[jira] [Commented] (DISPATCH-1280) http against https enabled listener causes segfault
[ https://issues.apache.org/jira/browse/DISPATCH-1280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16798961#comment-16798961 ] michael goulish commented on DISPATCH-1280: --- LWS developer pushed patch. I got through 100 iterations of my reproducer on master with no crash. (I could not do enough iterations before to get a real baseline, but I did get one crash in first 20 tries.) I think it's a deadbug. > http against https enabled listener causes segfault > --- > > Key: DISPATCH-1280 > URL: https://issues.apache.org/jira/browse/DISPATCH-1280 > Project: Qpid Dispatch > Issue Type: Bug >Reporter: Gordon Sim >Assignee: michael goulish >Priority: Major > > If you have a listener with http enabled, an ssl profile referenced, but > requireSsl set to false, and then try to access it over plain http, you get a > segfault in libwebsockets if using version 3.0.1-2. Downgrading to 2.4.2 of > libwebsockets fixes this. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (DISPATCH-1280) http against https enabled listener causes segfault
[ https://issues.apache.org/jira/browse/DISPATCH-1280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16798302#comment-16798302 ] michael goulish commented on DISPATCH-1280: --- Well, kinda. I saw one crash using LWS latest master, and then I tried 20 more times and all I got was this error message: NOTICE: lws_server_socket_service_ssl: client did not send a valid tls hello (default vhost default) But! The one crash I did see had basically identical backtrace as in version 3.0.1. (See previous comment.) I raised an issue with LWS: https://github.com/warmcat/libwebsockets/issues/1527 > http against https enabled listener causes segfault > --- > > Key: DISPATCH-1280 > URL: https://issues.apache.org/jira/browse/DISPATCH-1280 > Project: Qpid Dispatch > Issue Type: Bug >Reporter: Gordon Sim >Assignee: michael goulish >Priority: Major > > If you have a listener with http enabled, an ssl profile referenced, but > requireSsl set to false, and then try to access it over plain http, you get a > segfault in libwebsockets if using version 3.0.1-2. Downgrading to 2.4.2 of > libwebsockets fixes this. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (DISPATCH-1280) http against https enabled listener causes segfault
[ https://issues.apache.org/jira/browse/DISPATCH-1280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16797619#comment-16797619 ] michael goulish commented on DISPATCH-1280: --- reproduced with simple example. What I did: 1. from the lws code tree for 3.0.1 (7 Sep 2018, fb31602ff9aeb88267fb8132d48df31195782ae5) use the example minimal-examples/http-server/minimal-http-server-tls. 2. Alter the .c file this way: info.options = LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT | {color:#FF}LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT{color} ; 3. build and run it. It listens on [https://localhost:7681|https://localhost:7681/] 4. In browser, do this request: [http://localhost:7681/index.html] big bada boom. #0 0x7f63281fff60 in SSL_get0_alpn_selected () from /lib64/libssl.so.1.1 #1 0x7f632880ea17 in lws_tls_server_conn_alpn () from /usr/local/lib/libwebsockets.so.13 #2 0x7f632880ee98 in lws_server_socket_service_ssl () from /usr/local/lib/libwebsockets.so.13 #3 0x7f632880d1ad in rops_handle_POLLIN_listen () from /usr/local/lib/libwebsockets.so.13 #4 0x7f6328800389 in lws_service_fd_tsi () from /usr/local/lib/libwebsockets.so.13 #5 0x7f6328816ce7 in _lws_plat_service_tsi.part.1 () from /usr/local/lib/libwebsockets.so.13 #6 0x7f6328800455 in lws_service () from /usr/local/lib/libwebsockets.so.13 #7 0x00400965 in main (argc=1, argv=0x7fff71638b68) at minimal-http-server-tls.c:87 Next I will see if this still happens with latest code. > http against https enabled listener causes segfault > --- > > Key: DISPATCH-1280 > URL: https://issues.apache.org/jira/browse/DISPATCH-1280 > Project: Qpid Dispatch > Issue Type: Bug >Reporter: Gordon Sim >Assignee: michael goulish >Priority: Major > > If you have a listener with http enabled, an ssl profile referenced, but > requireSsl set to false, and then try to access it over plain http, you get a > segfault in libwebsockets if using version 3.0.1-2. Downgrading to 2.4.2 of > libwebsockets fixes this. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (DISPATCH-1280) http against https enabled listener causes segfault
[ https://issues.apache.org/jira/browse/DISPATCH-1280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16797575#comment-16797575 ] michael goulish commented on DISPATCH-1280: --- Looked at closed issues back to release date of v2.4.2 (8 March 2018). Nothing looks like the issue we are seeing. Closed issues are here: https://github.com/warmcat/libwebsockets/issues?page=11=is%3Aissue+is%3Aclosed > http against https enabled listener causes segfault > --- > > Key: DISPATCH-1280 > URL: https://issues.apache.org/jira/browse/DISPATCH-1280 > Project: Qpid Dispatch > Issue Type: Bug >Reporter: Gordon Sim >Assignee: michael goulish >Priority: Major > > If you have a listener with http enabled, an ssl profile referenced, but > requireSsl set to false, and then try to access it over plain http, you get a > segfault in libwebsockets if using version 3.0.1-2. Downgrading to 2.4.2 of > libwebsockets fixes this. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (DISPATCH-1280) http against https enabled listener causes segfault
[ https://issues.apache.org/jira/browse/DISPATCH-1280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16797474#comment-16797474 ] Gordon Sim commented on DISPATCH-1280: -- Yes, on 3.0.1-2 it happened every time for me. There is also a test that hits it and again on that version it always fails for me. ctest -V -R http > http against https enabled listener causes segfault > --- > > Key: DISPATCH-1280 > URL: https://issues.apache.org/jira/browse/DISPATCH-1280 > Project: Qpid Dispatch > Issue Type: Bug >Reporter: Gordon Sim >Assignee: michael goulish >Priority: Major > > If you have a listener with http enabled, an ssl profile referenced, but > requireSsl set to false, and then try to access it over plain http, you get a > segfault in libwebsockets if using version 3.0.1-2. Downgrading to 2.4.2 of > libwebsockets fixes this. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (DISPATCH-1280) http against https enabled listener causes segfault
[ https://issues.apache.org/jira/browse/DISPATCH-1280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16797391#comment-16797391 ] michael goulish commented on DISPATCH-1280: --- It sounds like this happens all the time. Is that true? Not a rare occurrence? > http against https enabled listener causes segfault > --- > > Key: DISPATCH-1280 > URL: https://issues.apache.org/jira/browse/DISPATCH-1280 > Project: Qpid Dispatch > Issue Type: Bug >Reporter: Gordon Sim >Assignee: michael goulish >Priority: Major > > If you have a listener with http enabled, an ssl profile referenced, but > requireSsl set to false, and then try to access it over plain http, you get a > segfault in libwebsockets if using version 3.0.1-2. Downgrading to 2.4.2 of > libwebsockets fixes this. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (DISPATCH-1280) http against https enabled listener causes segfault
[ https://issues.apache.org/jira/browse/DISPATCH-1280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16785825#comment-16785825 ] Gordon Sim commented on DISPATCH-1280: -- Backtrace from segfault: {noformat} Thread 3 "qdrouterd" received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7fffe965c700 (LWP 15670)] 0x76465504 in SSL_get0_alpn_selected () from /lib64/libssl.so.1.1 Missing separate debuginfos, use: dnf debuginfo-install cyrus-sasl-lib-2.1.27-0.2rc7.fc28.x86_64 keyutils-libs-1.5.10-6.fc28.x86_64 krb5-libs-1.16.1-25.fc28.x86_64 libcom_err-1.44.2-0.fc28.x86_64 libffi-3.1-16.fc28.x86_64 libselinux-2.8-1.fc28.x86_64 libuv-1.24.1-1.fc28.x86_64 libwebsockets-3.0.1-2.fc28.x86_64 libxcrypt-4.4.3-2.fc28.x86_64 openssl-libs-1.1.0i-1.fc28.x86_64 pcre2-10.32-5.fc28.x86_64 python2-libs-2.7.15-4.fc28.x86_64 zlib-1.2.11-8.fc28.x86_64 (gdb) bt #0 0x76465504 in SSL_get0_alpn_selected () from /lib64/libssl.so.1.1 #1 0x76a7e13c in lws_tls_server_conn_alpn () from /lib64/libwebsockets.so.13 #2 0x76a7e5b5 in lws_server_socket_service_ssl () from /lib64/libwebsockets.so.13 #3 0x76a75864 in rops_handle_POLLIN_h1 () from /lib64/libwebsockets.so.13 #4 0x76a6f59b in lws_service_fd_tsi () from /lib64/libwebsockets.so.13 #5 0x76a803b0 in _lws_plat_service_tsi.part.1 () from /lib64/libwebsockets.so.13 #6 0x76a6f685 in lws_service () from /lib64/libwebsockets.so.13 #7 0x77bae944 in http_thread_run (v=0x941be0) at /home/gordon/projects/dispatch/src/http-libwebsockets.c:481 #8 0x774ec594 in start_thread () from /lib64/libpthread.so.0 #9 0x7679bf4f in clone () from /lib64/libc.so.6 {noformat} > http against https enabled listener causes segfault > --- > > Key: DISPATCH-1280 > URL: https://issues.apache.org/jira/browse/DISPATCH-1280 > Project: Qpid Dispatch > Issue Type: Bug >Reporter: Gordon Sim >Priority: Major > > If you have a listener with http enabled, an ssl profile referenced, but > requireSsl set to false, and then try to access it over plain http, you get a > segfault in libwebsockets if using version 3.0.1-2. Downgrading to 2.4.2 of > libwebsockets fixes this. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org