Modify

Opened 10 years ago

Closed 9 years ago

Last modified 9 years ago

#3752 closed defect (fixed)

openvpn segfaults with openssl 0.9.8h (11790)

Reported by: alex@… Owned by: developers
Priority: normal Milestone:
Component: packages Version: Trunk
Keywords: segfault openvpn openssl Cc:

Description

Hi

seems like openvpn compiles okay against 0.9.8h, but segfaults when trying to run in.

When I installed an old libopenssl (0.9.8e-3) it worked okay.

Alex

Attachments (0)

Change History (7)

comment:1 Changed 10 years ago by anonymous

I am also seeing this on a wrtsl54gs using "curl". Downgrading to 0.9.8.e-1 fixed me.

comment:2 Changed 10 years ago by daniel@…

I have the same problem on my Asus WL500gP with enabled cryptodev.

If you remove the patch "210-use_cryptodev_by_default_if_available.patch" everything works as expected.

The cryptodev (OCF) engine works fine without it. You can test this behavior with a little test program:
http://www.danm.de/files/src/openwrt/ssltest/

It always segfaults when calling SSL_library_init().

bye,
Daniel

comment:3 Changed 10 years ago by GLR <glr@…>

Idem with libopenssl 0.9.8h-1 on ixp4xx platform.

Removed the patch "210-use_cryptodev_by_default_if_available.patch" and openvpn works back.

comment:4 Changed 10 years ago by kaloz

  • Resolution set to fixed
  • Status changed from new to closed

patch has been removed in [11904]

comment:5 Changed 9 years ago by matteo

  • Resolution fixed deleted
  • Status changed from closed to reopened

I have this crash on MIPS:

# openvpn --config smartlab.conf
Mon Mar  2 10:39:19 2009 us=920454 OpenVPN 2.0.9 mips-openwrt-linux [SSL] [LZO] built on Feb  8 2009
Mon Mar  2 10:39:19 2009 us=927374 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.                                                                                                                                                          
Mon Mar  2 10:39:19 2009 us=931330 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.                     
Mon Mar  2 10:39:19 2009 us=963678 Control Channel Authentication: using '/etc/openvpn/tls-auth.key' as a OpenVPN static key file                                                  
Mon Mar  2 10:39:19 2009 us=968159 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication                                              
Mon Mar  2 10:39:19 2009 us=973023 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication                                              
Mon Mar  2 10:39:19 2009 us=981624 Control Channel MTU parms [ L:1589 D:166 EF:66 EB:0 ET:0 EL:0 ]                                                                                 
Mon Mar  2 10:39:19 2009 us=991196 Data Channel MTU parms [ L:1589 D:1450 EF:57 EB:4 ET:32 EL:0 ]                                                                                  
Mon Mar  2 10:39:19 2009 us=992673 Local Options String: 'V4,dev-type tap,link-mtu 1589,tun-mtu 1532,proto UDPv4,keydir 1,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'                                                                                                                                                                  
Mon Mar  2 10:39:19 2009 us=993555 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1589,tun-mtu 1532,proto UDPv4,keydir 0,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'                                                                                                                                                        
Mon Mar  2 10:39:19 2009 us=995036 Local Options hash (VER=V4): 'f923c53d'                                                                                                         
Mon Mar  2 10:39:19 2009 us=996587 Expected Remote Options hash (VER=V4): '97b167e2'                                                                                               
Mon Mar  2 10:39:19 2009 us=999517 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay                                                              
Mon Mar  2 10:39:20 2009 us=565 Socket Buffers: R=[32767->65534] S=[32767->65534]                                                                                                  
Mon Mar  2 10:39:20 2009 us=1745 UDPv4 link local: [undef]                                                                                                                         
Mon Mar  2 10:39:20 2009 us=2695 UDPv4 link remote: 87.24.149.179:1194                                                                                                             
Mon Mar  2 10:39:20 2009 us=4647 UDPv4 WRITE [42] to 87.24.149.179:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0                                      
Mon Mar  2 10:39:20 2009 us=62584 UDPv4 READ [54] from 87.24.149.179:1194: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #1 ] [ 0 ] pid=0 DATA len=0                                  
Mon Mar  2 10:39:20 2009 us=68032 TLS: Initial packet from 87.24.149.179:1194, sid=25f9ceb7 3879c1c8                                                                               
Mon Mar  2 10:39:20 2009 us=71628 UDPv4 WRITE [50] to 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #2 ] [ 0 ]                                                                          
Mon Mar  2 10:39:20 2009 us=76427 UDPv4 WRITE [134] to 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #3 ] [ ] pid=1 DATA len=92                                                     
Mon Mar  2 10:39:20 2009 us=172364 UDPv4 READ [154] from 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #2 ] [ 1 ] pid=1 DATA len=100                                                
Mon Mar  2 10:39:20 2009 us=179986 UDPv4 WRITE [50] to 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #4 ] [ 1 ]                                                                         
Mon Mar  2 10:39:20 2009 us=183037 UDPv4 READ [142] from 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #3 ] [ ] pid=2 DATA len=100                                                  
Mon Mar  2 10:39:20 2009 us=187089 UDPv4 WRITE [50] to 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #5 ] [ 2 ]                                                                         
Mon Mar  2 10:39:20 2009 us=189919 UDPv4 READ [142] from 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #4 ] [ ] pid=3 DATA len=100                                                  
Mon Mar  2 10:39:20 2009 us=193668 UDPv4 WRITE [50] to 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #6 ] [ 3 ]                                                                         
Mon Mar  2 10:39:20 2009 us=200151 UDPv4 READ [142] from 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #5 ] [ ] pid=4 DATA len=100                                                  
Mon Mar  2 10:39:20 2009 us=208886 UDPv4 WRITE [50] to 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #7 ] [ 4 ]                                                                         
Mon Mar  2 10:39:20 2009 us=250405 UDPv4 READ [142] from 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #6 ] [ ] pid=5 DATA len=100                                                  
Mon Mar  2 10:39:20 2009 us=257608 UDPv4 WRITE [50] to 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #8 ] [ 5 ]                                                                         
Mon Mar  2 10:39:20 2009 us=263724 UDPv4 READ [142] from 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #7 ] [ ] pid=6 DATA len=100                                                  
Mon Mar  2 10:39:20 2009 us=270235 UDPv4 WRITE [50] to 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #9 ] [ 6 ]                                                                         
Mon Mar  2 10:39:20 2009 us=273127 UDPv4 READ [142] from 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #8 ] [ ] pid=7 DATA len=100                                                  
Mon Mar  2 10:39:20 2009 us=276664 UDPv4 WRITE [50] to 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #10 ] [ 7 ]                                                                        
Mon Mar  2 10:39:20 2009 us=296616 UDPv4 READ [142] from 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #9 ] [ ] pid=8 DATA len=100                                                  
Mon Mar  2 10:39:20 2009 us=303928 UDPv4 WRITE [50] to 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #11 ] [ 8 ]                                                                        
Mon Mar  2 10:39:20 2009 us=320399 UDPv4 READ [142] from 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #10 ] [ ] pid=9 DATA len=100                                                 
Mon Mar  2 10:39:20 2009 us=323785 UDPv4 WRITE [50] to 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #12 ] [ 9 ]                                                                        
Mon Mar  2 10:39:20 2009 us=338156 NOTE: --mute triggered...                                                                                                                       
Mon Mar  2 10:39:20 2009 us=530215 21 variation(s) on previous 20 message(s) suppressed by --mute                                                                                  
Mon Mar  2 10:39:20 2009 us=534110 VERIFY OK: depth=1, /C=IT/ST=RM/L=Rome/O=SmartLab/OU=Certification_Authority/CN=SmartLab_CA/emailAddress=ca@smartlab.net                        
Mon Mar  2 10:39:20 2009 us=545550 VERIFY OK: depth=0, /C=IT/ST=Cosenza/O=SmartLab/OU=Software_Development/CN=smartlab.net/emailAddress=ca@smartlab.net                            
Mon Mar  2 10:39:20 2009 us=552985 UDPv4 WRITE [50] to 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #23 ] [ 20 ]                                                                       
Mon Mar  2 10:39:20 2009 us=559454 UDPv4 READ [142] from 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #22 ] [ ] pid=21 DATA len=100                                                
Mon Mar  2 10:39:20 2009 us=562811 UDPv4 WRITE [50] to 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #24 ] [ 21 ]                                                                       
Mon Mar  2 10:39:20 2009 us=574604 UDPv4 READ [142] from 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #23 ] [ ] pid=22 DATA len=100                                                
Mon Mar  2 10:39:20 2009 us=581148 UDPv4 WRITE [50] to 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #25 ] [ 22 ]                                                                       
Mon Mar  2 10:39:20 2009 us=584506 UDPv4 READ [142] from 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #24 ] [ ] pid=23 DATA len=100                                                
Mon Mar  2 10:39:20 2009 us=588103 UDPv4 WRITE [50] to 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #26 ] [ 23 ]                                                                       
Mon Mar  2 10:39:20 2009 us=630675 UDPv4 READ [142] from 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #25 ] [ ] pid=24 DATA len=100                                                
Mon Mar  2 10:39:20 2009 us=646553 UDPv4 WRITE [50] to 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #27 ] [ 24 ]                                                                       
Mon Mar  2 10:39:20 2009 us=654183 UDPv4 READ [142] from 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #26 ] [ ] pid=25 DATA len=100                                                
Mon Mar  2 10:39:20 2009 us=661740 UDPv4 WRITE [50] to 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #28 ] [ 25 ]                                                                       
Mon Mar  2 10:39:20 2009 us=664620 UDPv4 READ [59] from 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #27 ] [ ] pid=26 DATA len=17
Mon Mar  2 10:39:21 2009 us=284771 UDPv4 WRITE [154] to 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #29 ] [ 26 ] pid=2 DATA len=100
Mon Mar  2 10:39:21 2009 us=292259 UDPv4 WRITE [142] to 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #30 ] [ ] pid=3 DATA len=100
Mon Mar  2 10:39:21 2009 us=299405 UDPv4 WRITE [142] to 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #31 ] [ ] pid=4 DATA len=100
Mon Mar  2 10:39:21 2009 us=305456 UDPv4 WRITE [142] to 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #32 ] [ ] pid=5 DATA len=100
Mon Mar  2 10:39:21 2009 us=377168 UDPv4 READ [50] from 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #28 ] [ 2 ]
Mon Mar  2 10:39:21 2009 us=383335 UDPv4 WRITE [142] to 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #33 ] [ ] pid=6 DATA len=100
Mon Mar  2 10:39:21 2009 us=389648 UDPv4 READ [50] from 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #29 ] [ 3 ]
Mon Mar  2 10:39:21 2009 us=392883 UDPv4 WRITE [142] to 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #34 ] [ ] pid=7 DATA len=100
Mon Mar  2 10:39:21 2009 us=395408 NOTE: --mute triggered...
Mon Mar  2 10:39:21 2009 us=913012 50 variation(s) on previous 20 message(s) suppressed by --mute
Mon Mar  2 10:39:21 2009 us=917269 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Mon Mar  2 10:39:21 2009 us=918437 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Mar  2 10:39:21 2009 us=919501 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Mon Mar  2 10:39:21 2009 us=920565 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Mar  2 10:39:21 2009 us=922375 UDPv4 WRITE [50] to 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #58 ] [ 30 ]
Mon Mar  2 10:39:21 2009 us=924947 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mon Mar  2 10:39:21 2009 us=926541 [smartlab.net] Peer Connection Initiated with 87.24.149.179:1194
Mon Mar  2 10:39:23 2009 us=197428 SENT CONTROL [smartlab.net]: 'PUSH_REQUEST' (status=1)
Mon Mar  2 10:39:23 2009 us=202173 UDPv4 WRITE [132] to 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #59 ] [ ] pid=29 DATA len=90
Mon Mar  2 10:39:23 2009 us=272206 UDPv4 READ [50] from 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #57 ] [ 29 ]
Mon Mar  2 10:39:23 2009 us=278779 UDPv4 READ [142] from 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #58 ] [ ] pid=31 DATA len=100
Mon Mar  2 10:39:23 2009 us=284755 UDPv4 WRITE [50] to 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #60 ] [ 31 ]
Mon Mar  2 10:39:23 2009 us=290075 UDPv4 READ [142] from 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #59 ] [ ] pid=32 DATA len=100
Mon Mar  2 10:39:23 2009 us=293435 UDPv4 WRITE [50] to 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #61 ] [ 32 ]
Mon Mar  2 10:39:23 2009 us=295897 UDPv4 READ [142] from 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #60 ] [ ] pid=33 DATA len=100
Mon Mar  2 10:39:23 2009 us=298156 UDPv4 WRITE [50] to 87.24.149.179:1194: P_ACK_V1 kid=0 pid=[ #62 ] [ 33 ]
Mon Mar  2 10:39:23 2009 us=300253 UDPv4 READ [56] from 87.24.149.179:1194: P_CONTROL_V1 kid=0 pid=[ #61 ] [ ] pid=34 DATA len=14
Mon Mar  2 10:39:23 2009 us=302793 PUSH: Received control message: 'PUSH_REPLY,route 192.168.3.0 255.255.255.0,route 192.168.10.0 255.255.255.0,ip-win32 dynamic,dhcp-option DNS 192.168.3.1,dhcp-option DOMAIN smartlab.net,route-gateway 192.168.254.1,ping 10,ping-restart 120,ifconfig 192.168.254.3 255.255.255.0'
Mon Mar  2 10:39:23 2009 us=304424 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:3: ip-win32 (2.0.9)
Mon Mar  2 10:39:23 2009 us=313268 OPTIONS IMPORT: timers and/or timeouts modified
Mon Mar  2 10:39:23 2009 us=316654 OPTIONS IMPORT: --ifconfig/up options modified
Mon Mar  2 10:39:23 2009 us=317579 OPTIONS IMPORT: route options modified
Mon Mar  2 10:39:23 2009 us=318384 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Segmentation fault

comment:6 Changed 9 years ago by florian

  • Resolution set to fixed
  • Status changed from reopened to closed
  • Version set to 1.0

Should be fixed with the openssl update to 0.9.8k.

comment:7 Changed 9 years ago by nico

  • Version changed from 1.0 to Trunk

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.