Hi Jonathan, On Thu, 8 Aug 2002, Jonathan Hersch wrote:
> I'm working on an SSL proxying device using OpenSSL > 0.9.6e on Linux with engine support and Broadcom > accelerator cards. I'm testing the box by putting > about 250 connections/sec through it, so for each test > connection it has to establish both SSL client side > and SSL server side connections. After 10-20 minutes > of this the device crashes. The backtraces I'm > getting (which I'm not positive I trust since the > stack looks a bit whacked) typically look something > like: > > SSL_read > ssl3_read > ssl3_write_bytes > ssl3_read_bytes > ssl3_accept > ssl_update_cache > SSL_CTX_add_session > remove_session_lock > SSL_SESSION_free > X509_free > ssl_sess_cert_free > sk_pop_free > sk_free > > and then a segmentation fault. I've combed through [snip] Could this be SIGPIPE rather than a segfault? Eg. struct sigaction sig; sig.sa_handler = SIG_IGN; sigemptyset(&sig.sa_mask); sig.sa_flags = 0; sigaction(SIGPIPE, &sig, NULL); Particularly if you're using non-blocking sockets, and you're getting occasional premature-disconnects from the peer - which would be a reasonable assumption from the kind of "SSL3_GET_RECORD:decryption failed or bad record mac" errors you were seeing in the log. Other than that, I would need to know more. Threads? Platform? How did you configure? etc. Oh yes, and I won't be reading mail for a week, so don't be offended by a slow response ... :-) Cheers, Geoff -- Geoff Thorpe [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
