[jira] [Commented] (DISPATCH-1280) http against https enabled listener causes segfault
[ https://issues.apache.org/jira/browse/DISPATCH-1280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16798961#comment-16798961 ] michael goulish commented on DISPATCH-1280: --- LWS developer pushed patch. I got through 100 iterations of my reproducer on master with no crash. (I could not do enough iterations before to get a real baseline, but I did get one crash in first 20 tries.) I think it's a deadbug. > http against https enabled listener causes segfault > --- > > Key: DISPATCH-1280 > URL: https://issues.apache.org/jira/browse/DISPATCH-1280 > Project: Qpid Dispatch > Issue Type: Bug >Reporter: Gordon Sim >Assignee: michael goulish >Priority: Major > > If you have a listener with http enabled, an ssl profile referenced, but > requireSsl set to false, and then try to access it over plain http, you get a > segfault in libwebsockets if using version 3.0.1-2. Downgrading to 2.4.2 of > libwebsockets fixes this. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (DISPATCH-1280) http against https enabled listener causes segfault
[ https://issues.apache.org/jira/browse/DISPATCH-1280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16798302#comment-16798302 ] michael goulish commented on DISPATCH-1280: --- Well, kinda. I saw one crash using LWS latest master, and then I tried 20 more times and all I got was this error message: NOTICE: lws_server_socket_service_ssl: client did not send a valid tls hello (default vhost default) But! The one crash I did see had basically identical backtrace as in version 3.0.1. (See previous comment.) I raised an issue with LWS: https://github.com/warmcat/libwebsockets/issues/1527 > http against https enabled listener causes segfault > --- > > Key: DISPATCH-1280 > URL: https://issues.apache.org/jira/browse/DISPATCH-1280 > Project: Qpid Dispatch > Issue Type: Bug >Reporter: Gordon Sim >Assignee: michael goulish >Priority: Major > > If you have a listener with http enabled, an ssl profile referenced, but > requireSsl set to false, and then try to access it over plain http, you get a > segfault in libwebsockets if using version 3.0.1-2. Downgrading to 2.4.2 of > libwebsockets fixes this. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (DISPATCH-1280) http against https enabled listener causes segfault
[
https://issues.apache.org/jira/browse/DISPATCH-1280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16797619#comment-16797619
]
michael goulish commented on DISPATCH-1280:
---
reproduced with simple example.
What I did:
1. from the lws code tree for 3.0.1 (7 Sep 2018,
fb31602ff9aeb88267fb8132d48df31195782ae5) use the example
minimal-examples/http-server/minimal-http-server-tls.
2. Alter the .c file this way:
info.options = LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT |
{color:#FF}LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT{color} ;
3. build and run it. It listens on
[https://localhost:7681|https://localhost:7681/]
4. In browser, do this request: [http://localhost:7681/index.html]
big bada boom.
#0 0x7f63281fff60 in SSL_get0_alpn_selected () from /lib64/libssl.so.1.1
#1 0x7f632880ea17 in lws_tls_server_conn_alpn () from
/usr/local/lib/libwebsockets.so.13
#2 0x7f632880ee98 in lws_server_socket_service_ssl () from
/usr/local/lib/libwebsockets.so.13
#3 0x7f632880d1ad in rops_handle_POLLIN_listen () from
/usr/local/lib/libwebsockets.so.13
#4 0x7f6328800389 in lws_service_fd_tsi () from
/usr/local/lib/libwebsockets.so.13
#5 0x7f6328816ce7 in _lws_plat_service_tsi.part.1 () from
/usr/local/lib/libwebsockets.so.13
#6 0x7f6328800455 in lws_service () from /usr/local/lib/libwebsockets.so.13
#7 0x00400965 in main (argc=1, argv=0x7fff71638b68) at
minimal-http-server-tls.c:87
Next I will see if this still happens with latest code.
> http against https enabled listener causes segfault
> ---
>
> Key: DISPATCH-1280
> URL: https://issues.apache.org/jira/browse/DISPATCH-1280
> Project: Qpid Dispatch
> Issue Type: Bug
>Reporter: Gordon Sim
>Assignee: michael goulish
>Priority: Major
>
> If you have a listener with http enabled, an ssl profile referenced, but
> requireSsl set to false, and then try to access it over plain http, you get a
> segfault in libwebsockets if using version 3.0.1-2. Downgrading to 2.4.2 of
> libwebsockets fixes this.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (DISPATCH-1280) http against https enabled listener causes segfault
[ https://issues.apache.org/jira/browse/DISPATCH-1280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16797575#comment-16797575 ] michael goulish commented on DISPATCH-1280: --- Looked at closed issues back to release date of v2.4.2 (8 March 2018). Nothing looks like the issue we are seeing. Closed issues are here: https://github.com/warmcat/libwebsockets/issues?page=11=is%3Aissue+is%3Aclosed > http against https enabled listener causes segfault > --- > > Key: DISPATCH-1280 > URL: https://issues.apache.org/jira/browse/DISPATCH-1280 > Project: Qpid Dispatch > Issue Type: Bug >Reporter: Gordon Sim >Assignee: michael goulish >Priority: Major > > If you have a listener with http enabled, an ssl profile referenced, but > requireSsl set to false, and then try to access it over plain http, you get a > segfault in libwebsockets if using version 3.0.1-2. Downgrading to 2.4.2 of > libwebsockets fixes this. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (DISPATCH-1280) http against https enabled listener causes segfault
[ https://issues.apache.org/jira/browse/DISPATCH-1280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16797474#comment-16797474 ] Gordon Sim commented on DISPATCH-1280: -- Yes, on 3.0.1-2 it happened every time for me. There is also a test that hits it and again on that version it always fails for me. ctest -V -R http > http against https enabled listener causes segfault > --- > > Key: DISPATCH-1280 > URL: https://issues.apache.org/jira/browse/DISPATCH-1280 > Project: Qpid Dispatch > Issue Type: Bug >Reporter: Gordon Sim >Assignee: michael goulish >Priority: Major > > If you have a listener with http enabled, an ssl profile referenced, but > requireSsl set to false, and then try to access it over plain http, you get a > segfault in libwebsockets if using version 3.0.1-2. Downgrading to 2.4.2 of > libwebsockets fixes this. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (DISPATCH-1280) http against https enabled listener causes segfault
[ https://issues.apache.org/jira/browse/DISPATCH-1280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16797391#comment-16797391 ] michael goulish commented on DISPATCH-1280: --- It sounds like this happens all the time. Is that true? Not a rare occurrence? > http against https enabled listener causes segfault > --- > > Key: DISPATCH-1280 > URL: https://issues.apache.org/jira/browse/DISPATCH-1280 > Project: Qpid Dispatch > Issue Type: Bug >Reporter: Gordon Sim >Assignee: michael goulish >Priority: Major > > If you have a listener with http enabled, an ssl profile referenced, but > requireSsl set to false, and then try to access it over plain http, you get a > segfault in libwebsockets if using version 3.0.1-2. Downgrading to 2.4.2 of > libwebsockets fixes this. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org
[jira] [Commented] (DISPATCH-1280) http against https enabled listener causes segfault
[
https://issues.apache.org/jira/browse/DISPATCH-1280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16785825#comment-16785825
]
Gordon Sim commented on DISPATCH-1280:
--
Backtrace from segfault:
{noformat}
Thread 3 "qdrouterd" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffe965c700 (LWP 15670)]
0x76465504 in SSL_get0_alpn_selected () from /lib64/libssl.so.1.1
Missing separate debuginfos, use: dnf debuginfo-install
cyrus-sasl-lib-2.1.27-0.2rc7.fc28.x86_64 keyutils-libs-1.5.10-6.fc28.x86_64
krb5-libs-1.16.1-25.fc28.x86_64 libcom_err-1.44.2-0.fc28.x86_64
libffi-3.1-16.fc28.x86_64 libselinux-2.8-1.fc28.x86_64
libuv-1.24.1-1.fc28.x86_64 libwebsockets-3.0.1-2.fc28.x86_64
libxcrypt-4.4.3-2.fc28.x86_64 openssl-libs-1.1.0i-1.fc28.x86_64
pcre2-10.32-5.fc28.x86_64 python2-libs-2.7.15-4.fc28.x86_64
zlib-1.2.11-8.fc28.x86_64
(gdb) bt
#0 0x76465504 in SSL_get0_alpn_selected () from /lib64/libssl.so.1.1
#1 0x76a7e13c in lws_tls_server_conn_alpn () from
/lib64/libwebsockets.so.13
#2 0x76a7e5b5 in lws_server_socket_service_ssl () from
/lib64/libwebsockets.so.13
#3 0x76a75864 in rops_handle_POLLIN_h1 () from
/lib64/libwebsockets.so.13
#4 0x76a6f59b in lws_service_fd_tsi () from /lib64/libwebsockets.so.13
#5 0x76a803b0 in _lws_plat_service_tsi.part.1 () from
/lib64/libwebsockets.so.13
#6 0x76a6f685 in lws_service () from /lib64/libwebsockets.so.13
#7 0x77bae944 in http_thread_run (v=0x941be0) at
/home/gordon/projects/dispatch/src/http-libwebsockets.c:481
#8 0x774ec594 in start_thread () from /lib64/libpthread.so.0
#9 0x7679bf4f in clone () from /lib64/libc.so.6
{noformat}
> http against https enabled listener causes segfault
> ---
>
> Key: DISPATCH-1280
> URL: https://issues.apache.org/jira/browse/DISPATCH-1280
> Project: Qpid Dispatch
> Issue Type: Bug
>Reporter: Gordon Sim
>Priority: Major
>
> If you have a listener with http enabled, an ssl profile referenced, but
> requireSsl set to false, and then try to access it over plain http, you get a
> segfault in libwebsockets if using version 3.0.1-2. Downgrading to 2.4.2 of
> libwebsockets fixes this.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
