Hello, We have a client and server which communicates using SSL with NULL encryption. The client when it connects to the server sends a Certificate signing request, the server responds by sending the server certificate. All works fine during test and even under load using openssl version 0.9.8 and also 1.0.1f I believe, but we are experiencing crash with version 1.0.1h under load setup (Once every day).
The simulator which we use to simulate a client disconnects and connects back to the server many times, each time asking for the certificate from the server. The crash was seen just once the entire day. So I dont think its anywhere close to broken functionality. Looks like more of a race issue. Similar references: http://openssl.6102.n7.nabble.com/Crash-in-libcrypto-so-1-0-0-td42043.html Also, I have verified the data sent by the client from the core dump using a test program. Also from openssl command: openssl req -inform DER -in filebin -verify verify OK -----BEGIN CERTIFICATE REQUEST----- MIIC3jCCAcYCADCBmTEZMBcGA1UEAxMQbG9hZC10ZXN0LWNsaWVudDEsMCoGA1UE CxMjU3RlZWxIZWFkIE1vYmlsZSBzcG9ydCBpZCAxMjM0NjAwMDAxITAfBgNVBAoT GFJpdmVyYmVkIFRlY2hub2xvZ3kgSW5jLjEWMBQGA1UEBxMNU2FuIEZyYW5jaXNj bzETMBEGA1UECBMKQ2FsaWZvcm5pYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBAKM2SEhLwq3TjpoIUAdn7jRoY+Rz5MnOL+Yt3DksTn+Hqwpd+9tWEhiG EbhU2oYx+LqhKjTopqxI0Vn48SIstEM4dA6QVXxS96gz0fZkrS4ggQmNjQCQZuUS 1/LC6pBgjZ+faCTX15yjgDtEBR0FCBRbYY65XS5W49ZUpsMQDdPcpSqKxw3WHJSv J3ofyglgnaHqXMOC1ktQFOqF7l0jFcqAkSzk3AS2N6l4OueOZkETpn/ILdRaeoGm 9/dAwd97ClZz4W/y1T/M52YeNBBkz4DHxU6ka1s9pIjPVUUIMwh/TR1DpDB+dWm2 g+xxy1sPVP+P6r5pLsxLW7VuWpCkuQUCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4IB AQA/6JMbpnMTgWP2IDeLmnb4CiL0vUXoYQnCRHu85DvxZOJnGX311lojHLadB8fJ quRzyt/kcONK4NWQO8QU4LOnJXbr56Q96ub3p+GOmyg/EG7ipM5iH0D5XnMBS73S 4dRM/T6TIskJNFUZ81XWOOwRuqX69PWwIbDe14u9N/B5ssiW19CjraB7TZd+IULP 43NADyNnsyJeLicF9McnGxpnjXj+3/BpALqnHQBKOZg1nWxg9BfdlADd13YkplG2 mITQb0/X2A8EZQxOFhHcl2IzHQ4c6+9fJZib4FGg5RBMoQzaAFV+cCOF/O6ONxZJ KKCcv5qPA9rAj+Q0voK2RwYC -----END CERTIFICATE REQUEST----- This is the stack trace we get (Top half only): Thread 1 (Thread 0x7fa62851d700 (LWP 19528)): #0 0x00007fa62657f2d6 in __strcmp_sse42 () from /lib64/libc.so.6 #1 0x00007fa6276f5b4a in ?? () from /usr/lib64/libcrypto.so.10 #2 0x00007fa6276f5b8c in lh_retrieve () from /usr/lib64/libcrypto.so.10 #3 0x00007fa62767c758 in OBJ_NAME_get () from /usr/lib64/libcrypto.so.10 #4 0x00007fa62770d49d in ASN1_item_verify () from /usr/lib64/libcrypto.so.10 #5 0x00000000008a1fd7 in ca::CA::process_cert_request(unsigned char const*, unsigned long, std::vector<unsigned char, std::allocator<unsigned char> >*) () This looks like an issue to me. Thanks. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
