You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficserver.apache.org by "Dave Thompson (JIRA)" <ji...@apache.org> on 2015/07/09 20:42:05 UTC

[jira] [Commented] (TS-3277) Core durring ssl handshake

    [ https://issues.apache.org/jira/browse/TS-3277?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14621044#comment-14621044 ] 

Dave Thompson commented on TS-3277:
-----------------------------------

Observation, a commonality between several of these core dumps is they are in an SHA1_Update during SSL23_Connect().

SSL23_Connect() is the OpenSSL command for a client side connection to an origin server during Handshake phase. During a handshake, SHA1 would be used for either A) one of the cert digital signature check during authentication, B) running record layer MAC computation.

One of the three stack traces I've looked at shows this to be occurring during ECDSA_sign() call, which points to a cert authentication phase (A) digital signature check of TLS-handshake.

Wonder if we can isolate the TLS origin server that is being contacted during the core dumps?
...thinking that there may be a particular pattern in the server's cert or cert chain that might be triggering this within OpenSSL. Future related reports, it might also be handy to note the version of OpenSSL that was being used at the time, as this appears deep in the bowels of SSL land.    Have seen this issue has been reported while ATS was using RedHat port of OpenSSL 1.0.1e.

> Core durring ssl handshake
> --------------------------
>
>                 Key: TS-3277
>                 URL: https://issues.apache.org/jira/browse/TS-3277
>             Project: Traffic Server
>          Issue Type: Bug
>          Components: SSL
>    Affects Versions: 5.3.0
>            Reporter: Bryan Call
>            Assignee: Bryan Call
>              Labels: yahoo
>             Fix For: 6.0.0
>
>
> Running 5.2.0 RC4:
> {code}
> (gdb) bt full
> #0  0x0000003bae4758a3 in ?? () from /usr/lib64/libcrypto.so.10
> No symbol table info available.
> #1  0xca62c1d6ca62c1d6 in ?? ()
> No symbol table info available.
> #2  0xca62c1d6ca62c1d6 in ?? ()
> No symbol table info available.
> #3  0xca62c1d6ca62c1d6 in ?? ()
> No symbol table info available.
> #4  0xca62c1d6ca62c1d6 in ?? ()
> No symbol table info available.
> #5  0xca62c1d6ca62c1d6 in ?? ()
> No symbol table info available.
> #6  0xca62c1d6ca62c1d6 in ?? ()
> No symbol table info available.
> #7  0xca62c1d6ca62c1d6 in ?? ()
> No symbol table info available.
> #8  0xca62c1d6ca62c1d6 in ?? ()
> No symbol table info available.
> #9  0x0000003bae7df7d9 in ?? () from /usr/lib64/libcrypto.so.10
> No symbol table info available.
> #10 0x00002b87e3249600 in ?? ()
> No symbol table info available.
> #11 0x0000000000000026 in ?? () at P_CacheArray.h:157
> No symbol table info available.
> ---Type <return> to continue, or q <return> to quit---
> #12 0x0000003bae472d27 in SHA1_Update () from /usr/lib64/libcrypto.so.10
> No symbol table info available.
> #13 0x0000003bae4e6254 in ?? () from /usr/lib64/libcrypto.so.10
> No symbol table info available.
> #14 0x0000003bae830bb3 in ssl23_connect () from /usr/lib64/libssl.so.10
> No symbol table info available.
> #15 0x000000000074877c in SSLConnect (ssl=0x2b87e27f6130) at SSLUtils.cc:1937
>         ret = 0
> #16 0x000000000073fe60 in SSLNetVConnection::sslClientHandShakeEvent (
>     this=0x2b88706bca90, err=@0x2b8698503af8) at SSLNetVConnection.cc:1080
>         __func__ = "sslClientHandShakeEvent"
>         ssl_error = 2301
> #17 0x000000000073f58c in SSLNetVConnection::sslStartHandShake (
>     this=0x2b88706bca90, event=1, err=@0x2b8698503af8)
>     at SSLNetVConnection.cc:886
>         __func__ = "sslStartHandShake"
> #18 0x0000000000753150 in write_to_net_io (nh=0x2b8691f56ad0,
>     vc=0x2b88706bca90, thread=0x2b8691f53010) at UnixNetVConnection.cc:376
>         err = -1846202352
>         ret = 38197360
>         buf = @0x740777
>         wattempted = 2644
>         lock = {m = {m_ptr = 0x2b86d812a4a0}, lock_acquired = true}
>         towrite = 1
> ---Type <return> to continue, or q <return> to quit---
>         signalled = 10
>         total_written = 47856974376976
>         r = 47856974376976
>         s = 0x2b88706bcc08
>         mutex = 0x2c59e30
>         ntodo = 47857081006960
>         needs = 0
> #19 0x000000000075300e in write_to_net (nh=0x2b8691f56ad0, vc=0x2b88706bca90,
>     thread=0x2b8691f53010) at UnixNetVConnection.cc:353
>         mutex = 0x2c59e30
> #20 0x000000000074c779 in NetHandler::mainNetEvent (this=0x2b8691f56ad0,
>     event=5, e=0x25a2f30) at UnixNet.cc:415
>         epd = 0x2b8870121990
>         pd = 0x2b8699ec8010
>         __func__ = "mainNetEvent"
>         poll_timeout = 0
>         vc = 0x2b88706bca90
> #21 0x0000000000502f98 in Continuation::handleEvent (this=0x2b8691f56ad0,
>     event=5, data=0x25a2f30) at ../iocore/eventsystem/I_Continuation.h:146
> No locals.
> #22 0x000000000077330e in EThread::process_event (this=0x2b8691f53010,
>     e=0x25a2f30, calling_code=5) at UnixEThread.cc:144
>         c_temp = 0x2b8691f56ad0
>         lock = {m = {m_ptr = 0x307be70}, lock_acquired = true}
> ---Type <return> to continue, or q <return> to quit---
> #23 0x0000000000773818 in EThread::execute (this=0x2b8691f53010)
>     at UnixEThread.cc:268
>         done_one = false
>         e = 0x25a2f30
>         NegativeQueue = {<DLL<Event, Event::Link_link>> = {head = 0x0},
>           tail = 0x0}
>         next_time = 1420578155814685026
> #24 0x00000000007728c9 in spawn_thread_internal (a=0x2d296d0) at Thread.cc:88
>         p = 0x2d296d0
> #25 0x00002b85ddb4d851 in start_thread () from /lib64/libpthread.so.0
> No symbol table info available.
> #26 0x00000033522e890d in clone () from /lib64/libc.so.6
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)