On 16/04/17 20:17, Sanjaya Joshi wrote:
> Hello,
> 
> I use openldap_2.3.39 to initiate secure LDAP connection (starttls) to
> external LDAP server. The used openssl version is 1.0.2k.
> 
> While establishing the secure connection from client, i observe the
> following segmentation fault occasionally (Not always reproducible).
> 
> Any pointers please ?
> 

Are you able to compile openssl with debug symbols? That's not a lot to
go on.

Matt

> "
> [Thread debugging using libthread_db enabled]
> Using host libthread_db library "/lib64/libthread_db.so.1".
> Core was generated by `/opt/nsn/pac_bor_qx_e1/bin/border'.
> Program terminated with signal SIGSEGV, Segmentation fault.
> #0  0x00007fd6b8271bd9 in sk_value () from /usr/lib64/libcrypto.so.1.0.0
> (gdb) bt
> #0  0x00007fd6b8271bd9 in sk_value () from /usr/lib64/libcrypto.so.1.0.0
> #1  0x00007fd6b3495516 in ssl23_connect () from /usr/lib64/libssl.so.1.0.0
> #2  0x00007fd6b7d2d6cf in ldap_int_tls_connect (ld=0x7fd6880486d0,
> conn=0x7fd68802d9e0) at tls.c:805
> #3  0x00007fd6b7d2ece0 in ldap_int_tls_start (ld=0x7fd6880486d0,
> conn=0x7fd68802d9e0, srv=0x0) at tls.c:1511
> #4  0x00007fd6b7d2f6e9 in ldap_install_tls (ld=0x7fd6880486d0) at tls.c:1935
> #5  0x00007fd6bb46c6c1 in open_connection_as
> (ldap_host_address=0x7fd68805de90 "10.55.433.1", port=389, client_access=0,
>     user_dn=0x7fd6880543c8
> "uid=user1,ou=people,ou=accounts,dc=sasa,dc=test,dc=net",
>     user_pwd=0x7fd6962d3c70 "saaadh45sks", ldap_handle=0x7fd6962d2838,
> network_timeout=5000, request_id=0x7fd6962d144c,
>     error_string=0x7fd6962d1440, isSecure=2, cacertFile=0x7fd688048bf8
> "/etc/certs/cacert.pem",
>     ciphers=0x7fd68805e138
> "DHE-RSA-AES256-SHA:AES256-SHA:DHE-RSA-AES128-SHA:AES128-SHA",
> reqCert=0x7fd6962d2558) at ../src/api.c:1048
> #6  0x00007fd6bb46ca97 in open_secure_connection_starttls_request
> (ldap_host_address=0x7fd68805de90 "10.55.433.1", port=389,
>     client_access=0, user_dn=0x7fd6880543c8
> "uid=user1,ou=people,ou=accounts,dc=sasa,dc=test,dc=net",
>     user_pwd=0x7fd6962d3c70 "saaadh45sks", ldap_handle=0x7fd6962d2838,
> network_timeout=5000, request_id=0x7fd6962d144c,
>     error_string=0x7fd6962d1440, cacertFile=0x7fd688048bf8
> "/etc/certs/cacert.pem",
>     ciphers=0x7fd68805e138
> "DHE-RSA-AES256-SHA:AES256-SHA:DHE-RSA-AES128-SHA:AES128-SHA",
> reqCert=0x7fd6962d2558) at ../src/api.c:1258
> #7  0x00007fd6b9c899c8 in tryConnectExtLdap (host=0x7fd68805de90
> "10.55.433.1", port=389,
>     binddn=0x7fd6962d3380
> "uid=user1,ou=people,ou=accounts,dc=sasa,dc=test,dc=net",
> pwd=0x7fd6962d3c70 "saaadh45sks",
>     _extHandle=@0x7fd6962d2838: 0x7fd6880486d0, peopledn=0x7fd6880495b0
> "ou=people,ou=accounts,dc=sasa,dc=test,dc=net", secureMode=0,
>     cacertFile=..., ciphers=..., reqCert=5, timeout_ms=5000)
>     at ../../src/acct.cpp:1694
> #8  0x00007fd6b9c88df1 in validate_account (accountName=0x7fd6962d3380
> "uid=user1,ou=people,ou=accounts,dc=sasa,dc=test,dc=net",
>     accountPassword=0x7fd6962d3c70 "saaadh45sks") at ../../src/acct.cpp:1623
> #9  0x0000000000479d3a in set_acc
> (userName=userName@entry=0x7fd6962d3870 "user1",
>     password=password@entry=0x7fd6962d3c70 "saaadh45sks") at
> ../src/borfunc_cou.c:4066
> #10 0x000000000045217b in _71571_2 (_T=0x42907000) at
> ../src/bor7qxqx.sdl:600
> #11 0x000000000044fd45 in _s71571_ACTIVE (_T=<optimized out>) at
> _Sborha7ACTIVE.c:33
> #12 0x00007fd6b6ec8a65 in call_transition (msg=0x7fd6bc0d8948, process=96)
>     at /home/core/threadmain.c:656
> #13 call_transition_with_fatal_sig_catching (thread=<optimized out>,
> thread@entry=0x25d7d90, process=process@entry=96,
>     msg=msg@entry=0x7fd6bc0d8948) at /home/core/threadmain.c:669
> #14 0x00007fd6b6ec9499 in execute_user_code (msg=0x7fd6bc0d8948,
> process=96, thread=0x25d7d90)
>     at /home/core/threadmain.c:687
> #15 exec_main_loop (thread=0x25d7d90) at /home/core/threadmain.c:882
> #16 thread_context_main (arg=<optimized out>) at /home/core/threadmain.c:592
> #17 0x00007fd6b64f2f50 in ?? () from /lib64/libc.so.6
> #18 0x0000000000000000 in ?? ()
> (gdb)
> "
> 
> Regards,
> Sanjaya
> 
> 
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Reply via email to