On 16/04/17 20:17, Sanjaya Joshi wrote: > Hello, > > I use openldap_2.3.39 to initiate secure LDAP connection (starttls) to > external LDAP server. The used openssl version is 1.0.2k. > > While establishing the secure connection from client, i observe the > following segmentation fault occasionally (Not always reproducible). > > Any pointers please ? > Are you able to compile openssl with debug symbols? That's not a lot to go on. Matt > " > [Thread debugging using libthread_db enabled] > Using host libthread_db library "/lib64/libthread_db.so.1". > Core was generated by `/opt/nsn/pac_bor_qx_e1/bin/border'. > Program terminated with signal SIGSEGV, Segmentation fault. > #0 0x00007fd6b8271bd9 in sk_value () from /usr/lib64/libcrypto.so.1.0.0 > (gdb) bt > #0 0x00007fd6b8271bd9 in sk_value () from /usr/lib64/libcrypto.so.1.0.0 > #1 0x00007fd6b3495516 in ssl23_connect () from /usr/lib64/libssl.so.1.0.0 > #2 0x00007fd6b7d2d6cf in ldap_int_tls_connect (ld=0x7fd6880486d0, > conn=0x7fd68802d9e0) at tls.c:805 > #3 0x00007fd6b7d2ece0 in ldap_int_tls_start (ld=0x7fd6880486d0, > conn=0x7fd68802d9e0, srv=0x0) at tls.c:1511 > #4 0x00007fd6b7d2f6e9 in ldap_install_tls (ld=0x7fd6880486d0) at tls.c:1935 > #5 0x00007fd6bb46c6c1 in open_connection_as > (ldap_host_address=0x7fd68805de90 "10.55.433.1", port=389, client_access=0, > user_dn=0x7fd6880543c8 > "uid=user1,ou=people,ou=accounts,dc=sasa,dc=test,dc=net", > user_pwd=0x7fd6962d3c70 "saaadh45sks", ldap_handle=0x7fd6962d2838, > network_timeout=5000, request_id=0x7fd6962d144c, > error_string=0x7fd6962d1440, isSecure=2, cacertFile=0x7fd688048bf8 > "/etc/certs/cacert.pem", > ciphers=0x7fd68805e138 > "DHE-RSA-AES256-SHA:AES256-SHA:DHE-RSA-AES128-SHA:AES128-SHA", > reqCert=0x7fd6962d2558) at ../src/api.c:1048 > #6 0x00007fd6bb46ca97 in open_secure_connection_starttls_request > (ldap_host_address=0x7fd68805de90 "10.55.433.1", port=389, > client_access=0, user_dn=0x7fd6880543c8 > "uid=user1,ou=people,ou=accounts,dc=sasa,dc=test,dc=net", > user_pwd=0x7fd6962d3c70 "saaadh45sks", ldap_handle=0x7fd6962d2838, > network_timeout=5000, request_id=0x7fd6962d144c, > error_string=0x7fd6962d1440, cacertFile=0x7fd688048bf8 > "/etc/certs/cacert.pem", > ciphers=0x7fd68805e138 > "DHE-RSA-AES256-SHA:AES256-SHA:DHE-RSA-AES128-SHA:AES128-SHA", > reqCert=0x7fd6962d2558) at ../src/api.c:1258 > #7 0x00007fd6b9c899c8 in tryConnectExtLdap (host=0x7fd68805de90 > "10.55.433.1", port=389, > binddn=0x7fd6962d3380 > "uid=user1,ou=people,ou=accounts,dc=sasa,dc=test,dc=net", > pwd=0x7fd6962d3c70 "saaadh45sks", > _extHandle=@0x7fd6962d2838: 0x7fd6880486d0, peopledn=0x7fd6880495b0 > "ou=people,ou=accounts,dc=sasa,dc=test,dc=net", secureMode=0, > cacertFile=..., ciphers=..., reqCert=5, timeout_ms=5000) > at ../../src/acct.cpp:1694 > #8 0x00007fd6b9c88df1 in validate_account (accountName=0x7fd6962d3380 > "uid=user1,ou=people,ou=accounts,dc=sasa,dc=test,dc=net", > accountPassword=0x7fd6962d3c70 "saaadh45sks") at ../../src/acct.cpp:1623 > #9 0x0000000000479d3a in set_acc > (userName=userName@entry=0x7fd6962d3870 "user1", > password=password@entry=0x7fd6962d3c70 "saaadh45sks") at > ../src/borfunc_cou.c:4066 > #10 0x000000000045217b in _71571_2 (_T=0x42907000) at > ../src/bor7qxqx.sdl:600 > #11 0x000000000044fd45 in _s71571_ACTIVE (_T=<optimized out>) at > _Sborha7ACTIVE.c:33 > #12 0x00007fd6b6ec8a65 in call_transition (msg=0x7fd6bc0d8948, process=96) > at /home/core/threadmain.c:656 > #13 call_transition_with_fatal_sig_catching (thread=<optimized out>, > thread@entry=0x25d7d90, process=process@entry=96, > msg=msg@entry=0x7fd6bc0d8948) at /home/core/threadmain.c:669 > #14 0x00007fd6b6ec9499 in execute_user_code (msg=0x7fd6bc0d8948, > process=96, thread=0x25d7d90) > at /home/core/threadmain.c:687 > #15 exec_main_loop (thread=0x25d7d90) at /home/core/threadmain.c:882 > #16 thread_context_main (arg=<optimized out>) at /home/core/threadmain.c:592 > #17 0x00007fd6b64f2f50 in ?? () from /lib64/libc.so.6 > #18 0x0000000000000000 in ?? () > (gdb) > " > > Regards, > Sanjaya > > -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
