OpenSSL 1.0.2 Solaris 32 bit build is broken

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Looks like the crash is in SHA-512 this time, not SHA-1.  There's a
separate perl script to generate that assembly code.  Try the 1.0.1
version of sha512-sparcv9.pl.

The output from your rand command is valid.  You can use the -base64
option if you want something more readable.



On 04/15/2015 11:13 AM, John Unsworth wrote:
>
> That seems to have fixed the crash.
>
>  
>
> -bash-3.00$ ./openssl rand 64
>
> z??M??Ov??@?t????E?^?Q!?\?b_??Y???iT-&n?????B+?9kx??%hR?z-bash-3.00$
>
>  
>
> Not sure about the output though.
>
>  
>
> However negotiation causes a core:
>
>  
>
> -bash-3.00$ ./openssl s_client -connect eos.es.cpth.ie:4250
>
> CONNECTED(00000004)
>
> depth=0 CN = jusworth-lt4.eu.cp.net
>
> verify error:num=20:unable to get local issuer certificate
>
> verify return:1
>
> depth=0 CN = jusworth-lt4.eu.cp.net
>
> verify error:num=21:unable to verify the first certificate
>
> verify return:1
>
> Segmentation Fault (core dumped)
>
> -bash-3.00$ pstack core
>
> core 'core' of 12587:   ./openssl s_client -connect eos.es.cpth.ie:4250
>
> 000ed408 sha512_block_data_order (30e538, 30c050, 71a, 30e588, 30c050,
> 64f98fa7) + 8
>
> 0009fb30 ssl3_digest_cached_records (2f8ae0, 6, 2f8ea0, 14, 100,
> 2f8ea0) + 1cc
>
> 000980ec ssl3_get_certificate_request (2f8ae0, 2f8ea0, 2f8ea0, 10,
> a42e0, 2f8ae0) + 90
>
> 00093ad8 ssl3_connect (2f8ae0, 0, 1180, 1000, 1130, ffffffff) + 6c0
>
> 000aa2b8 ssl23_get_server_hello (2f8ae0, 16, 3, 3, 2f8ea0, 301638) + 648
>
> 000a9198 ssl23_connect (2f8ae0, 0, 3000, 2b4d64, 2b3d78, 1) + 588
>
> 000aa60c ssl23_write (2f8ae0, 2f0270, 0, 3000, ff247c94, a8c10) + 4c
>
> 0004ee64 s_client_main (0, 0, 1, 2b4d64, 2f8ae0, 2f4280) + 7374
>
> 0001328c do_cmd   (2eb3c8, 3, ffbffad0, 2b4638, 13e64, 2b3d78) + b8
>
> 00012f08 main     (4, ffbffacc, 2eb3c8, 29fc00, 2b3d78, 2b49dc) + 3a4
>
> 00012a08 _start   (0, 0, 0, 0, 0, 2b3d78) + 108
>
>  
>
> Regards,
>
> John
>
>  
>
> *From:*openssl-users [mailto:openssl-users-bounces at openssl.org] *On
> Behalf Of *John Foley
> *Sent:* 15 April 2015 15:10
> *To:* openssl-users at openssl.org
> *Subject:* Re: [openssl-users] OpenSSL 1.0.2 Solaris 32 bit build is
> broken
>
>  
>
> How about the ./openssl sha1 command?  Does that bomb too?
>
> It might be interesting to copy crypto/sha/asm/sha1-sparcv9.pl from
> the 1.0.1 source into the 1.0.2 source.  Then clean, configure,
> compile and try again.  There were changes to this file between 1.0.1
> and 1.0.2.  Perhaps a bug was introduced.  I'm assuming this script
> generates the SHA source for your target platform. 
>
>
> On 04/15/2015 09:56 AM, John Unsworth wrote:
>
>     core 'core' of 24243:   ./openssl rand 64
>
>     000e9ce8 sha1_block_data_order (2ec298, 2ec2f4, 4, ffbfe018,
>     ffbfe01c, 44) + 8
>
>     00226160 ssleay_rand_add (ffbfe114, 1, 20, ffbfdfec, 0, 14) + 530
>
>     00227048 RAND_poll (4, ffbfe100, ffbfe120, ffbfe120, 2c0650,
>     2c0644) + 38c
>
>     00226c00 ssleay_rand_status (c734, 0, 2b9f7c, 2c05cc, 2a0e70,
>     13000) + 138
>
>     00065eb4 app_RAND_load_file (ffbfe418, 2d5238, 0, 2800, 0, 1) + 88
>
>     00077cb8 rand_main (0, 0, ff242b30, 0, 0, 0) + 4b8
>
>     0001328c do_cmd   (2eb4e8, 2, ffbffae0, 2b4728, 13e64, 2b3e98) + b8
>
>     00012f08 main     (3, ffbffadc, 2eb4e8, 2a0000, 2b3e98, 2b4afc) + 3a4
>
>     00012a08 _start   (0, 0, 0, 0, 0, 2b3e98) + 108
>
>      
>
>     Regards,
>
>     John.
>
>      
>
>     *From:*openssl-users [mailto:openssl-users-bounces at openssl.org]
>     *On Behalf Of *John Foley
>     *Sent:* 15 April 2015 13:31
>     *To:* openssl-users at openssl.org <mailto:openssl-users at openssl.org>
>     *Subject:* Re: [openssl-users] OpenSSL 1.0.2 Solaris 32 bit build
>     is broken
>
>      
>
>     Do you see the same stack trace when simply using the random
>     number generator:
>
>     ./openssl rand 64
>
>     What if you simply use SHA1:
>
>     ./openssl sha1 <somefile>
>
>
>
>     On 04/14/2015 12:17 PM, John Unsworth wrote:
>
>         Is no-one interested at all about this problem? Or do I need
>         to send it to another place?
>
>          
>
>         Regards,
>
>         John.
>
>          
>
>         *From:*openssl-users
>         [mailto:openssl-users-bounces at openssl.org] *On Behalf Of *John
>         Unsworth
>         *Sent:* 10 April 2015 14:54
>         *To:* openssl-users at openssl.org <mailto:openssl-users at openssl.org>
>         *Subject:* Re: [openssl-users] OpenSSL 1.0.2 Solaris 32 bit
>         build is broken
>
>          
>
>         I have compiled 1.0.1m in the same way and that works fine
>         using asm.
>
>          
>
>         John.
>
>          
>
>         *From:*openssl-users
>         [mailto:openssl-users-bounces at openssl.org] *On Behalf Of *John
>         Unsworth
>         *Sent:* 10 April 2015 12:21
>         *To:* openssl-users at openssl.org <mailto:openssl-users at openssl.org>
>         *Subject:* [openssl-users] OpenSSL 1.0.2 Solaris 32 bit build
>         is broken
>
>          
>
>         I have an application that runs quite happily using OpenSSL
>         1.0.1h on Solaris 32 bit. I want to upgrade but both 1.0.2 and
>         1.0.2a cause problems.
>
>          
>
>         1 When building 1.0.2 using
>
>          
>
>         ./Configure solaris-sparcv9-cc no-shared -m32 -xcode=pic32
>         -xldscope=hidden
>
>          
>
>         openssl s_client crashes on start:
>
>          
>
>         -bash-3.00$ ./openssl s_client -connect eos.es.cpth.ie:4250
>
>         Segmentation Fault (core dumped)
>
>         -bash-3.00$ pstack core
>
>         core 'core' of 468:     ./openssl s_client -connect
>         eos.es.cpth.ie:4250
>
>         000e9ce8 sha1_block_data_order (2ed490, 2ed4ec, 4, ffbfebc0,
>         ffbfebc4, 44) + 8
>
>         00226140 ssleay_rand_add (ffbfecbc, 1, 20, ffbfeb94, 0, 14) + 530
>
>         00227028 RAND_poll (4, ffbfeca8, ffbfecc8, ffbfecc8, 2c0630,
>         2c0624) + 38c
>
>         00226be0 ssleay_rand_status (c734, 0, 2b9f5c, 2c05ac, 2a0e50,
>         13000) + 138
>
>         00065eb4 app_RAND_load_file (ffbfefc0, 2d5218, 1, 2800, 0, 1) + 88
>
>         0004d784 s_client_main (0, c00, 0, c00, 2b4adc, 2f4380) + 5c94
>
>         0001328c do_cmd   (2eb4c8, 3, ffbffa88, 2b4738, 13e64, 2b3e78)
>         + b8
>
>         00012f08 main     (4, ffbffa84, 2eb4c8, 2a0000, 2b3e78,
>         2b4adc) + 3a4
>
>         00012a08 _start   (0, 0, 0, 0, 0, 2b3e78) + 108
>
>          
>
>         2 So I then rebuilt adding no-asm flag. It manages to connect
>         but negotiation fails with an error:
>
>          
>
>         4280581268:error:140943FC:SSL routines:ssl3_read_bytes:sslv3
>         alert bad record mac:s3_pkt.c:1456:SSL alert number 20
>
>         4280581268:error:140790E5:SSL routines:ssl23_write:ssl
>         handshake failure:s23_lib.c:177:
>
>          
>
>         This is against the server that is still running 1.0.1h and
>         can be successfully connected with openssl built with 1.0.1h.
>
>          
>
>         Note that the 64 bit build seems to work perfectly.
>         Unfortunately for historical reasons we need to use the 32 bit
>         version.
>
>          
>
>         The 32 bit builds that we use on Windows and Linux also work
>         perfectly. Is it something to do with byte order?
>
>          
>
>         Regards,
>
>         John.
>
>          
>
>          
>
>
>
>
>
>         _______________________________________________
>
>         openssl-users mailing list
>
>         To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>      
>
>
>
>
>     _______________________________________________
>
>     openssl-users mailing list
>
>     To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>  
>
>
>
> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150415/60830245/attachment-0001.html>


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux