Hi Jeff, Thank you for the link to the bug tracker ticket. Perhaps I can suggest to Jade to go with disabling DH. Thank you so much for your time.
On May 8, 6:25 am, Jeff Hobbs <[email protected]> wrote: > If Diffie Helmann is the only real issue here, maybe this should also be > considered and DH removed by default configure. > > https://sourceforge.net/tracker/?func=detail&aid=1811445&group_id=132... > > Jeff > > On 06/05/2009 6:45 PM, Sep Ng wrote: > > > > > Hi Jeff, > > > I'm going to review options on how to progress with this problem with > > Jade. I've traced and stepped into TlsInit, and CtxInit functions and > > as far as I can see, the mutex functions we wrote seems to be > > working. I wonder if there is some influence by aolserver or what > > not. I don't know. It also seems that allow_customize in > > CRYPTO_set_mem_functions is getting set to zero for some reason. I'm > > not totally sure why that is happening. > > > At this moment, I don't know what to do. > > > On May 7, 7:14 am, Jack Schmidt <[email protected]> wrote: > >> Hi, Sep here. > > >> I just tried by disabling nsopenssl and it crashes at the same point. I > >> suppose this is definitely more related to using aolserver with tls. I've > >> included a backtrace and it shows the same point of failure. > > >> We use aolserver 4.0.10, though I'm not sure how relevant it is to the > >> discussion. I'll try to check the startup routine of aolserver and see if > >> I > >> can find anything. > > >> 2009/5/7 Jeff Hobbs <[email protected]> > > >>> Is it possible that both nsopenssl and tls are in use, and that they both > >>> might be initializing openssl in the same process? I'm not sure if this > >>> would be a support case if so. > >>> On 05/05/2009 6:16 PM, Sep Ng wrote: > >>>> Hi Jeff, > >>>> I took a closer look at the patch you posted. It seems that the > >>>> CRYPTO_set_mem_functions is not succeeding. The default memory > >>>> functions that CRYPTO uses are malloc, realloc, and free but from the > >>>> back trace, it looks like ns_malloc, ns_realloc and ns_free are the > >>>> ones being used for some reason. I think I'm running out of ideas > >>>> here. It's unclear why CRYPTO_set_mem_function would return 0 instead > >>>> of 1, unless it's some bug in my OpenSSL package in Ubuntu. > >>>> On May 6, 8:42 am, Jack Schmidt <[email protected]> wrote: > >>>>> I've just yanked the debug. This includes the backtrace and memory > >>>>> frame > >>>>> info and the local info for most of the frames up until #11 CTX_Init. > >>>>> As > >>>>> before, the crash happens when DH_free is called. > >>>>> 2009/5/6 Jeff Hobbs <[email protected]> > >>>>> Of the presented patches, I didn't find one that seemed to actually > >>>>>> work, > >>>>>> so I wrote one based on those presented. It is attached. Please test > >>>>>> it in > >>>>>> your environments. I have tested that it passes the basic tls test > >>>>>> suite > >>>>>> against a threaded Tcl 8.5.7 core build on Linux-x64 (and verified that > >>>>>> OPENSSL_THREADS was true for this install). > >>>>>> This patch is against tls 1.6 head. > >>>>>> Jeff > >>>>>> On 05/05/2009 3:42 PM, Sep Ng wrote: > >>>>>>> I'll try it. I didn't give it much thought at first but looking at it > >>>>>>> again, I think it might prevent the long string of ns_free and other > >>>>>>> calls to free memory after DH_free. > >>>>>>> On May 6, 3:43 am, Jeff Hobbs <[email protected]> wrote: > >>>>>>>> Just starting to look at this, but from the nsopenssl.c I saw another > >>>>>>>> interesting function not used by TLS: > >>>>>>>> if (CRYPTO_set_mem_functions(ns_malloc, ns_realloc, ns_free) == 0) > >>>>>>>> ... > >>>>>>>> We could do the same and point to Tcl_Alloc, Tcl_Realloc and > >>>>>>>> Tcl_Free. > >>>>>>>> I'm not sure they are necessary, and CRYPTO_set_mem_debug_functions > >>>>>>>> isn't used, but it might help debug. > >>>>>>> .... > >>> -- > >>> AOLserver -http://www.aolserver.com/ > >>> To Remove yourself from this list, simply send an email to < > >>> [email protected]> with the > >>> body of "SIGNOFF AOLSERVER" in the email message. You can leave the > >>> Subject: field of your email blank. > >> -- > >> "A scrum a day keeps the pigs at bay" > > >> -- > >> AOLserver -http://www.aolserver.com/ > > >> To Remove yourself from this list, simply send an email to > >> <[email protected]> with the > >> body of "SIGNOFF AOLSERVER" in the email message. You can leave the > >> Subject: field of your email blank. > > >> bt-without-nsopenssl > >> 17KViewDownload > > > -- > > AOLserver -http://www.aolserver.com/ > > > To Remove yourself from this list, simply send an email to > > <[email protected]> with the > > body of "SIGNOFF AOLSERVER" in the email message. You can leave the > > Subject: field of your email blank. > > -- > AOLserver -http://www.aolserver.com/ > > To Remove yourself from this list, simply send an email to > <[email protected]> with the > body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: > field of your email blank. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to <[email protected]> with the body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of your email blank.
