FS#53880 : [syslog-ng] segfault when using tls client certificate validation with openssl 1.1

FS#53880 - [syslog-ng] segfault when using tls client certificate validation with openssl 1.1

Attached to Project: Arch Linux
Opened by Florian Pritz (bluewind) - Saturday, 29 April 2017, 09:31 GMT
Last edited by Antonio Rojas (arojas) - Saturday, 13 May 2017, 09:44 GMT

Task Type	Bug Report
Category	Packages: Extra
Status	Closed
Assigned To	Eric Belanger (Snowman) Antonio Rojas (arojas)
Architecture	All
Severity	Medium
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

syslog-ng 3.9.1-5 crashes during validation when tls client certificates are used. This patch fixes the issue for me:
https://github.com/balabit/syslog-ng/commit/2251fa7a2239abeb6c5087fcee71a5d8869d9f6f

I've attached a patch for the pkgbuild from svn.

backtrace including some debug info:
0x00007ffff5be9279 in CRYPTO_get_ex_data () from /usr/lib/libcrypto.so.1.1
#0 0x00007ffff5be9279 in CRYPTO_get_ex_data () from /usr/lib/libcrypto.so.1.1
#1 0x00007ffff7b5017b in tls_session_verify_callback (ok=1, ctx=0x7fffbc01f440) at lib/tlscontext.c:183
#2 0x00007ffff5c53fff in ?? () from /usr/lib/libcrypto.so.1.1
#3 0x00007ffff5c55c99 in ?? () from /usr/lib/libcrypto.so.1.1
#4 0x00007ffff5c56360 in X509_verify_cert () from /usr/lib/libcrypto.so.1.1
#5 0x00007ffff5f3a808 in ?? () from /usr/lib/libssl.so.1.1
#6 0x00007ffff5f57cbb in ?? () from /usr/lib/libssl.so.1.1
#7 0x00007ffff5f4a70f in ?? () from /usr/lib/libssl.so.1.1
#8 0x00007ffff5f316c7 in ?? () from /usr/lib/libssl.so.1.1
#9 0x00007ffff5f371d6 in ?? () from /usr/lib/libssl.so.1.1
#10 0x00007ffff5f40e69 in SSL_read () from /usr/lib/libssl.so.1.1
#11 0x00007ffff7b51e27 in log_transport_tls_read_method (s=0x645250, buf=0x7fffbc004800, buflen=8192, aux=0x7fffc13555d0) at lib/transp$
rt/transport-tls.c:59
#12 0x00007ffff7b67200 in log_transport_read (self=0x645250, buf=0x7fffbc004800, count=8192, aux=0x7fffc13555d0) at ./lib/transport/log$
ransport.h:51
#13 0x00007ffff7b67370 in log_proto_framed_server_fetch_data (self=0x6427d0, may_read=0x7fffc13555ac, aux=0x7fffc13555d0) at lib/logpro$
o/logproto-framed-server.c:93
#14 0x00007ffff7b676c6 in log_proto_framed_server_fetch (s=0x6427d0, msg=0x7fffc13555b8, msg_len=0x7fffc13555c0, may_read=0x7fffc13555a$
, aux=0x7fffc13555d0, bookmark=0x644be8) at lib/logproto/logproto-framed-server.c:184
#15 0x00007ffff7b39ffa in log_proto_server_fetch (s=0x6427d0, msg=0x7fffc13555b8, msg_len=0x7fffc13555c0, may_read=0x7fffc13555ac, aux=$
x7fffc13555d0, bookmark=0x644be8) at ./lib/logproto/logproto-server.h:115
#16 0x00007ffff7b3aaa5 in log_reader_fetch_log (self=0x644880) at lib/logreader.c:358
#17 0x00007ffff7b3a32a in log_reader_work_perform (s=0x644880) at lib/logreader.c:88
#18 0x00007ffff7b43c62 in _work (self=0x644a00) at lib/mainloop-io-worker.c:52
#19 0x00007ffff7b8efa1 in iv_work_thread_do_work (_thr=0x63f960) at iv_work.c:118
#20 0x00007ffff7b8de95 in iv_run_tasks (st=0x7fffbc0008c0) at iv_task.c:48
#21 0x00007ffff7b911ce in iv_main () at iv_main_posix.c:106
#22 0x00007ffff7b8f2a5 in iv_work_thread (_thr=0x63f960) at iv_work.c:200
#23 0x00007ffff7b91e45 in iv_thread_handler (_thr=0x63fa30) at iv_thread_posix.c:142
#24 0x00007ffff75cf2e7 in start_thread () from /usr/lib/libpthread.so.0
#25 0x00007ffff731054f in clone () from /usr/lib/libc.so.6

syslog-segfault-client-cert.p... (3.9 KiB)

This task depends upon

Closed by Antonio Rojas (arojas)
Saturday, 13 May 2017, 09:44 GMT
Reason for closing: Fixed
Additional comments about closing: syslog-ng 3.9.1-6

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#53880 - [syslog-ng] segfault when using tls client certificate validation with openssl 1.1

Details

Loading...