On Mon, Sep 08, 2014 at 02:36:20PM -0700, Norm Green wrote:
Thanks Victor. I don't have a handshake recording for these stacks. The
problem occurs intermittently.
Any chance you can capture enough sessions to also nab one (full-size
packet capture) that ran into the problem?
I've dumped the SSL state and method objects
for the server and client. Anything else you want to see while the
processes are still alive?
Here's the SSL state and method from the server:
(gdb) p *s
$1 = {version = 770, type = 8192, method = 0x7f666a831040
<TLSv1_1_server_method_data.15190>, rbio = 0x1082990, wbio = 0x1090e80, bbio
= 0x1090e80, rwstate = 3, in_handshake = 1,
handshake_func = 0x7f666a53b962 <ssl3_accept>, server = 1, new_session =
0, quiet_shutdown = 0, shutdown = 0, state = 8609, rstate = 240, init_buf =
0x1082ef0, init_msg = 0x1082f14, init_num = 24,
init_off = 0, packet = 0x1088473 "\026\003\002", packet_length = 0, s2 =
0x0, s3 = 0x10824b0, d1 = 0x0, read_ahead = 0, msg_callback = 0x0,
msg_callback_arg = 0x0, hit = 0, param = 0x1081f30,
cipher_list = 0x0, cipher_list_by_id = 0x0, mac_flags = 0, enc_read_ctx =
0x1093830, read_hash = 0x1093980, expand = 0x0, enc_write_ctx = 0x0,
write_hash = 0x0, compress = 0x0, cert = 0x1081e00,
sid_ctx_length = 0, sid_ctx = '\000' <repeats 31 times>, session =
0x1093020,
Much of the interesting state is in the session, so also:
p s->session[0]
And from the client:
$1 = {version = 770, type = 4096, method = 0x7f91b3b04a40
<TLSv1_1_client_method_data.15190>, rbio = 0x2585720, wbio = 0x260c210, bbio
= 0x260c210, rwstate = 3, in_handshake = 1,
handshake_func = 0x7f91b38002df <ssl3_connect>, server = 0, new_session =
0, quiet_shutdown = 0, shutdown = 2, state = 4576, rstate = 240, init_buf =
0x260c290, init_msg = 0x2614364, init_num = 0,
init_off = 0, packet = 0x2580093 "\025\003\002", packet_length = 0, s2 =
0x0, s3 = 0x253d720, d1 = 0x0, read_ahead = 0, msg_callback = 0x0,
msg_callback_arg = 0x0, hit = 0, param = 0x260c3c0,
cipher_list = 0x0, cipher_list_by_id = 0x0, mac_flags = 0, enc_read_ctx =
0x0, read_hash = 0x0, expand = 0x0, enc_write_ctx = 0x253e590, write_hash =
0x2612420, compress = 0x0, cert = 0x25855e0,
sid_ctx_length = 0, sid_ctx = '\000' <repeats 31 times>, session =
0x2619900,
Ditto here: p s->session[0]
generate_session_id = 0x0, verify_mode = 0, verify_callback =
0x0, info_callback = 0x0, error = 0, error_code = 0,
psk_client_callback = 0x0, psk_server_callback = 0x0, ctx = 0x26127a0,
debug = 0, verify_result = 0, ex_data = {sk = 0x0, dummy = 0}, client_CA =
0x0, references = 1, options = 4, mode = 4,
max_cert_list = 102400, first_packet = 0, client_version = 770,
max_send_fragment = 16384, tlsext_debug_cb = 0x0, tlsext_debug_arg = 0x0,
tlsext_hostname = 0x0, servername_done = 0, tlsext_status_type = -1,
tlsext_status_expected = 0, tlsext_ocsp_ids = 0x0, tlsext_ocsp_exts = 0x0,
tlsext_ocsp_resp = 0x0, tlsext_ocsp_resplen = -1, tlsext_ticket_expected =
1, tlsext_ecpointformatlist_length = 0,
tlsext_ecpointformatlist = 0x0, tlsext_ellipticcurvelist_length = 0,
tlsext_ellipticcurvelist = 0x0, tlsext_opaque_prf_input = 0x0,
tlsext_opaque_prf_input_len = 0, tlsext_session_ticket = 0x0,
tls_session_ticket_ext_cb = 0x0, tls_session_ticket_ext_cb_arg = 0x0,
tls_session_secret_cb = 0x0, tls_session_secret_cb_arg = 0x0, initial_ctx =
0x26127a0, next_proto_negotiated = 0x0,
next_proto_negotiated_len = 0 '\000', srtp_profiles = 0x0, srtp_profile =
0x0, tlsext_heartbeat = 1, tlsext_hb_pending = 0, tlsext_hb_seq = 0,
renegotiate = 0, srp_ctx = {SRP_cb_arg = 0x0,
TLS_ext_srp_username_callback = 0x0, SRP_verify_param_callback = 0x0,
SRP_give_srp_client_pwd_callback = 0x7f91b380a53f
<srp_password_from_info_cb>, login = 0x2509ef0 "qauser3", N = 0x26198d0,
g = 0x257f4e0, s = 0x257f510, B = 0x257f570, A = 0x257f6b0, a =
0x257f630, b = 0x0, v = 0x0, info = 0x253d188 "junkfish", strength = 1024,
srp_Mask = 1024}}
If the string "junkfish" is sensitive, you may want to change
passwords...
