On 2016/10/05 15:08, Stuart Henderson wrote:
> On 2016/10/05 18:05, Alexandr Shadchin wrote:
> > On Wed, Oct 05, 2016 at 12:31:27PM +0100, Stuart Henderson wrote:
> > > There's a segfault when py-requests GETs an https resource (segv occurs
> > > after it calls verify_cb, it happens every time for every site I've
> > > tried).
> > > e.g.
> > >
> > > $ printf "import requests\nr =
> > > requests.get('https://www.openbsd.org/')\n" | python2.7
> > > Segmentation fault (core dumped)
> > >
> > > Any ideas who is to blame or where to poke at next?
> > >
> >
> > I test on two machines, work fine, no segv.
> >
> > Snapshot:
> >
> > kern.version=OpenBSD 6.0-current (GENERIC.MP) #2529: Tue Oct 4 17:53:45
> > MDT 2016
> > dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
> >
> > Python 2.7.12 (default, Sep 26 2016, 15:57:20)
> > [GCC 4.2.1 20070719 ] on openbsd6
>
> Weird. I've tried on another machine which is also OK. I've forcibly
> reinstalled all packages (and am using a current base snapshot) so I'm
> up-to-date everywhere on the machine where it's failing.
Same for py-requests-2.10.0, FWIW.
>
> >
> > > $ python2.7
> > > Python 2.7.12 (default, Oct 3 2016, 09:11:44)
> > > [GCC 4.2.1 20070719 ] on openbsd6
> > > Type "help", "copyright", "credits" or "license" for more information.
> > > >>> import requests
> > > >>> r = requests.get('https://dmtx.uk/')
> > > Segmentation fault (core dumped)
> > >
> > > $ gdb `which python2.7` python2.7.core
> > > GNU gdb 6.3
> > > Copyright 2004 Free Software Foundation, Inc.
> > > GDB is free software, covered by the GNU General Public License, and you
> > > are
> > > welcome to change it and/or distribute copies of it under certain
> > > conditions.
> > > Type "show copying" to see the conditions.
> > > There is absolutely no warranty for GDB. Type "show warranty" for
> > > details.
> > > This GDB was configured as "amd64-unknown-openbsd6.0"...(no debugging
> > > symbols found)
> > >
> > > Core was generated by `python2.7'.
> > > Program terminated with signal 11, Segmentation fault.
> > > Reading symbols from /usr/lib/libpthread.so.23.0...done.
> > > Loaded symbols for /usr/lib/libpthread.so.23.0
> > > Reading symbols from /usr/lib/libpthread.so.22.0...done.
> > > Loaded symbols for /usr/lib/libpthread.so.22.0
> > > Loaded symbols for /usr/local/bin/python2.7
> > > Reading symbols from /usr/local/lib/libpython2.7.so.0.0...done.
> > > Loaded symbols for /usr/local/lib/libpython2.7.so.0.0
> > > Symbols already loaded for /usr/lib/libpthread.so.23.0
> > > Reading symbols from /usr/lib/libutil.so.12.1...done.
> > > Loaded symbols for /usr/lib/libutil.so.12.1
> > > Reading symbols from /usr/lib/libstdc++.so.57.0...done.
> > > Loaded symbols for /usr/lib/libstdc++.so.57.0
> > > Reading symbols from /usr/lib/libm.so.10.0...done.
> > > Loaded symbols for /usr/lib/libm.so.10.0
> > > Reading symbols from /usr/lib/libc.so.89.2...done.
> > > Loaded symbols for /usr/lib/libc.so.89.2
> > > Reading symbols from /usr/libexec/ld.so...done.
> > > Loaded symbols for /usr/libexec/ld.so
> > > Reading symbols from
> > > /usr/local/lib/python2.7/lib-dynload/_locale.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_locale.so
> > > Reading symbols from /usr/local/lib/libintl.so.6.0...done.
> > > Loaded symbols for /usr/local/lib/libintl.so.6.0
> > > Reading symbols from /usr/local/lib/libiconv.so.6.0...done.
> > > Loaded symbols for /usr/local/lib/libiconv.so.6.0
> > > Reading symbols from
> > > /usr/local/lib/python2.7/lib-dynload/readline.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/readline.so
> > > Reading symbols from /usr/lib/libreadline.so.4.0...done.
> > > Loaded symbols for /usr/lib/libreadline.so.4.0
> > > Reading symbols from /usr/lib/libncursesw.so.14.0...done.
> > > Loaded symbols for /usr/lib/libncursesw.so.14.0
> > > Reading symbols from /usr/local/lib/python2.7/lib-dynload/time.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/time.so
> > > Reading symbols from
> > > /usr/local/lib/python2.7/lib-dynload/cStringIO.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/cStringIO.so
> > > Reading symbols from
> > > /usr/local/lib/python2.7/lib-dynload/_collections.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_collections.so
> > > Reading symbols from
> > > /usr/local/lib/python2.7/lib-dynload/operator.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/operator.so
> > > Reading symbols from
> > > /usr/local/lib/python2.7/lib-dynload/itertools.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/itertools.so
> > > Reading symbols from
> > > /usr/local/lib/python2.7/lib-dynload/_heapq.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_heapq.so
> > > Reading symbols from
> > > /usr/local/lib/python2.7/lib-dynload/_socket.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_socket.so
> > > Reading symbols from
> > > /usr/local/lib/python2.7/lib-dynload/_functools.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_functools.so
> > > Reading symbols from /usr/local/lib/python2.7/lib-dynload/_ssl.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_ssl.so
> > > Reading symbols from /usr/lib/libssl.so.39.1...done.
> > > Loaded symbols for /usr/lib/libssl.so.39.1
> > > Reading symbols from /usr/lib/libcrypto.so.38.1...done.
> > > Loaded symbols for /usr/lib/libcrypto.so.38.1
> > > Reading symbols from /usr/local/lib/python2.7/lib-dynload/strop.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/strop.so
> > > Reading symbols from
> > > /usr/local/lib/python2.7/lib-dynload/_struct.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_struct.so
> > > Reading symbols from
> > > /usr/local/lib/python2.7/lib-dynload/binascii.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/binascii.so
> > > Reading symbols from /usr/lib/libz.so.5.0...done.
> > > Loaded symbols for /usr/lib/libz.so.5.0
> > > Reading symbols from
> > > /usr/local/lib/python2.7/lib-dynload/datetime.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/datetime.so
> > > Reading symbols from /usr/local/lib/python2.7/lib-dynload/array.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/array.so
> > > Reading symbols from /usr/local/lib/python2.7/lib-dynload/_io.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_io.so
> > > Reading symbols from /usr/local/lib/python2.7/lib-dynload/math.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/math.so
> > > Reading symbols from
> > > /usr/local/lib/python2.7/lib-dynload/_hashlib.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_hashlib.so
> > > Reading symbols from
> > > /usr/local/lib/python2.7/lib-dynload/_random.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_random.so
> > > Reading symbols from /usr/local/lib/python2.7/lib-dynload/fcntl.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/fcntl.so
> > > Reading symbols from
> > > /usr/local/lib/python2.7/lib-dynload/select.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/select.so
> > > Reading symbols from
> > > /usr/local/lib/python2.7/lib-dynload/_ctypes.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_ctypes.so
> > > Reading symbols from /usr/local/lib/libffi.so.1.2...done.
> > > Loaded symbols for /usr/local/lib/libffi.so.1.2
> > > Reading symbols from /usr/local/lib/libuuid.so.14.0...done.
> > > Loaded symbols for /usr/local/lib/libuuid.so.14.0
> > > Reading symbols from /usr/local/lib/python2.7/lib-dynload/zlib.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/zlib.so
> > > Reading symbols from
> > > /usr/local/lib/python2.7/site-packages/cryptography/hazmat/bindings/_openssl.so...done.
> > > Loaded symbols for
> > > /usr/local/lib/python2.7/site-packages/cryptography/hazmat/bindings/_openssl.so
> > > Reading symbols from
> > > /usr/local/lib/python2.7/site-packages/_cffi_backend.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/site-packages/_cffi_backend.so
> > > Symbols already loaded for /usr/lib/libpthread.so.22.0
> > > Reading symbols from /usr/local/lib/python2.7/lib-dynload/_json.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_json.so
> > > Reading symbols from
> > > /usr/local/lib/python2.7/lib-dynload/_bisect.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_bisect.so
> > > Reading symbols from
> > > /usr/local/lib/python2.7/lib-dynload/cPickle.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/cPickle.so
> > > Reading symbols from
> > > /usr/local/lib/python2.7/lib-dynload/unicodedata.so...done.
> > > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/unicodedata.so
> > > #0 0x000015a8f5d58fc0 in ?? ()
> > > (gdb) bt
> > > #0 0x000015a8f5d58fc0 in ?? ()
> > > #1 0x000015a944d9c19c in internal_verify (ctx=0x7f7fffff2d00) at
> > > /usr/src/lib/libcrypto/x509/x509_vfy.c:1611
> > > #2 0x000015a944d9d859 in X509_verify_cert (ctx=0x7f7fffff2d00) at
> > > /usr/src/lib/libcrypto/x509/x509_vfy.c:374
> > > #3 0x000015a8d527b690 in ssl_verify_cert_chain (s=0x15a95bd59000,
> > > sk=Variable "sk" is not available.
> > > ) at /usr/src/lib/libssl/ssl_cert.c:448
> > > #4 0x000015a8d528edd0 in ssl3_get_server_certificate (s=0x15a95bd59000)
> > > at /usr/src/lib/libssl/s3_clnt.c:1015
> > > #5 0x000015a8d52901c1 in ssl3_connect (s=0x15a95bd59000) at
> > > /usr/src/lib/libssl/s3_clnt.c:297
> > > #6 0x000015a8d527f7de in ssl23_connect (s=0x15a95bd59000) at
> > > /usr/src/lib/libssl/s23_clnt.c:477
> > > #7 0x000015a87fd79e5c in _cffi_f_SSL_do_handshake () from
> > > /usr/local/lib/python2.7/site-packages/cryptography/hazmat/bindings/_openssl.so
> > > #8 0x000015a8a0904868 in PyEval_EvalFrameEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #9 0x000015a8a090462a in PyEval_EvalFrameEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #10 0x000015a8a090667d in PyEval_EvalCodeEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #11 0x000015a8a0904567 in PyEval_EvalFrameEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #12 0x000015a8a090667d in PyEval_EvalCodeEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #13 0x000015a8a0904567 in PyEval_EvalFrameEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #14 0x000015a8a090667d in PyEval_EvalCodeEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #15 0x000015a8a0904567 in PyEval_EvalFrameEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #16 0x000015a8a090667d in PyEval_EvalCodeEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #17 0x000015a8a0904567 in PyEval_EvalFrameEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #18 0x000015a8a090667d in PyEval_EvalCodeEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #19 0x000015a8a0904567 in PyEval_EvalFrameEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #20 0x000015a8a090667d in PyEval_EvalCodeEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #21 0x000015a8a088df37 in function_call () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #22 0x000015a8a0864008 in PyObject_Call () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #23 0x000015a8a0900247 in PyEval_EvalFrameEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #24 0x000015a8a090667d in PyEval_EvalCodeEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #25 0x000015a8a088df37 in function_call () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #26 0x000015a8a0864008 in PyObject_Call () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #27 0x000015a8a0900247 in PyEval_EvalFrameEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #28 0x000015a8a090667d in PyEval_EvalCodeEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #29 0x000015a8a088df37 in function_call () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #30 0x000015a8a0864008 in PyObject_Call () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #31 0x000015a8a0900247 in PyEval_EvalFrameEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #32 0x000015a8a090667d in PyEval_EvalCodeEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #33 0x000015a8a088df37 in function_call () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #34 0x000015a8a0864008 in PyObject_Call () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #35 0x000015a8a0900247 in PyEval_EvalFrameEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #36 0x000015a8a090667d in PyEval_EvalCodeEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #37 0x000015a8a0904567 in PyEval_EvalFrameEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #38 0x000015a8a090667d in PyEval_EvalCodeEx () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #39 0x000015a8a0906772 in PyEval_EvalCode () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #40 0x000015a8a0923902 in run_mod () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #41 0x000015a8a09254eb in PyRun_InteractiveOneFlags () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #42 0x000015a8a09256fe in PyRun_InteractiveLoopFlags () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #43 0x000015a8a092582c in PyRun_AnyFileExFlags () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #44 0x000015a8a093643c in Py_Main () from
> > > /usr/local/lib/libpython2.7.so.0.0
> > > #45 0x000015a675e00462 in _start () from /usr/local/bin/python2.7
> > > #46 0x0000000000000000 in ?? ()
> > > (gdb) frame 1
> > > #1 0x000015a944d9c19c in internal_verify (ctx=0x7f7fffff2d00) at
> > > /usr/src/lib/libcrypto/x509/x509_vfy.c:1611
> > > 1611 ok = (*cb)(1, ctx);
> > > (gdb) list
> > > 1606 goto end;
> > > 1607
> > > 1608 /* The last error (if any) is still in the
> > > error value */
> > > 1609 ctx->current_issuer = xi;
> > > 1610 ctx->current_cert = xs;
> > > 1611 ok = (*cb)(1, ctx);
> > > 1612 if (!ok)
> > > 1613 goto end;
> > > 1614
> > > 1615 n--;
> > > (gdb) p *ctx
> > > $1 = {ctx = 0x15a8e3598700, current_method = 0, cert = 0x15a8ba55ff00,
> > > untrusted = 0x15a8be37cee0, crls = 0x0, param = 0x15a913dac300,
> > > other_ctx = 0x0, verify = 0x15a944d9c090 <internal_verify>,
> > > verify_cb = 0x15a8f5d58fc0,
> > > get_issuer = 0x15a944dd59b0 <X509_STORE_CTX_get1_issuer>,
> > > check_issued = 0x15a944d9b990 <check_issued>,
> > > check_revocation = 0x15a944d9cbe0 <check_revocation>,
> > > get_crl = 0, check_crl = 0x15a944d9d970 <check_crl>,
> > > cert_crl = 0x15a944d9b7c0 <cert_crl>,
> > > check_policy = 0x15a944d9b660 <check_policy>,
> > > lookup_certs = 0x15a944dd5e30 <X509_STORE_get1_certs>,
> > > lookup_crls = 0x15a944dd5c30 <X509_STORE_get1_crls>,
> > > cleanup = 0, valid = 0, last_untrusted = 2, chain = 0x15a90e0f90a0,
> > > tree = 0x0, explicit_policy = 0, error_depth = 2, error = 0,
> > > current_cert = 0x15a94b2ac400, current_issuer = 0x15a94b2ac400,
> > > current_crl = 0x0, current_crl_score = 0, current_reasons = 0,
> > > parent = 0x0, ex_data = {sk = 0x15a90c5969a0}}
> > > (gdb) list
> > > 1606 goto end;
> > > 1607
> > > 1608 /* The last error (if any) is still in the
> > > error value */
> > > 1609 ctx->current_issuer = xi;
> > > 1610 ctx->current_cert = xs;
> > > 1611 ok = (*cb)(1, ctx);
> > > 1612 if (!ok)
> > > 1613 goto end;
> > > 1614
> > > 1615 n--;
> > > (gdb) p *ctx->cert
> > > $2 = {cert_info = 0x15a8930ff000, sig_alg = 0x15a887c641a0,
> > > signature = 0x15a9078c4880, valid = 0, references = 2,
> > > name = 0x15a8b98ffa00 "/CN=dmtx.uk", ex_data = {sk = 0x0},
> > > ex_pathlen = -1, ex_pcpathlen = 0, ex_flags = 263,
> > > ex_kusage = 160, ex_xkusage = 3, ex_nscert = 0,
> > > skid = 0x15a90c596fe0, akid = 0x15a8be37c080,
> > > policy_cache = 0x0, crldp = 0x0,
> > > altname = 0x15a8e0140a20, nc = 0x0,
> > > sha1_hash = "])D\231Dëï·ö\017]óî{Ël!À)X", aux = 0x0}
> > > (gdb) p *ctx->verify
> > > $3 = {int (X509_STORE_CTX *)} 0x15a944d9c090 <internal_verify>
> > > (gdb) p *ctx->verify_cb
> > > $4 = {int (int, X509_STORE_CTX *)} 0x15a8f5d58fc0
> > >
> >
> > --
> > Alexandr Shadchin
> >
>
