Could you please try to re-run the client via Valgrind? On Fri, Jun 12, 2020 at 7:03 AM Xinzhe Wang <matrix...@gmail.com> wrote:
> When KTLS is enabled, multiple client's handshake will lead to unexpected > eof while reading and data corrupt(possible memory leak). > > Tested OpenSSL version: master, 3.0.0-alpha1 > Kernel version: 5.4.43-1-MANJARO > Reproduce step(using docker): > > sudo modprobe tls > git clone https://github.com/openssl/openssl.git > sudo docker run -it -v $(pwd)/openssl:/openssl archlinux > > # [In docker] > pacman -Sy make gcc vim > cd openssl > ./config enable-ktls > make build_sw -j4 > pacman -Rdd openssl > make install_sw > > cd / > vim server.cpp > # https://paste.ubuntu.com/p/fyhr6dDR7G/ > vim client.cpp > # https://paste.ubuntu.com/p/P2DjwWhTkf/ > vim server.pem > # https://paste.ubuntu.com/p/QttnVGsVSm/ > vim serverkey.pem > # https://paste.ubuntu.com/p/g6QR84wSfw/ > > g++ -c -o client.o client.cpp > g++ -o client client.o -lssl -lcrypto > g++ -c -o server.o server.cpp > g++ -o server server.o -lssl -lcrypto > export LD_LIBRARY_PATH=/usr/local/lib > ./server & > ./client > > > You will see like this > > FP > Vtest test > test > test > Mljtest test > test > test > test > test > test > test > Error creating SSL connection. err=ffffffff > error:14000126:SSL routines::unexpected eof while reading > > When OpenSSL is compiled without ktls, the client will print test > infinitely, but when enable ktls, some data are corrupted and sometimes > result in unexpected eof while reading. > > Even when you remove SSL_write(ssl, reply, strlen(reply)); in server and > RecvPacket(); in client, it will also result in unexpected eof while > reading so I think there is something wrong with handshake procedure when > ktls is enabled, maybe memory leak or UAF. > -- SY, Dmitry Belyavsky
