[Pkg-openssl-devel] Bug#670581: openssl: ntpd segfaults with error 4 in libcrypto.so.0.9.8 on Debian squeeze

Andris Kalnozols andris at hpl.hp.com
Thu Apr 26 22:28:17 UTC 2012 

Package: openssl
Version: 0.9.8o-4squeeze12
Severity: important
Tags: squeeze

The NTP daemon on our stratum-1 time server `clepsydra.dec.com' keeps
failing with this log message:

Apr 26 12:27:17 clepsydra kernel: [  635.455671] ntpd[2598]: segfault at 20 ip 00007f727f118ec3 sp 00007fff1ecb9a78 error 4 in libcrypto.so.0.9.8[7f727f039000+175000]

When linking with libcrypto.a, crashes still occur:

Apr 26 14:20:19 clepsydra kernel: [ 2191.670043] ntpd[2596]: segfault at 20 ip 0000000000470aa3 sp 00007fff49a93e78 error 4 in ntpd[400000+14f000]

Despite the following:

  clepsydra# ulimit -a
  core file size          (blocks, -c) unlimited

  running the process as root instead of uid=ntp

I am unable to obtain a core file.

This problem is somewhat recent and the workaround seemed to be
a system reboot.  However, after applying the latest openssl
update, the ntp daemon is now esentially broken.

The ntpd process is built from the Debian source using
`apt-get source ntp' with minimal patches to support
the Spectracom TSync GPS reference clock.

For now, I have recompiled the NTP package without OpenSSL
support and it is running fine.

If you need more data or can assist me in getting a core file,
let me know.

Thanks,
Andris


-- System Information:
Debian Release: 6.0.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/12 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages openssl depends on:
ii  libc6                  2.11.3-3          Embedded GNU C Library: Shared lib
ii  libssl0.9.8            0.9.8o-4squeeze12 SSL shared libraries
ii  zlib1g                 1:1.2.3.4.dfsg-3  compression library - runtime

openssl recommends no packages.

Versions of packages openssl suggests:
ii  ca-certificates    20090814+nmu3squeeze1 Common CA certificates

-- no debconf information

More information about the Pkg-openssl-devel mailing list