaz-x86_64.o rsaz-avx2.o > EC_ASM=ecp_nistz256.o ecp_nistz256-x86_64.o > DES_ENC =des_enc.o fcrypt_b.o > AES_ENC =aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o > aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o > aesni-mb-x86_64.o > BF_ENC=bf_enc.o > CAST_ENC =c_enc.o > RC4_ENC =rc4-x86_64.o rc4-md5-x86_64.o > RC5_ENC =rc5_enc.o > MD5_OBJ_ASM =md5-x86_64.o > SHA1_OBJ_ASM =sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o > sha1-mb-x86_64.o sha256-mb-x86_64.o > RMD160_OBJ_ASM= > CMLL_ENC =cmll-x86_64.o cmll_misc.o > MODES_OBJ =ghash-x86_64.o aesni-gcm-x86_64.o > PADLOCK_OBJ =e_padlock-x86_64.o > CHACHA_ENC=chacha-x86_64.o > POLY1305_OBJ =poly1305-x86_64.o > BLAKE2_OBJ= > PROCESSOR = > RANLIB=ranlib > ARFLAGS = > PERL =/usr/local/bin/perl > > SIXTY_FOUR_BIT_LONG
[openssl-dev] [openssl.org #3454] remove OPENSSL_SYS_WIN constraint for EC_GFp_nistp224_method()
fixed in master with commit b4b576d thanks! -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3454 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl.org #4558] Performance issue with DTLS packet reassembly
No, I didn't create an exploit. If the number of packets is limited to something that small, there won't be an issue. It still seems like pqueue out to be excised from the source base and replace with something simpler. Regards, Pauli -- Oracle Dr Paul Dale | Cryptographer | Network Security & Encryption Phone +61 7 3031 7217 Oracle Australia -Original Message- From: David Benjamin via RT [mailto:r...@openssl.org] Sent: Tuesday, 14 June 2016 2:16 AM To: Paul DaleCc: openssl-dev@openssl.org Subject: Re: [openssl-dev] [openssl.org #4558] Performance issue with DTLS packet reassembly On Mon, Jun 13, 2016 at 4:04 AM Matt Caswell via RT wrote: > On Thu Jun 02 23:24:44 2016, paul.d...@oracle.com wrote: > > The DTLS packet reassembly code has a performance problem that could > > result in a DoS attack being possible. > > > > > > > > The DTLS packet reassembly uses the data structure defined in > > ssl/pqueue.c for the purpose (it is the only user of this data > > structure that I can find). This source file implements a priority > > queue using a singly linked list. This means O(n^2) worst case > > complexity, where n is the number of fragments. A better, and in > > fact optimal, solution would be to use a heap for the purpose giving > > O(n log n) worst case complexity. Doing this would prevent a > > potential DoS attack. > > > > > > > > The attack would consist of fragmenting the DTLS stream into as many > > small packets as possible and sending them in sequential order. Each > > fragment will require a complete traversal of the list to be added. > > Continue sending these as long as the DoS is wanted. For reference, > > changing the list search method or ordering won't prevent such an > > attack, it just means a different packet ordering is required. > > > > > > > > Tim Hudson suggested I submit this even though I haven't been able > > to find time to craft a patch. > Were you able to reproduce this performance problem? Note that N is at most 10 here. Assuming the DTLS packet reassembly code manages its queue correctly (It's rather buggy, but I forget if this was one of its problems. I eventually gave up trying to digest it and rewrote it from scratch on our end.), this check will ensure the queue size is tightly bounded: https://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=ssl/statem/statem_dtls.c;h=d75483af6d40ad4c6ed9137eba8a7382a3b0ef0a;hb=HEAD#l634 It could probably be brought down a hair further too. There's no need to buffer more than the maximum number of messages in a supported handshake flight. (pqueue is still a silly data structure to be using here. A fixed-size ring buffer would be better. Or just a boring array since memmove on 10 pointers is cheap. But it's not hugely important.) David -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4558 Please log in as guest with password guest if prompted -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4558 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #3772] Bug: Only ActivePerl could be used to build on Windows
Apologies for the delay before responding. I believe we have fixed that by replacing 'chomp' with 's|\R$||' in the master branch. It this is still an issue, please open a new ticket. Cheers, Richard On Mon Mar 30 07:51:29 2015, esado...@eniks.com wrote: > It is well known issue with build on Windows: It requires ActivePerl > to > correctly create configuration. > Every other Perl implementation fails to execute correctly. The reason > it > fails outlined in this report: > https://github.com/openssl/openssl/issues/174 > Although it is stated that only cloned code exhibits this behavior I > believe > it also happens when Git or Strawberry Perl is being used for build of > official releases. > > As suggested in the comments adding $/= "\r\n"; line to Perl script > fixes this > issue for every other Perl implementation. > I've successfully built openssl with Perl distributed with Git as well > as > Strawberry Perl. -- Richard Levitte levi...@openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3772 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #3922] Bug: EVP_get_digestbynid() does not support ECDSA
Ah, the endless confusion of cipher vs signature NID's :) closing ticket. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3922 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #2337] [PATCH] Openssl asm BN/AES/SHA1 acceleration for SH4 and MIPS32
We don't have SH hardware, and the MIPS code is already more improved. Sorry we took so long to get to this. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=2337 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl.org #3699] openssl-1.0.2, fips sparc multiply defined _sparcv9_vis1_instrument_bus, _sparcv9_vis1_instrument_bus2
This works. Code compiles fine now, using openssl-1.0.2h.tar.gz and openssl-fips-ecp-2.0.10.tar.gz, and all FIPS self-tests complete with 0 errors. -Original Message- From: Andy Polyakov via RT [mailto:r...@openssl.org] Sent: Wednesday, February 03, 2016 5:46 AM To: Stuart KempCc: openssl-dev@openssl.org Subject: Re: [openssl-dev] [openssl.org #3699] openssl-1.0.2, fips sparc multiply defined _sparcv9_vis1_instrument_bus, _sparcv9_vis1_instrument_bus2 >> Sorry, we can't touch the FIPS code any more without sponsorship. > > Though if this is still a problem a workaround is to rename the symbols on the > OpenSSL side outside the FIPS code. Another possibility is to add .weak directives to sparccpuid.S so that linker can tolerate multiple symbols. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3699 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4565] Fatal error: Command failed for target `link_shlib.solaris'
Just pulled latest source (Camellia changes): $ git rev-parse HEAD 96d06c213d5a2c1af42dd3b5d7bcc4a65df90738 Config OK, Make fails at. Verified twice: SHOBJECTS="./libcrypto.a "; ( :;LIBDEPS="${LIBDEPS:--lresolv -lsocket -lnsl -ldl}"; SHAREDCMD="${SHAREDCMD:-gcc}"; SHAREDFLAGS="${SHAREDFLAGS:--DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines\"" -m64 -Wall -DL_ENDIAN -O3 -pthread -DFILIO_H -Wa,--noexecstack -fPIC -m64 -shared -static-libgcc}"; LIBPATH=`for x in $LIBDEPS; do echo $x; done | sed -e 's/^ *-L//;t' -e d | uniq`; LIBPATH=`echo $LIBPATH | sed -e 's/ /:/g'`; echo LD_LIBRARY_PATH=$LIBPATH:$LD_LIBRARY_PATH ${SHAREDCMD} ${SHAREDFLAGS} -o ./$SHLIB$SHLIB_SOVER$SHLIB_SUFFIX $ALLSYMSFLAGS $SHOBJECTS $NOALLSYMSFLAGS $LIBDEPS; LD_LIBRARY_PATH=$LIBPATH:$LD_LIBRARY_PATH ${SHAREDCMD} ${SHAREDFLAGS} -o ./$SHLIB$SHLIB_SOVER$SHLIB_SUFFIX $ALLSYMSFLAGS $SHOBJECTS $NOALLSYMSFLAGS $LIBDEPS ) && if [ -n "$INHIBIT_SYMLINKS" ]; then :; else prev=$SHLIB$SHLIB_SOVER$SHLIB_SUFFIX; if [ -n "$SHLIB_COMPAT" ]; then for x in $SHLIB_COMPAT; do ( :; rm -f ./$SHLIB$x$SHLIB_SUFFIX; ln -s $prev ./$SHLIB$x$SHLIB_SUFFIX ); prev=$SHLIB$x$SHLIB_SUFFIX; done; fi; if [ -n "$SHLIB_SOVER" ]; then ( :; rm -f ./$SHLIB$SHLIB_SUFFIX; ln -s $prev ./$SHLIB$SHLIB_SUFFIX ); fi; fi make: Fatal error: Command failed for target `link_shlib.solaris' Current working directory /export/home/jwalton/openssl *** Error code 1 make: Fatal error: Command failed for target `libcrypto.so' ** $ ./config Operating system: i86pc-whatever-solaris2 Configuring for solaris64-x86_64-gcc Configuring OpenSSL version 1.1.0-pre6-dev (0x0x1016L) no-asan [default] OPENSSL_NO_ASAN (skip dir) no-crypto-mdebug [default] OPENSSL_NO_CRYPTO_MDEBUG (skip dir) no-crypto-mdebug-backtrace [default] OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE (skip dir) no-ec_nistp_64_gcc_128 [default] OPENSSL_NO_EC_NISTP_64_GCC_128 (skip dir) no-egd [default] OPENSSL_NO_EGD (skip dir) no-fuzz-afl [default] OPENSSL_NO_FUZZ_AFL (skip dir) no-fuzz-libfuzzer [default] OPENSSL_NO_FUZZ_LIBFUZZER (skip dir) no-heartbeats [default] OPENSSL_NO_HEARTBEATS (skip dir) no-md2 [default] OPENSSL_NO_MD2 (skip dir) no-rc5 [default] OPENSSL_NO_RC5 (skip dir) no-sctp [default] OPENSSL_NO_SCTP (skip dir) no-ssl-trace[default] OPENSSL_NO_SSL_TRACE (skip dir) no-ssl3 [default] OPENSSL_NO_SSL3 (skip dir) no-ssl3-method [default] OPENSSL_NO_SSL3_METHOD (skip dir) no-ubsan[default] OPENSSL_NO_UBSAN (skip dir) no-unit-test[default] OPENSSL_NO_UNIT_TEST (skip dir) no-weak-ssl-ciphers [default] OPENSSL_NO_WEAK_SSL_CIPHERS (skip dir) no-zlib [default] no-zlib-dynamic [default] Configuring for solaris64-x86_64-gcc CC=gcc CFLAG =-m64 -Wall -DL_ENDIAN -O3 -pthread -DFILIO_H -Wa,--noexecstack SHARED_CFLAG =-fPIC DEFINES =DSO_DLFCN HAVE_DLFCN_H NDEBUG OPENSSL_THREADS OPENSSL_NO_STATIC_ENGINE OPENSSL_PIC OPENSSL_IA32_SSE2 OPENSSL_BN_ASM_MONT OPENSSL_BN_ASM_MONT5 OPENSSL_BN_ASM_GF2m SHA1_ASM SHA256_ASM SHA512_ASM MD5_ASM AES_ASM VPAES_ASM BSAES_ASM GHASH_ASM ECP_NISTZ256_ASM POLY1305_ASM LFLAG = PLIB_LFLAG= EX_LIBS =-lresolv -lsocket -lnsl -ldl APPS_OBJ = CPUID_OBJ =x86_64cpuid.o UPLINK_OBJ= BN_ASM=asm/x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o rsaz_exp.o rsaz-x86_64.o rsaz-avx2.o EC_ASM=ecp_nistz256.o ecp_nistz256-x86_64.o DES_ENC =des_enc.o fcrypt_b.o AES_ENC =aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o BF_ENC=bf_enc.o CAST_ENC =c_enc.o RC4_ENC =rc4-x86_64.o rc4-md5-x86_64.o RC5_ENC =rc5_enc.o MD5_OBJ_ASM =md5-x86_64.o SHA1_OBJ_ASM =sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o sha1-mb-x86_64.o sha256-mb-x86_64.o RMD160_OBJ_ASM= CMLL_ENC =cmll-x86_64.o cmll_misc.o MODES_OBJ =ghash-x86_64.o aesni-gcm-x86_64.o PADLOCK_OBJ =e_padlock-x86_64.o CHACHA_ENC=chacha-x86_64.o POLY1305_OBJ =poly1305-x86_64.o BLAKE2_OBJ= PROCESSOR = RANLIB=ranlib ARFLAGS = PERL =/usr/local/bin/perl SIXTY_FOUR_BIT_LONG mode Configured for solaris64-x86_64-gcc. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4565 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl.org #4434] Gentoo 13, x86_64: 4 failed self tests
On Mon, Jun 13, 2016 at 12:32 PM, Matt Caswell via RTwrote: > On Wed Jun 01 22:20:38 2016, matt wrote: >> Hi Jeff >> >> Please could you try the attached patch? > > > Jeff confirmed to me that the patch solved the problem. Pushed as commit > 25b9d11c0. Confirmed. Its a good, clean patch. It detects the [odd] condition and and acts appropriately. In my mind's eye, that's a successful self test. I think the project should keep it as a PASS. Jeff -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4434 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #2969] bug/enchancement request
sorry to take so long to look at this. believe fixed in 1.1. open a new ticket if not. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=2969 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #2969] bug/enchancement request
sorry to take so long to look at this. believe fixed in 1.1. open a new ticket if not. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=2969 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4564] BUG: Deadlock in OpenSSL with OpenSSL 1.0.1j and later (including 1.0.2h) with multiple long lived connections
Since moving to the OpenSSL 1.0.1+ series, we've been experiencing sporadic deadlocks in OpenLDAP inside of OpenSSL. I'm not sure exactly when the problem was introduced, but we never encountered it with the 1.0.0 series, and 1.0.1j was what we moved to when we switched to the 1.0.1 series. To reproduce the problem: a) Deploy OpenLDAP with 3-node Multi-master or greater using persistent connections. StartTLS should be used as a part of the replication agreement configuration. The issue only occurs if there are 2+ replication agreements per master node, thus the requirements for 3-node multimaster or greater. b) Let time pass. Eventually, slapd will grind to a complete halt. Alternatively, after some period of time, shut down slapd, and it will lock up in OpenSSL. netstat does not show any sockets with queued data waiting. Unfortuantely, I can't give greater detail than this because I'm not sure how to check if we've entered the error state or not. However, given enough time, the problem is 100% producible (I.e., if I leave OpenLDAP running long enough). Again, this never occurs in a 2-node MMR setup, where there is only a single long-lived replication agreement. A backtrace of slapd that's locked up during shutdown shows that multiple threads are waiting to read bytes that it believes it never received. This this backtrace, for example, thread 4 is waiting for other threads to finish so it can complete the shutdown of slapd. Threads 2 & 3 are both waiting to read bytes on the socket: Thread 4 (Thread 0x7f146ac9d700 (LWP 16805)): #0 pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185 No locals. #1 0x7f3c70fe8171 in ldap_pvt_thread_cond_wait (cond=0x1fa0038, mutex=0x1fa0010) at thr_posix.c:277 No locals. #2 0x7f3c70fe63c2 in ldap_pvt_thread_pool_destroy (tpool=0x7618c0 , run_pending=1) at tpool.c:817 pool = 0x1f763c0 pptr = 0x1f763c0 pq = 0x1fa task = 0x7f3c716a61c8 i = 0 #3 0x00438967 in slapd_daemon_task (ptr=0x1d7bce8) at daemon.c:2829 l = 3 last_idle_check = 1464372736 ebadf = 0 tid = 0 #4 0x7f3c70552184 in start_thread (arg=0x7f146ac9d700) at pthread_create.c:312 __res = pd = 0x7f146ac9d700 now = unwind_buf = {cancel_jmp_buf = {{jmp_buf = {139725667686144, -1093867468031317215, 0, 0, 139725667686848, 139725667686144, 1078920827726146337, 1056426161274956577}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = pagesize_m1 = sp = freesize = __PRETTY_FUNCTION__ = "start_thread" #5 0x7f3c7027f37d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111 No locals. Thread 3 (Thread 0x7f1468498700 (LWP 16810)): #0 0x7f3c705593ad in read () at ../sysdeps/unix/syscall-template.S:81 No locals. #1 0x7f3c70dd2435 in sb_stream_read (sbiod=0x5d36630, buf=0x5a3c057, len=433) at sockbuf.c:490D0D __PRETTY_FUNCTION__ = "sb_stream_read" #2 0x7f3c70dd2e56 in sb_debug_read (sbiod=0x5d36d20, buf=0x5a3c057, len=433) at sockbuf.c:829 ret = 79 ebuf = "PjIh\024\177\000\000\017\000\000\000\000\000\000\000`\016\000\000\000\000\000\000'\000\000\000\000\000\000\000\250\062H\004\000\000\000\000'\000\000\000\000\000\000\000\240\361H\004\000\000\000\000P\026u\016\000\000\000\000\000\001\000\000\000\000\000\000\001\350#p<\177\000\000\000\000\000\000\000\000\000\0006364\037\000\000\000\000\000\000\006\000\000\000\000\000\000\000hxIh\t\000\000\000\300lIh\024\177\000\000\220jIh\024\177\000" #3 0x7f3c7101ebd1 in tlso_bio_read (b=0x5a93110, buf=0x5a3c057 "\004\areqType1\b\004\006modify02\004\005reqDN1)\004'uid=gtillman,ou=people,dc=zimbra,dc=com0\201\317\004\006reqMod1\201\304\004:zimbraAuthTokens:- 1988626989|1464372357970|8.7.0_RC1_1601\004\063entryCSN:= 20160527182235.762156Z#00#003#00\004."..., len=433) at tls_o.c:721 p = 0x5a6caa0 ret = 79 #4 0x7f3c6f19988b in BIO_read () from /opt/zimbra/common/lib/libcrypto.so.1.0.0 No symbol table info available. #5 0x7f3c6f501ffc in ssl3_read_n () from /opt/zimbra/common/lib/libssl.so.1.0.0 No symbol table info available. #6 0x7f3c6f503ebf in ssl3_read_bytes () from /opt/zimbra/common/lib/libssl.so.1.0.0 No symbol table info available. #7 0x7f3c6f50033b in ssl3_read () from /opt/zimbra/common/lib/libssl.so.1.0.0 No symbol table info available. #8 0x7f3c7101f093 in tlso_sb_read (sbiod=0x5d382e0, buf=0xcb4f93f, len=8) at tls_o.c:881 p = 0x5a6caa0 ret = 635655159814 err = 28 __PRETTY_FUNCTION__ = "tlso_sb_read" #9 0x7f3c70dd2e56 in sb_debug_read (sbiod=0x5d37800, buf=0xcb4f93f, len=8) at sockbuf.c:829 ret = 0 ebuf =
[openssl-dev] [openssl.org #597] SSL_set_session() problem (?)
Fixed in commit e70656cf1c. Closing ticket. Matt -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=597 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4434] Gentoo 13, x86_64: 4 failed self tests
On Wed Jun 01 22:20:38 2016, matt wrote: > Hi Jeff > > Please could you try the attached patch? Jeff confirmed to me that the patch solved the problem. Pushed as commit 25b9d11c0. Closing ticket. Matt -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4434 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl.org #4558] Performance issue with DTLS packet reassembly
On Mon, Jun 13, 2016 at 4:04 AM Matt Caswell via RTwrote: > On Thu Jun 02 23:24:44 2016, paul.d...@oracle.com wrote: > > The DTLS packet reassembly code has a performance problem that could > > result in a DoS attack being possible. > > > > > > > > The DTLS packet reassembly uses the data structure defined in > > ssl/pqueue.c for the purpose (it is the only user of this data > > structure that I can find). This source file implements a priority > > queue using a singly linked list. This means O(n^2) worst case > > complexity, where n is the number of fragments. A better, and in fact > > optimal, solution would be to use a heap for the purpose giving O(n > > log n) worst case complexity. Doing this would prevent a potential > > DoS attack. > > > > > > > > The attack would consist of fragmenting the DTLS stream into as many > > small packets as possible and sending them in sequential order. Each > > fragment will require a complete traversal of the list to be added. > > Continue sending these as long as the DoS is wanted. For reference, > > changing the list search method or ordering won't prevent such an > > attack, it just means a different packet ordering is required. > > > > > > > > Tim Hudson suggested I submit this even though I haven't been able to > > find time to craft a patch. > Were you able to reproduce this performance problem? Note that N is at most 10 here. Assuming the DTLS packet reassembly code manages its queue correctly (It's rather buggy, but I forget if this was one of its problems. I eventually gave up trying to digest it and rewrote it from scratch on our end.), this check will ensure the queue size is tightly bounded: https://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=ssl/statem/statem_dtls.c;h=d75483af6d40ad4c6ed9137eba8a7382a3b0ef0a;hb=HEAD#l634 It could probably be brought down a hair further too. There's no need to buffer more than the maximum number of messages in a supported handshake flight. (pqueue is still a silly data structure to be using here. A fixed-size ring buffer would be better. Or just a boring array since memmove on 10 pointers is cheap. But it's not hugely important.) David -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4558 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #3680] NULL pointer dereference in tls1_check_chain (ssl/t1_lib.c)
Sorry for the delay in looking at this. It appears that the function has evolved quite a bit, and I cannot find a code path where cpk is not set. If i'm wrong, please re-open the ticket with some more info. Thanks. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3680 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #3723] Patch to add short name "Email" to "emailAddress" object
OP says it can be closed, so we will. Open a new PR if desired. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3723 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4560] BUG: openssl-1.0.2h, evp_enc.c, fips, use of uninitialized variable
commit beb4c45c the if() test could be removed since that code is inside a larger "if (cipher" block, but this is minimal. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4560 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #3809] [enhancement request] add critical to basicContraints in openssl.cnf
yeah, about time we fixed this. :) commit a7be575 in master. thanks. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3809 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #3100] [patch] remove some useless code in BN_uadd
bn_add.c was modernized in https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7d6284057b66458f6c99bd65ba67377d63411090 and suggested modifications were "accumulated". Case is being dismissed. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3100 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl.org #4561] BUG: openssl-1.0.2h, evp_enc.c, non-portable bitwise operation
My claim about portability issues was wrong (sorry): The C-standard ensures that positive values are handled in the two's complement system, indeed. However, inl % block_size == inl & (block_size-1) is true if and only if block_size is a power of two, which happens to be true under the current implementation, but may change in the future. If block_size should be 48, then 48 % block_size == 0, but 48 & (block_size-1) == 32. For this reason and for stylistic reasons, it may be worth considering to use consistently inl % ctx->block_size instead of inl & ctx->block_mask and int & (bl-1). Then the member block_mask could probably be removed. Otherwise, an OPENSSL_assert or an appropriate comment may document the essential precondition that block_size is a power of two. Cheers, Loic From: Matt Caswell via RTSent: Friday, June 10, 2016 12:16:02 AM To: Loic Etienne Cc: openssl-dev@openssl.org Subject: [openssl.org #4561] BUG: openssl-1.0.2h, evp_enc.c, non-portable bitwise operation On Mon Jun 06 18:26:50 2016, loic.etie...@qnective.com wrote: > crypto/evp/evp_enc.c, EVP_EncryptUpdate > line 337: inl & (ctx->block_mask) > line 367: inl & (bl - 1) /* with bl = ctx->cipher->block_size */ Why do you consider this a problem? Matt -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4561 Please log in as guest with password guest if prompted -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4561 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4329] OpenSSL 1.1.0 pre3: internal error in tls_post_process_client_key_exchange during reneg
On Wed Jun 08 16:02:39 2016, matt wrote: > On Tue May 24 13:53:07 2016, steve wrote: > > On Sun Feb 21 13:55:35 2016, rainer.j...@kippdata.de wrote: > > > Running the Apache test suite for Apache 2.4 with OpenSSL 1.1.0 > > > adjustments, I get > > > > > > > Can you please check to see if this issue is still present in the latest > > OpenSSL 1.1.0? > > Hi Rainer > > Can this ticket be closed now? No response from OP, so assuming this is no longer an issue. Please open a new ticket if it is. Closing. Matt -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4329 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4558] Performance issue with DTLS packet reassembly
On Thu Jun 02 23:24:44 2016, paul.d...@oracle.com wrote: > The DTLS packet reassembly code has a performance problem that could > result in a DoS attack being possible. > > > > The DTLS packet reassembly uses the data structure defined in > ssl/pqueue.c for the purpose (it is the only user of this data > structure that I can find). This source file implements a priority > queue using a singly linked list. This means O(n^2) worst case > complexity, where n is the number of fragments. A better, and in fact > optimal, solution would be to use a heap for the purpose giving O(n > log n) worst case complexity. Doing this would prevent a potential > DoS attack. > > > > The attack would consist of fragmenting the DTLS stream into as many > small packets as possible and sending them in sequential order. Each > fragment will require a complete traversal of the list to be added. > Continue sending these as long as the DoS is wanted. For reference, > changing the list search method or ordering won't prevent such an > attack, it just means a different packet ordering is required. > > > > Tim Hudson suggested I submit this even though I haven't been able to > find time to craft a patch. This will require some significant rework of the pqueue code. This ticket is currently against the 1.1.0 milestone, but realistically that kind of change isn't going to happen in that timeframe, so pushing to post 1.1.0. Matt -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4558 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl.org #3236] support for DNSSEC in openssl
Am 2016-06-12 um 23:49 schrieb Rich Salz via RT: > And DANE support is in 1.1/master. > Ok, thanks; will have to upgrade ... -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3236 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev