[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #13325 [- Select a component]: Tor crash on OpenBSD-current since 2014-08-10
#13325: Tor crash on OpenBSD-current since 2014-08-10
----------------------------------+---------------------
Reporter: fredzupy | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: - Select a component | Version:
Keywords: | Actual Points:
Parent ID: | Points:
----------------------------------+---------------------
Tor is broken under OpenBSD-current since this patch, I think,
<http://marc.info/?l=openbsd-cvs&m=140768179627976&w=2>).
The function prune_v2_cipher_list() in src/common/tortls.c now crash Tor
(Segmentation fault). All Tor versions impacted.
Commenting out the prune_v2_cipher_list() seems to be enough as a
workaround.
Here is a gdb backtrace with tor-0.2.5.7-rc in debug mode:
Oct 02 14:41:12.000 [debug] tor_tls_debug_state_callback(): SSL 0x83b91000
is now in state before/accept initialization [type=16,val=1].
Oct 02 14:41:12.000 [debug] tor_tls_debug_state_callback(): SSL 0x83b91000
is now in state before/accept initialization [type=8193,val=1].
Oct 02 14:41:12.000 [debug] tor_tls_debug_state_callback(): SSL 0x83b91000
is now in state unknown state [type=8194,val=-1].
Oct 02 14:41:12.000 [debug] tor_tls_handshake(): After call, 0x82a59d80
was in state unknown state
Oct 02 14:41:12.000 [debug] connection_tls_continue_handshake(): wanted
read
Oct 02 14:41:12.000 [debug] conn_read_callback(): socket 22 wants to read.
Oct 02 14:41:12.000 [debug] tor_tls_handshake(): About to call SSL_accept
on 0x82a59d80 (unknown state)
Program received signal SIGSEGV, Segmentation fault.
0x00000000 in ?? ()
(gdb) bt
#0 0x00000000 in ?? ()
#1 0x1a8d578b in tor_tls_classify_client_ciphers (ssl=0x83b91000,
peer_ciphers=0x85251200) at src/common/tortls.c:1489
#2 0x1a8d58ff in tor_tls_session_secret_cb (ssl=0x83b91000,
secret=0x8a659608, secret_len=0x8a659604, peer_ciphers=0x85251200,
cipher=0xcfbe0184, arg=0x0) at src/common/tortls.c:1683
#3 0x0b9e09ec in ssl3_get_client_hello (s=0x83b91000) at
/usr/src/lib/libssl/ssl/../../libssl/src/ssl/s3_srvr.c:1119
#4 0x0b9e176f in ssl3_accept (s=0x83b91000) at
/usr/src/lib/libssl/ssl/../../libssl/src/ssl/s3_srvr.c:346
#5 0x0b9f22fa in SSL_accept (s=0x83b91000) at
/usr/src/lib/libssl/ssl/../../libssl/src/ssl/ssl_lib.c:922
#6 0x0b9d8836 in ssl23_get_client_hello (s=0x83b91000) at
/usr/src/lib/libssl/ssl/../../libssl/src/ssl/s23_srvr.c:573
#7 0x0b9d915c in ssl23_accept (s=0x83b91000) at
/usr/src/lib/libssl/ssl/../../libssl/src/ssl/s23_srvr.c:232
#8 0x0b9f22fa in SSL_accept (s=0x83b91000) at
/usr/src/lib/libssl/ssl/../../libssl/src/ssl/ssl_lib.c:922
#9 0x1a8d5d59 in tor_tls_handshake (tls=0x82a59d80) at
src/common/tortls.c:2113
#10 0x1a865f10 in connection_tls_continue_handshake (conn=0x83b93000) at
src/or/connection_or.c:1468
#11 0x1a857dee in connection_handle_read (conn=0x83b93000) at
src/or/connection.c:3287
#12 0x1a7a842f in conn_read_callback (fd=22, event=2, _conn=0x83b93000) at
src/or/main.c:736
#13 0x0bb9ca02 in event_base_loop (base=0x7e447000, flags=0) at
/usr/src/lib/libevent/event.c:404
#14 0x1a7a3eab in do_main_loop () at src/or/main.c:2027
#15 0x1a7a55ca in tor_main (argc=3, argv=0xcfbe09c4) at src/or/main.c:3047
#16 0x1a7a1cdd in main (argc=536912672, argv=0x8696ee00) at
src/or/tor_main.c:30
(gdb)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13325>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs