[Pkg-openssl-devel] Bug#678353: Backtrace

[Benjamin Eikel]

Hello,

I have build the openssl source package with DEB_BUILD_OPTIONS="nostrip 
noopt nohardening". With gdb, I have set a breakpoint in s3_pkt.c:484. When
the execution stops there, the backtrace is:

#0  0x00007ffff7f9095b in ssl3_get_record () from /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
#1  0x00007ffff7f918a4 in ssl3_read_bytes () from /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
#2  0x00007ffff7f8d77f in ssl3_read_internal () from /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
#3  0x00007ffff7f8d82e in ssl3_read () from /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
#4  0x00007ffff7fb05b8 in SSL_read () from /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
#5  0x0000000000449ce4 in s_client_main ()
#6  0x000000000041959b in do_cmd ()
#7  0x000000000041917c in main ()

I think that the backtrace will not be very helpful. Does it help if I send
the output produced by s_client -debug ...?

Strangely debugging does not fully work. The code is found:
(gdb) list s3_pkt.c:484
479                      * SSL 3.0 only has 'bad_record_mac'.  But unless a decryption
480                      * failure is directly visible from the ciphertext anyway,
481                      * we should not reveal which kind of error occured -- this
482                      * might become visible to an attacker (e.g. via a logfile) */
483                     al=SSL_AD_BAD_RECORD_MAC;
484                     SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);
485                     goto f_err;
486                     }
487
488             /* r->length is now just compressed */

But "print al", for example, does not work. In the backtrace, files and line
numbers are missing. I also tried to give "debug-linux-x86_64" to ./Configure
in debian/rules, but this does not help. Do you know why there is debugging
information missing? What should I do to get more information to find the
source of the bug?

Kind regards
Benjamin