Hi all, As soon as I authenticate against Google's XMPP server - talk.google.com - profanity segfaults and dumps core:
$ egdb profanity profanity.core [...] Core was generated by `profanity'. Program terminated with signal SIGSEGV, Segmentation fault. #0 0x00000e6f67fba14f in xmpp_conn_tlscert_fingerprint () from /usr/local/lib/libmesode.so.0.0 (gdb) bt #0 0x00000e6f67fba14f in xmpp_conn_tlscert_fingerprint () from /usr/local/lib/libmesode.so.0.0 #1 0x00000e6cccde9466 in _xmppcert_to_profcert () #2 0x00000e6cccde907e in ?? () #3 0x00000e6f67fc6959 in verify_callback () from /usr/local/lib/libmesode.so.0.0 #4 0x00000e6f58058313 in check_id_error (ctx=0x7f7fffff6fd0, errcode=<error reading variable: Cannot access memory at address 0x3e>) at /usr/src/lib/libcrypto/x509/x509_vfy.c:183 #5 check_id (ctx=0x7f7fffff6fd0) at /usr/src/lib/libcrypto/x509/x509_vfy.c:213 #6 0x00000e6f5801ec31 in x509_verify_cert_hostname (ctx=0xe6f1f627d80, cert=0xe6fb3bc6d00, name=0x0) at /usr/src/lib/libcrypto/x509/x509_verify.c:462 #7 x509_verify (ctx=0xe6f1f627d80, leaf=0xe6fb3bc6d00, name=0x0) at /usr/src/lib/libcrypto/x509/x509_verify.c:870 #8 0x00000e6f58058de1 in X509_verify_cert (ctx=0x7f7fffff6fd0) at /usr/src/lib/libcrypto/x509/x509_vfy.c:682 #9 0x00000e6f355991ed in ssl_verify_cert_chain (s=0xe6f4ca9c300, sk=0xe6ee1db3840) at /usr/src/lib/libssl/ssl_cert.c:447 #10 0x00000e6f355b79a5 in tls13_server_certificate_recv (ctx=0xe6f4ca9c400, cbs=<optimized out>) at /usr/src/lib/libssl/tls13_client.c:613 #11 0x00000e6f355b777c in tls13_server_certificate_request_recv (ctx=0xe6f4ca9c400, cbs=0x7f7fffff7218) at /usr/src/lib/libssl/tls13_client.c:534 #12 0x00000e6f355c6511 in tls13_handshake_recv_action (ctx=0xe6f4ca9c400, action=<optimized out>) at /usr/src/lib/libssl/tls13_handshake.c:500 #13 tls13_handshake_perform (ctx=0xe6f4ca9c400) at /usr/src/lib/libssl/tls13_handshake.c:375 #14 0x00000e6f355c57d7 in tls13_legacy_connect (ssl=0xe6f4ca9c300) at /usr/src/lib/libssl/tls13_legacy.c:442 #15 0x00000e6f67fc6aa5 in tls_start () from /usr/local/lib/libmesode.so.0.0 #16 0x00000e6f67fb9542 in conn_tls_start () from /usr/local/lib/libmesode.so.0.0 #17 0x00000e6f67fb7274 in _handle_proceedtls_default () from /usr/local/lib/libmesode.so.0.0 #18 0x00000e6f67fbbb01 in handler_fire_stanza () from /usr/local/lib/libmesode.so.0.0 #19 0x00000e6f67fb8835 in _handle_stream_stanza () from /usr/local/lib/libmesode.so.0.0 #20 0x00000e6f67fc76f5 in _end_element () from /usr/local/lib/libmesode.so.0.0 #21 0x00000e6f48109821 in doContent (parser=0xe6ee1dbf800, startTagLevel=<optimized out>, enc=<optimized out>, s=<optimized out>, end=0xe6f1a4511ad '\337' <repeats 199 times>, <incomplete sequence \337>.. haveMore=1 '\001') at /usr/src/lib/libexpat/lib/xmlparse.c:2600 #22 0x00000e6f48106f07 in contentProcessor (parser=0xe6ee1dbf800, start=0x7f7fffff60f0 "ERROR: error number 62", end=0x7 <error: Cannot access memory at address 0x7>, endPtr=0x0) at /usr/src/lib/libexpat/ #23 0x00000e6f48102191 in XML_ParseBuffer (parser=0xe6ee1dbf800, len=50, isFinal=0) at /usr/src/lib/libexpat/lib/xmlparse.c:1704 #24 0x00000e6f48101ca3 in XML_Parse (parser=0xe6ee1dbf800, s=0x7f7fffff7620 "<proceed xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\"/>xml:ns:xmpp-tls\"><required/></starttls><mechanisms xmlns=\"urn:ietf:params:xml:ns:xmpp-sasl\"><mechanism>X-OAUTH2</mechanism><mec len=50, isFinal=0) at /usr/src/lib/libexpat/lib/xmlparse.c:1668 #25 0x00000e6f67fbb67e in xmpp_run_once () from /usr/local/lib/libmesode.so.0.0 #26 0x00000e6cccde8ada in connection_check_events () #27 0x00000e6cccde1e3b in prof_run () #28 0x00000e6ccce5d3de in main () This started happening a week or so ago. Around the same time - most likely the same snapshot - lastpass-cli stopped working during authentication step, with an "SSL connect error" message. Bjorn (bket@) found that lastpass-cli behaviour was related to a change in lib/libcrypto/x509/x509_vpm.c (r1.22). This has been subsequently fixed[0] by jsing@ and lastpass-cli works again. This may or may not be related but, given X.509 and TLS appearing all over the place in the backtrace, I thought I'd mention it. FWIW, profanity does *not* segfault when I authenticate to an XMPP server at work. [0] https://marc.info/?l=openbsd-cvs&m=160088523031157&w=2 Please CC me in any replies as I am not subscribed to this mailing list. Cheers, Raf