Uploaded image for project: 'Traffic Server'
  1. Traffic Server
  2. TS-2355

ATS 4.0.x crashes when using OpenSSL 1.0.1e

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 4.0.1, 4.1.2
    • 4.2.0
    • SSL

    Description

      I upgraded some 4.0.1 and 4.0.2 hosts from OpenSSL 1.0.0 to 1.0.1e which is supposed to be ABI compatible. I see this crash about 10 times in a given 24 hour period.

      I'm interested in OpenSSL 1.0.1e as there is a CPU usage improvement in my tests, and for TLS 1.2 support.

      I came across this squid bug with a very similar backtrace. The OpenSSL RT ticket says

      "I have discussed this situation with some Squid developers and we decided - after SSL error 1408F10B calling standard/raw read() instead of SSL_read() for empty socket buffer and this patch stopped crash Squid."

      http://rt.openssl.org/Ticket/Display.html?id=3128&user=guest&pass=guest

      #0  0x0000003f842e7154 in EVP_DigestFinal_ex () from /usr/lib64/libcrypto.so.10
      #1  0x0000003f84636263 in tls1_final_finish_mac () from /usr/lib64/libssl.so.10
      #2  0x0000003f8462ad62 in ssl3_do_change_cipher_spec () from /usr/lib64/libssl.so.10
      #3  0x0000003f8462c7f7 in ssl3_read_bytes () from /usr/lib64/libssl.so.10
      #4  0x0000003f8462d5e2 in ssl3_get_message () from /usr/lib64/libssl.so.10
      #5  0x0000003f8461da1c in ssl3_get_cert_verify () from /usr/lib64/libssl.so.10
      #6  0x0000003f84621e78 in ssl3_accept () from /usr/lib64/libssl.so.10
      #7  0x00000000006711aa in SSLNetVConnection::sslServerHandShakeEvent (this=0x2aadd0024300,
          err=@0x2aacab940c5c) at SSLNetVConnection.cc:488
      #8  0x0000000000672b77 in SSLNetVConnection::sslStartHandShake (this=0x2aadd0024300,
          event=<value optimized out>, err=@0x2aacab940c5c) at SSLNetVConnection.cc:470
      #9  0x0000000000671dd2 in SSLNetVConnection::net_read_io (this=0x2aadd0024300, nh=
          0x2aacaa02cbf0, lthread=0x2aacaa029010) at SSLNetVConnection.cc:217
      #10 0x000000000067b8c2 in NetHandler::mainNetEvent (this=0x2aacaa02cbf0,
          event=<value optimized out>, e=<value optimized out>) at UnixNet.cc:386
      #11 0x00000000006a335f in handleEvent (this=0x2aacaa029010, e=0x1230a30, calling_code=5)
          at I_Continuation.h:146
      #12 EThread::process_event (this=0x2aacaa029010, e=0x1230a30, calling_code=5)
          at UnixEThread.cc:141
      #13 0x00000000006a3d43 in EThread::execute (this=0x2aacaa029010) at UnixEThread.cc:265
      #14 0x00000000006a21fa in spawn_thread_internal (a=0x143ec30) at Thread.cc:88
      #15 0x00002aaca05b9851 in start_thread () from /lib64/libpthread.so.0
      #16 0x000000324f0e890d in clone () from /lib64/libc.so.6
      
      NOTE: Traffic Server received Sig 11: Segmentation fault
      /home/y/bin/traffic_server - STACK TRACE:
      /lib64/libpthread.so.0(+0x324f40f500)[0x2b523d64e500]
      /usr/lib64/libcrypto.so.10(EVP_DigestFinal_ex+0x24)[0x3f842e7154]
      /usr/lib64/libssl.so.10(tls1_final_finish_mac+0x233)[0x3f84636263]
      /usr/lib64/libssl.so.10(ssl3_do_change_cipher_spec+0x72)[0x3f8462ad62]
      /usr/lib64/libssl.so.10(ssl3_read_bytes+0xb57)[0x3f8462c7f7]
      /usr/lib64/libssl.so.10(ssl3_get_message+0x222)[0x3f8462d5e2]
      /usr/lib64/libssl.so.10(ssl3_get_cert_verify+0x6c)[0x3f8461da1c]
      /usr/lib64/libssl.so.10(ssl3_accept+0x788)[0x3f84621e78]
      /home/y/bin/traffic_server(SSLNetVConnection::sslServerHandShakeEvent(int&)+0x2a)[0x6711aa]
      /home/y/bin/traffic_server(SSLNetVConnection::sslStartHandShake(int, int&)+0x37)[0x672b77]
      /home/y/bin/traffic_server(SSLNetVConnection::net_read_io(NetHandler*, EThread*)+0x1f2)[0x671dd2]
      /home/y/bin/traffic_server(NetHandler::mainNetEvent(int, Event*)+0x1f2)[0x67b8c2]
      /home/y/bin/traffic_server(EThread::process_event(Event*, int)+0x8f)[0x6a335f]
      /home/y/bin/traffic_server(EThread::execute()+0x4a3)[0x6a3d43]
      /home/y/bin/traffic_server[0x6a21fa]
      /lib64/libpthread.so.0(+0x324f407851)[0x2b523d646851]
      /lib64/libc.so.6(clone+0x6d)[0x324f0e890d]
      

      Attachments

        1. ts2355.diff
          3 kB
          Ron Barber
        2. ts2355.diff
          3 kB
          Ron Barber

        Issue Links

          Activity

            People

              bcall Bryan Call
              dcarlin David Carlin
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: