New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
(3.8.1) tls cert check segfault (no ca in ca-dir) #1310
Comments
It works in
|
Please supply a "signed-off-by" line so that I can merge the fix. Thanks. |
I mean to the PR #1316 |
Oh I sign off everything, including death certificates and world peace™. You name it, I sign it off. If you're lucky even with my own name. ;) |
bazsi
added a commit
that referenced
this issue
Feb 6, 2017
This patch fixes a potential segfault during X.509 certificate validation. What happens is that X509_STORE_CTX contains "application data", e.g. the application is able to associate a series of pointers with the validation. This uses an "id" to identify the user of the specific pointer. This mechanism is used by the SSL library (still in openssl) to store the pointer to the SSL session. The ID for this data is normally 0, however if libssl.so is unloaded while libcrypto.so is not, it might happen that this ID gets remapped to a non-zero value. Then what leads to the crash is that libssl starts to use ID 1 to manage its SSL* pointer, while we in the validation code still use ID 0, causing a NULL deref. The exact reasons why this ID change happens is unclear, some apache related information can be found here: https://bz.apache.org/bugzilla/show_bug.cgi?id=32529 You can also find more information in github issue #1310. Signed-off-by: Peter Gervai <grin@grin.hu> Signed-off-by: Balazs Scheidler <balazs.scheidler@balabit.com>
Closing with the fix in #1316 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Version of syslog-ng
Platform
Debian/testing
Issue
Test machine uses self-signed cert, and it's not installed in /etc/ssl/certs/. syslog-ng segfaults on the first occasion to send over something through the tls network channel:
[pid 143944] 17:05:45.069870 stat("/etc/ssl/certs//f4ea497f.0", 0x7f1ef7ffc430) = -1 ENOENT (No such file or directory)
[pid 143944] 17:05:45.069936 stat("/etc/ssl/certs//f4ea497f.0", 0x7f1ef7ffc430) = -1 ENOENT (No such file or directory)
[pid 143944] 17:05:45.069960 stat("/etc/ssl/certs//f4ea497f.0", 0x7f1ef7ffc430) = -1 ENOENT (No such file or directory)
[pid 143944] 17:05:45.069989 --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x1d0} ---
config
While
peer-verify(optional-untrusted)
there is a ca-dir in the config, which may confuse the logic. It should not die on it, but definitely not with a SIGSEGV.gdb
The text was updated successfully, but these errors were encountered: