New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Problem: stream_engine is vulnerable to downgrade attacks #1190
Comments
|
This change makes test_security_curve stuck on PowerPC in 4.0.5 version. d73b2408808375af2a6a2ac8e211db429aac71f2 is the first bad commit :040000 040000 3820e8c9bf16423abce419e42469f7b26fcf670e 59972c00867e37635e32bc51eda425c84d26987d M src |
|
Can we figure out where it's stuck?
|
|
This is what I see so far by attaching to "stuck process" #0 0x00003fff7d522568 in lll_lock_wait () from /lib64/libpthread.so.0 |
|
(gdb) thread apply all bt backtrace from all threads, who else is sitting in ___lll_lock_wait() ? On Tue, Jan 27, 2015 at 4:45 PM, Dinar Valeev notifications@github.com
|
|
Thread 4 (Thread 0x3fff7d04f180 (LWP 151843)): Thread 3 (Thread 0x3fff7c84f180 (LWP 151844)): Thread 2 (Thread 0x3fff7c04f180 (LWP 151845)): Thread 1 (Thread 0x3fff7d63dab0 (LWP 151829)): |
|
Grim...This is PowerPC? Which OS? On Tue, Jan 27, 2015 at 5:05 PM, Dinar Valeev notifications@github.com
|
|
Yeah.. This is PowerPC.. OS is Linux (openSUSE).. Happens on ppc32, ppc64 Big Endian, ppc64le Little Endian. |
|
There is no architecture specific implementation for PPC of On Tue, Jan 27, 2015 at 5:18 PM, Dinar Valeev notifications@github.com
|
|
I don't have any way to test this for PowerPC on Linux, but it should be On Tue, Jan 27, 2015 at 5:35 PM, Thomas Rodgers rodgert@twrodgers.com
|
|
We have community systems, I could provide you with an access to one. |
|
Let me get a version using GCC intrinsics together locally, and then I can On Wednesday, January 28, 2015, Dinar Valeev notifications@github.com
|
|
I pushed rodgert@e6c45f5 which detects the presence of __atomic_Xxx intrinsics (should work for GCC and Clang) and uses those when available. |
|
I have also confirmed that this change is equivalent on x86 to the inline assembly currently in libzmq's atomics - We also have a private instance of http://gcc.godbolt.org/ which now has a cross-compiler for GCC targeting Power and I confirmed the generated assembly looks reasonable correct (to the extent I am able to grok the consequences of Power's weak memory ordering model, anyway). Let me know when you'd like me to test this on your community hardware. |
|
I checked your patch, it doesn't fixes a problem. Avoid curve test to hang on ppc64 architecture |
|
I think it's still worth pursuing, it moves the job of implementing atomic On Wed, Jan 28, 2015 at 3:59 PM, Dinar Valeev notifications@github.com
|
|
I agree, I'll keep debugging. |
When accepting a connection as client or server, the engine takes the mechanism from the peer and implements that, without checking that it matches the mechanism set on the socket.
Solution: the peer's mechanism must match the options.mechanism, or else the connection must be closed.
Note that this affects ZeroMQ v4.0.4 stable. Fixed in libzmq master, backporting for v4.0.5.
The text was updated successfully, but these errors were encountered: