[openssl-dev] [openssl.org #3695] DTLS Handshake issue (openssl-1.0.1e-dtls-ecc-ext.patch) leads to process crash

2015-02-10 Thread sanchit arora via RT 
Bug report

OS: Red hat enterprise Linux 6.5

OpenSSL Version: 1.0.1e-30

While doing DTLS testing with openssl-1.0.1e-30 Version and patches
for RT3327, RT3470 and RT3483 on top of that, we are facing an issue
where our process is crashing during the duration run of 24 hours.

Use Case:
*There are 125 DTLS Server Connections and 125 DTLS Client Connections.
*Connection Attempts towards Server connections are also being
made every 1 second.
*Client Connections are initiating connection attempts every 1 second .
*SSL Handshake is made to fail so that connection attempts
continues and there are no crashes observed.

During the above duration run, process is always crashing at the below
location always.

#4  signal handler called
#5  0x7f61e97188e9 in sha1_block_data_order_ssse3 () from
/usr/lib64/libcrypto.so.10
#6  0xad89a0d6776026f6 in ?? ()
#7  0xf9e71fd74025dad7 in ?? ()
#8  0x2243d5d8167d7997 in ?? ()
#9  0x8bbb75d9b4efd5d8 in ?? ()
#10 0xea9689da4d4ac2cb in ?? ()
#11 0x7067bc5f5034983b in ?? ()
#12 0xe19f5aa4a5679ed0 in ?? ()
#13 0x8ecbf7e83d1d8ccd in ?? ()
#14 0x7f61e9a827ce in state () from /usr/lib64/libcrypto.so.10
#15 0xbc803cd0 in ?? ()
#16 0x0011 in ?? ()
#17 0x7f61e9715de7 in SHA1_Update () from /usr/lib64/libcrypto.so.10
#18 0x7f61e97899fd in ssleay_rand_add () from /usr/lib64/libcrypto.so.10
#19 0x7f61e9ed92f9 in dtls1_accept () from /usr/lib64/libssl.so.10

When we tested with openssl-1.0.1e-16 Version and patches for RT3327,
RT3470 and RT3483 on top of that, the use case works fine.

On investigation, we found that there are 11 patches added between
openssl-1.0.1e-30 and openssl-1.0.1e-16 version out of which following
3 patches are related to DTLS.

openssl-1.0.1e-dtls-ecc-ext.
patch
openssl-1.0.1e-cve-2014-3513.
patch
openssl-1.0.1e-fallback-scsv.patch

We have narrowed down that when we use openssl-1.0.1e-30 Version with
the openssl-1.0.1e-dtls-ecc-ext.patch and patches for RT3327, RT3470
and RT3483 on top of that, process crashes with the above abterm
during the duration run of 24 hours.

When we excluded the openssl-1.0.1e-dtls-ecc-ext.patch from
openssl-1.0.1e-30 Version, we didn't see an abterm during the duration
run of 24  hours.

Therefore, it seems that the openssl-1.0.1e-dtls-ecc-ext.patch is
causing the abterm in the duration run.

Please let us know if there could be issues with the
openssl-1.0.1e-dtls-ecc-ext.patch?

Patch Details:

https://bugzilla.redhat.com/show_bug.cgi?id=1119800


Regards,
Sanchit Arora


___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #3695] DTLS Handshake issue (openssl-1.0.1e-dtls-ecc-ext.patch) leads to process crash

2015-02-10 Thread Salz, Rich 
Matt tried to explain this before.

1.0.1e-30 is not a version that OpenSSL provides.  You will have to contact 
your vendor.

The backtrace information is not usable as there are no function names; you 
will have to build a debugging version.

We cannot help you.
--  
Principal Security Engineer, Akamai Technologies
IM: rs...@jabber.me Twitter: RichSalz
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #3695] DTLS Handshake issue (openssl-1.0.1e-dtls-ecc-ext.patch) leads to process crash

2015-02-10 Thread Salz, Rich via RT 
Matt tried to explain this before.

1.0.1e-30 is not a version that OpenSSL provides.  You will have to contact 
your vendor.

The backtrace information is not usable as there are no function names; you 
will have to build a debugging version.

We cannot help you.
--  
Principal Security Engineer, Akamai Technologies
IM: rs...@jabber.me Twitter: RichSalz


___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev