FS#53880 - [syslog-ng] segfault when using tls client certificate validation with openssl 1.1
Attached to Project:
Arch Linux
Opened by Florian Pritz (bluewind) - Saturday, 29 April 2017, 09:31 GMT
Last edited by Antonio Rojas (arojas) - Saturday, 13 May 2017, 09:44 GMT
Opened by Florian Pritz (bluewind) - Saturday, 29 April 2017, 09:31 GMT
Last edited by Antonio Rojas (arojas) - Saturday, 13 May 2017, 09:44 GMT
|
Details
syslog-ng 3.9.1-5 crashes during validation when tls client
certificates are used. This patch fixes the issue for me:
https://github.com/balabit/syslog-ng/commit/2251fa7a2239abeb6c5087fcee71a5d8869d9f6f I've attached a patch for the pkgbuild from svn. backtrace including some debug info: 0x00007ffff5be9279 in CRYPTO_get_ex_data () from /usr/lib/libcrypto.so.1.1 #0 0x00007ffff5be9279 in CRYPTO_get_ex_data () from /usr/lib/libcrypto.so.1.1 #1 0x00007ffff7b5017b in tls_session_verify_callback (ok=1, ctx=0x7fffbc01f440) at lib/tlscontext.c:183 #2 0x00007ffff5c53fff in ?? () from /usr/lib/libcrypto.so.1.1 #3 0x00007ffff5c55c99 in ?? () from /usr/lib/libcrypto.so.1.1 #4 0x00007ffff5c56360 in X509_verify_cert () from /usr/lib/libcrypto.so.1.1 #5 0x00007ffff5f3a808 in ?? () from /usr/lib/libssl.so.1.1 #6 0x00007ffff5f57cbb in ?? () from /usr/lib/libssl.so.1.1 #7 0x00007ffff5f4a70f in ?? () from /usr/lib/libssl.so.1.1 #8 0x00007ffff5f316c7 in ?? () from /usr/lib/libssl.so.1.1 #9 0x00007ffff5f371d6 in ?? () from /usr/lib/libssl.so.1.1 #10 0x00007ffff5f40e69 in SSL_read () from /usr/lib/libssl.so.1.1 #11 0x00007ffff7b51e27 in log_transport_tls_read_method (s=0x645250, buf=0x7fffbc004800, buflen=8192, aux=0x7fffc13555d0) at lib/transp$ rt/transport-tls.c:59 #12 0x00007ffff7b67200 in log_transport_read (self=0x645250, buf=0x7fffbc004800, count=8192, aux=0x7fffc13555d0) at ./lib/transport/log$ ransport.h:51 #13 0x00007ffff7b67370 in log_proto_framed_server_fetch_data (self=0x6427d0, may_read=0x7fffc13555ac, aux=0x7fffc13555d0) at lib/logpro$ o/logproto-framed-server.c:93 #14 0x00007ffff7b676c6 in log_proto_framed_server_fetch (s=0x6427d0, msg=0x7fffc13555b8, msg_len=0x7fffc13555c0, may_read=0x7fffc13555a$ , aux=0x7fffc13555d0, bookmark=0x644be8) at lib/logproto/logproto-framed-server.c:184 #15 0x00007ffff7b39ffa in log_proto_server_fetch (s=0x6427d0, msg=0x7fffc13555b8, msg_len=0x7fffc13555c0, may_read=0x7fffc13555ac, aux=$ x7fffc13555d0, bookmark=0x644be8) at ./lib/logproto/logproto-server.h:115 #16 0x00007ffff7b3aaa5 in log_reader_fetch_log (self=0x644880) at lib/logreader.c:358 #17 0x00007ffff7b3a32a in log_reader_work_perform (s=0x644880) at lib/logreader.c:88 #18 0x00007ffff7b43c62 in _work (self=0x644a00) at lib/mainloop-io-worker.c:52 #19 0x00007ffff7b8efa1 in iv_work_thread_do_work (_thr=0x63f960) at iv_work.c:118 #20 0x00007ffff7b8de95 in iv_run_tasks (st=0x7fffbc0008c0) at iv_task.c:48 #21 0x00007ffff7b911ce in iv_main () at iv_main_posix.c:106 #22 0x00007ffff7b8f2a5 in iv_work_thread (_thr=0x63f960) at iv_work.c:200 #23 0x00007ffff7b91e45 in iv_thread_handler (_thr=0x63fa30) at iv_thread_posix.c:142 #24 0x00007ffff75cf2e7 in start_thread () from /usr/lib/libpthread.so.0 #25 0x00007ffff731054f in clone () from /usr/lib/libc.so.6 |
This task depends upon
Closed by Antonio Rojas (arojas)
Saturday, 13 May 2017, 09:44 GMT
Reason for closing: Fixed
Additional comments about closing: syslog-ng 3.9.1-6
Saturday, 13 May 2017, 09:44 GMT
Reason for closing: Fixed
Additional comments about closing: syslog-ng 3.9.1-6