Hi, I had trouble accessing some https pages from Java, so I played with wget and got a core dump. Corentin (that I put in CC of this mail) from the "Loop" hackerspace in Paris, helped me trace this bug to come from OpenSSL. Please find more information below.
This bug occurs at least with an up-to-date ubuntu 12.10 with wget 1.13.4 and openssl 1.0.1c. The exact commandline is: $ wget --secure-protocol=sslv2 --no-check-certificate "https://web-ast.dsi.cnrs.fr/l3c/owa/annuaire.recherche/index.html"; --2013-04-18 13:53:51-- https://web-ast.dsi.cnrs.fr/l3c/owa/annuaire.recherche/index.html Aborted (core dumped) If I remember correctly, the line that causes the error is: mode[type] = 0 As a consequence, either 'mode' is uninitialized, or 'type' points to bad location. ------ $ cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=12.10 DISTRIB_CODENAME=quantal DISTRIB_DESCRIPTION="Ubuntu 12.10" ------ $ openssl OpenSSL> version OpenSSL 1.0.1c 10 May 2012 ------ GNU Wget 1.13.4 built on linux-gnu. +digest +https +ipv6 +iri +large-file +nls +ntlm +opie +ssl/openssl Wgetrc: /etc/wgetrc (system) Locale: /usr/share/locale Compile: gcc -DHAVE_CONFIG_H -DSYSTEM_WGETRC="/etc/wgetrc" -DLOCALEDIR="/usr/share/locale" -I. -I../../src -I../lib -I../../lib -D_FORTIFY_SOURCE=2 -Iyes/include -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -DNO_SSLv2 -D_FILE_OFFSET_BITS=64 -g -Wall Link: gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -DNO_SSLv2 -D_FILE_OFFSET_BITS=64 -g -Wall -Wl,-Bsymbolic-functions -Wl,-z,relro -Lyes/lib -lssl -lcrypto -lz -ldl -lz -lidn -lrt ftp-opie.o openssl.o http-ntlm.o ../lib/libgnu.a Copyright (C) 2009 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://www.gnu.org/licenses/gpl.html>. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Originally written by Hrvoje Niksic <hnik...@xemacs.org>. Please send bug reports and questions to <bug-w...@gnu.org>. ------ $ gdb ~/src/wget-1.13.4/src/wget Reading symbols from ~/src/wget-1.13.4/src/wget...done. (gdb) set args --secure-protocol=sslv2 --no-check-certificate "https://web-ast.dsi.cnrs.fr/l3c/owa/annuaire.recherche/index.html"; (gdb) break SSL_library_init Breakpoint 1 at 0x404380 (gdb) run Starting program: ~/src/wget-1.13.4/src/wget --secure-protocol=sslv2 --no-check-certificate "https://web-ast.dsi.cnrs.fr/l3c/owa/annuaire.recherche/index.html"; [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". --2013-04-17 22:24:27-- https://web-ast.dsi.cnrs.fr/l3c/owa/annuaire.recherche/index.html ... Program received signal SIGABRT, Aborted. 0x00007ffff6ff0425 in __GI_raise (sig=<optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 64 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory. (gdb) bt #0 0x00007ffff6ff0425 in __GI_raise (sig=<optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 #1 0x00007ffff6ff3b8b in __GI_abort () at abort.c:91 #2 0x000000000043c7c4 in ssl_init () at openssl.c:201 #3 0x000000000041da50 in gethttp (u=0x6750a0, hs=0x7fffffffdb10, dt=0x7fffffffe040, proxy=0x0, iri=0x675180, count=1) at http.c:1571 #4 0x0000000000421060 in http_loop (u=0x6750a0, original_url=0x6750a0, newloc=0x7fffffffde20, local_file=0x7fffffffde28, referer=0x0, dt=0x7fffffffe040, proxy=0x0, iri=0x675180) at http.c:2769 #5 0x000000000042e76b in retrieve_url (orig_parsed=0x6750a0, origurl=0x675130 "https://web-ast.dsi.cnrs.fr/l3c/owa/annuaire.recherche/index.html";, file=0x7fffffffdfb0, newloc=0x7fffffffdfb8, refurl=0x0, dt=0x7fffffffe040, recursive=false, iri=0x675180, register_status=true) at retr.c:736 #6 0x0000000000428297 in main (argc=4, argv=0x7fffffffe178) at main.c:1394 ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
