RE: [EXTERNAL] Re: SSL error (78c0100): malloc failure while implementing tls 1.3
I was able to trace the failure to ssl/ssl_sess.c line 279. I’m not sure what needs to done additionally in application code for this. Could someone please explain this error? I’m just trying to add support for tls 1.3 in application which already supports tls 1.2. (gdb) bt #0 0x7fd5737051a0 in ssl_session_dup () from /lib/x86_64-linux-gnu/libssl.so.3 #1 0x7fd57373a931 in tls_construct_new_session_ticket () from /lib/x86_64-linux-gnu/libssl.so.3 #2 0x7fd57372aaff in state_machine.part () from /lib/x86_64-linux-gnu/libssl.so.3 #3 0x7fd573719e8e in ssl3_read_bytes () from /lib/x86_64-linux-gnu/libssl.so.3 #4 0x7fd5736edcc9 in ssl3_read () from /lib/x86_64-linux-gnu/libssl.so.3 #5 0x7fd5736fa6c0 in ssl_read_internal () from /lib/x86_64-linux-gnu/libssl.so.3 #6 0x7fd5736fa7f5 in SSL_read () from /lib/x86_64-linux-gnu/libssl.so.3 Regards, Ravi _ From: Ramaiah, Ravichandran Bagalur Sent: Wednesday, June 29, 2022 12:55 PM To: Matt Caswell ; openssl-users@openssl.org Subject: RE: [EXTERNAL] Re: SSL error (78c0100): malloc failure while implementing tls 1.3 Hi Matt, Below is the error I got when I printed using ERR_error_string(). error:078C0100:common libcrypto routines::malloc failure Any pointers on this? Regards, Ravi -Original Message- From: Matt Caswell mailto:m...@openssl.org>> Sent: Tuesday, June 21, 2022 4:25 PM To: Ramaiah, Ravichandran Bagalur mailto:rrama...@rbbn.com>>; openssl-users@openssl.org<mailto:openssl-users@openssl.org> Subject: [EXTERNAL] Re: SSL error (78c0100): malloc failure while implementing tls 1.3 On 16/06/2022 05:52, Ramaiah, Ravichandran Bagalur wrote: > > *SSL error (78c0100): malloc failure Do you get anything in the OpenSSL error stack for this (e.g. try "ERR_print_errors_fp(stdout);"). We need a bit more to go on to figure out where specifically the malloc failure is occurring. Matt Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
RE: [EXTERNAL] Re: SSL error (78c0100): malloc failure while implementing tls 1.3
Hi Matt, Below is the error I got when I printed using ERR_error_string(). error:078C0100:common libcrypto routines::malloc failure Any pointers on this? Regards, Ravi -Original Message- From: Matt Caswell Sent: Tuesday, June 21, 2022 4:25 PM To: Ramaiah, Ravichandran Bagalur ; openssl-users@openssl.org Subject: [EXTERNAL] Re: SSL error (78c0100): malloc failure while implementing tls 1.3 On 16/06/2022 05:52, Ramaiah, Ravichandran Bagalur wrote: > > *SSL error (78c0100): malloc failure Do you get anything in the OpenSSL error stack for this (e.g. try "ERR_print_errors_fp(stdout);"). We need a bit more to go on to figure out where specifically the malloc failure is occurring. Matt Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
Re: SSL error (78c0100): malloc failure while implementing tls 1.3
On 16/06/2022 05:52, Ramaiah, Ravichandran Bagalur wrote: *SSL error (78c0100): malloc failure Do you get anything in the OpenSSL error stack for this (e.g. try "ERR_print_errors_fp(stdout);"). We need a bit more to go on to figure out where specifically the malloc failure is occurring. Matt
RE: SSL error (78c0100): malloc failure while implementing tls 1.3
Hi All, Could anyone tell me if this issue is caused due to application error or an openssl bug? This malloc failure is happening when I try to establish TLS connection between 2 SIP applications. Regards, Ravi From: Ramaiah, Ravichandran Bagalur Sent: Thursday, June 16, 2022 10:23 AM To: openssl-users@openssl.org Subject: SSL error (78c0100): malloc failure while implementing tls 1.3 Hi All, I'm trying to implement tls 1.3 support in my application. But I'm facing malloc failure error. Could you please help me understand why this error is happening? How to solve this issue? *Set TLSv1.3 Cipher list TLS_AES_128_GCM_SHA256 ret 1 *SipCmOpenSSLNew: TLS, mutual auth, tlsSipAuthRequired = FALSE *SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for ssl is NOT set. *SSL handshake started undefined:before SSL initialization 240 *SSL_accept:before SSL initialization *SSL_accept:before SSL initialization *SSL_accept:SSLv3/TLS read client hello *SSL_accept:SSLv3/TLS write server hello *SSL_accept:SSLv3/TLS write change cipher spec *SSL_accept:TLSv1.3 early data *SSL_accept:error in TLSv1.3 early data *SipCmAcceptSocket, socketId 121, us 10.34.164.185, peer protocol 8 *SSL_accept:TLSv1.3 early data *SSL_accept:SSLv3/TLS read client hello *SSL_accept:SSLv3/TLS write server hello *SSL_accept:TLSv1.3 write encrypted extensions *SSL_accept:SSLv3/TLS write certificate request *SSL_accept:SSLv3/TLS write certificate *SSL_accept:TLSv1.3 write server certificate verify *SSL_accept:SSLv3/TLS write finished *SSL_accept:TLSv1.3 early data *SSL_accept:error in TLSv1.3 early data *SSL_accept:TLSv1.3 early data *SSL_accept:SSLv3/TLS read client certificate *SSL_accept:SSLv3/TLS read certificate verify *SSL_accept:SSLv3/TLS read finished *SSL handshake done undefined:SSLv3/TLS write session ticket 240 *New session created on sigport 2 *SSL_accept:SSLv3/TLS write session ticket *SSL_SESSION_free ref *Session deleted on 2 *SSL3 alert write:fatal:internal error *SSL_accept:error in error *SSL error (78c0100): malloc failure *ERROR on SSL_read err=1 flag=0 *Initiating SSL shutdown I generated client and server certificates using below commands. And I used TLS_AES_128_GCM_SHA256 cipher. CA Certificate: openssl_rbbn ecparam -name prime256v1 -genkey -noout -out ca.key openssl_rbbn req -new -x509 -sha256 -key ca.key -out ca.crt openssl_rbbn x509 -in ca.crt -inform PEM -out pk-ca.crt.der -outform DER Server Certificate: openssl_rbbn ecparam -name prime256v1 -genkey -noout -out server.key openssl_rbbn req -new -sha256 -key server.key -out server.csr openssl_rbbn x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 1000 -sha256 Client Certificate: openssl_rbbn ecparam -name prime256v1 -genkey -noout -out client1.key openssl_rbbn req -new -sha256 -key client1.key -out client1.csr openssl_rbbn x509 -req -in client1.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client1.crt -days 1000 -sha256 Regards, Ravi Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.