[Pkg-openssl-devel] Bug#702635: openssl communication problems with 1.0.1e with AES-NI
Benjamin Eikel
debian at eikel.org
Mon Mar 11 08:46:15 UTC 2013
Hello,
Am Samstag, 9. März 2013, 15:44:38 schrieb Kurt Roeckx:
>
> They asked if you use any LD_* environment variables.
"printenv | grep LD" is empty.
>
> "lsof -p $pid" of s_client process would also be nice.
See attached file "lsof-sclient.txt".
>
> If you have a custom /etc/ssl/openssl.cnf, it would also be nice
> if you could send that.
I have the default one created by the Debian package.
>
> /proc/cpuinfo would also be nice to have.
See attached file "proc-cpuinfo.txt".
>
> If you know how to use gdb, they ask to print print variables and
> buffers in e_aes_cbc_hmac_sha1.c
>
> If you want to debug it, debugging might not show you source
> code since you might have the source in a different path.
> The .deb files can be generated from the source above using:
> DEB_BUILD_MAINT_OPTIONS="hardening=-all" DEB_BUILD_OPTIONS="noopt nostrip"
> dpkg-buildpackage -B -uc
>
> If you build it yourself, you can also just run the
> ./openssl.static binary instead of installing the .deb
> package.
With your instructions I was able to build a static version with debug
symbols. Now, I get a more helpful backtrace at the point where s_client
errors out (see attached file "backtrace.txt").
I have set a breakpoint at e_aes_cbc_hmac_sha1.c:450. The function is called
multiple times before the error occurs and I do not know for what to look
exactly. I have output the parameters of two calls (see attached file "gdb-
output.txt"). Without knowing for what to look exactly, I think it is very
difficult to generate helpful information. Maybe somebody here or on the
openssl-dev mailing list [1] suggests what might be helpful.
Thank you for your support!
Kind regards
Benjamin
[1] http://www.mail-archive.com/openssl-dev@openssl.org/msg32168.html
-------------- next part --------------
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
openssl.s 29986 benjamin cwd DIR 254,0 4096 19791896 /home/benjamin/src/openssl-1.0.1e
openssl.s 29986 benjamin rtd DIR 8,1 4096 2 /
openssl.s 29986 benjamin txt REG 254,0 7723240 19797391 /home/benjamin/src/openssl-1.0.1e/openssl.static
openssl.s 29986 benjamin mem REG 8,1 84824 5767483 /lib/x86_64-linux-gnu/libresolv-2.17.so
openssl.s 29986 benjamin mem REG 8,1 22928 5767471 /lib/x86_64-linux-gnu/libnss_dns-2.17.so
openssl.s 29986 benjamin mem REG 8,1 52136 5767473 /lib/x86_64-linux-gnu/libnss_files-2.17.so
openssl.s 29986 benjamin mem REG 8,1 1741232 5767456 /lib/x86_64-linux-gnu/libc-2.17.so
openssl.s 29986 benjamin mem REG 8,1 92752 5767258 /lib/x86_64-linux-gnu/libz.so.1.2.7
openssl.s 29986 benjamin mem REG 8,1 14640 5767462 /lib/x86_64-linux-gnu/libdl-2.17.so
openssl.s 29986 benjamin mem REG 8,1 145128 5767443 /lib/x86_64-linux-gnu/ld-2.17.so
openssl.s 29986 benjamin 0u CHR 136,5 0t0 8 /dev/pts/5
openssl.s 29986 benjamin 1u CHR 136,5 0t0 8 /dev/pts/5
openssl.s 29986 benjamin 2u CHR 136,5 0t0 8 /dev/pts/5
openssl.s 29986 benjamin 3u unix 0xffff8807cc15ce00 0t0 73526 socket
openssl.s 29986 benjamin 4u unix 0xffff8807d3cf5b80 0t0 73527 socket
openssl.s 29986 benjamin 5r FIFO 0,8 0t0 73528 pipe
openssl.s 29986 benjamin 6w FIFO 0,8 0t0 73528 pipe
openssl.s 29986 benjamin 7u IPv4 73802 0t0 TCP pc-benjamin.cs.uni-paderborn.de:40354->mail.uni-paderborn.de:ssmtp (ESTABLISHED)
-------------- next part --------------
processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 58
model name : Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
stepping : 9
microcode : 0x17
cpu MHz : 1600.000
cache size : 8192 KB
physical id : 0
siblings : 8
core id : 0
cpu cores : 4
apicid : 0
initial apicid : 0
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms
bogomips : 6800.88
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 1
vendor_id : GenuineIntel
cpu family : 6
model : 58
model name : Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
stepping : 9
microcode : 0x17
cpu MHz : 1600.000
cache size : 8192 KB
physical id : 0
siblings : 8
core id : 1
cpu cores : 4
apicid : 2
initial apicid : 2
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms
bogomips : 6799.76
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 2
vendor_id : GenuineIntel
cpu family : 6
model : 58
model name : Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
stepping : 9
microcode : 0x17
cpu MHz : 1600.000
cache size : 8192 KB
physical id : 0
siblings : 8
core id : 2
cpu cores : 4
apicid : 4
initial apicid : 4
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms
bogomips : 6799.76
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 3
vendor_id : GenuineIntel
cpu family : 6
model : 58
model name : Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
stepping : 9
microcode : 0x17
cpu MHz : 1600.000
cache size : 8192 KB
physical id : 0
siblings : 8
core id : 3
cpu cores : 4
apicid : 6
initial apicid : 6
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms
bogomips : 6799.76
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 4
vendor_id : GenuineIntel
cpu family : 6
model : 58
model name : Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
stepping : 9
microcode : 0x17
cpu MHz : 1600.000
cache size : 8192 KB
physical id : 0
siblings : 8
core id : 0
cpu cores : 4
apicid : 1
initial apicid : 1
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms
bogomips : 6799.76
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 5
vendor_id : GenuineIntel
cpu family : 6
model : 58
model name : Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
stepping : 9
microcode : 0x17
cpu MHz : 1600.000
cache size : 8192 KB
physical id : 0
siblings : 8
core id : 1
cpu cores : 4
apicid : 3
initial apicid : 3
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms
bogomips : 6799.76
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 6
vendor_id : GenuineIntel
cpu family : 6
model : 58
model name : Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
stepping : 9
microcode : 0x17
cpu MHz : 1600.000
cache size : 8192 KB
physical id : 0
siblings : 8
core id : 2
cpu cores : 4
apicid : 5
initial apicid : 5
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms
bogomips : 6799.77
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 7
vendor_id : GenuineIntel
cpu family : 6
model : 58
model name : Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
stepping : 9
microcode : 0x17
cpu MHz : 3401.000
cache size : 8192 KB
physical id : 0
siblings : 8
core id : 3
cpu cores : 4
apicid : 7
initial apicid : 7
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms
bogomips : 6799.76
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
-------------- next part --------------
#0 ssl3_get_record (s=0x6b7bc0) at s3_pkt.c:483
#1 0x000000000046a4ee in ssl3_read_bytes (s=0x6b7bc0, type=23, buf=0x6aeb00 "220 mail.uni-paderborn.de ESMTP Exim 4.72 (spheron) Mon, 11 Mar 2013 09:16:38 +0100\r\n", len=1024, peek=0) at s3_pkt.c:1005
#2 0x000000000046692e in ssl3_read_internal (s=0x6b7bc0, buf=0x6aeb00, len=1024, peek=0) at s3_lib.c:4207
#3 0x00000000004669dd in ssl3_read (s=0x6b7bc0, buf=0x6aeb00, len=1024) at s3_lib.c:4227
#4 0x00000000004879e0 in SSL_read (s=0x6b7bc0, buf=0x6aeb00, num=1024) at ssl_lib.c:970
#5 0x000000000042fe0b in s_client_main (argc=0, argv=0x7fffffffe218) at s_client.c:1764
#6 0x00000000004036bb in do_cmd (prog=0x6a7ca0, argc=3, argv=0x7fffffffe200) at openssl.c:489
#7 0x0000000000403348 in main (Argc=3, Argv=0x7fffffffe200) at openssl.c:381
-------------- next part --------------
(gdb) print *ctx
$6 = {cipher = 0x678a80, engine = 0x0, encrypt = 1, buf_len = 0, oiv = "`de\310?\034\217\356^;\322\302\177\367", <incomplete sequence \302>, iv = "u\303\000\345\217\026\255\262~h\017\274\216\025?",
buf = '\000' <repeats 31 times>, num = 0, app_data = 0x0, key_len = 32, flags = 0, cipher_data = 0x6d3ff0, final_used = 0, block_mask = 15, final = '\000' <repeats 31 times>}
(gdb) print out
$8 = (unsigned char *) 0x6c445b "M4r\242\302\021\177\204.aI\362\241\240\025\347", <incomplete sequence \303>
(gdb) print in
$9 = (const unsigned char *) 0x6c445b "M4r\242\302\021\177\204.aI\362\241\240\025\347", <incomplete sequence \303>
(gdb) print len
$10 = 32
(gdb) print *ctx
$11 = {cipher = 0x678a80, engine = 0x0, encrypt = 1, buf_len = 0, oiv = "`de\310?\034\217\356^;\322\302\177\367", <incomplete sequence \302>,
iv = "\344Z\255\326\026<\241)\363\"\326\345\245>\264", <incomplete sequence \350>, buf = '\000' <repeats 31 times>, num = 0, app_data = 0x0, key_len = 32, flags = 0, cipher_data = 0x6d3ff0, final_used = 0,
block_mask = 15, final = '\000' <repeats 31 times>}
(gdb) print out
$12 = (
unsigned char *) 0x6c4480 "?K?\277\255\276?`\217O\004\327\316\344Z\255\326\026<\241)\363\"\326\345\245>\264\350\006p\202j\200}\301\275>\006XU\277?\314.\356\325@\bu\375\247\306u\016<\250\352\366\032H\006J\275\361L\376\330\305\017\200.\002\377\266:\253\213\212\067?\203\035?!\243bd\357\224u'\272z\216\322c\f\031{\307e\225\231\211\067\373\271\220\220;\233%\323\363\220\211c\353\377\231 +\266\363\261\231u\363\222\036\t\226\032\023\022\236oB\251\206'\364\277\214\t\265\062\350J\311\"\277W|/?\343\307\002\346*\267\354z\177\375K\"\241\232\264?k\002\\T\345)\275*\021\207K\261\334[H)\337\060.\223"...
(gdb) print in
$13 = (
const unsigned char *) 0x6c4480 "?K?\277\255\276?`\217O\004\327\316\344Z\255\326\026<\241)\363\"\326\345\245>\264\350\006p\202j\200}\301\275>\006XU\277?\314.\356\325@\bu\375\247\306u\016<\250\352\366\032H\006J\275\361L\376\330\305\017\200.\002\377\266:\253\213\212\067?\203\035?!\243bd\357\224u'\272z\216\322c\f\031{\307e\225\231\211\067\373\271\220\220;\233%\323\363\220\211c\353\377\231 +\266\363\261\231u\363\222\036\t\226\032\023\022\236oB\251\206'\364\277\214\t\265\062\350J\311\"\277W|/?\343\307\002\346*\267\354z\177\375K\"\241\232\264?k\002\\T\345)\275*\021\207K\261\334[H)\337\060.\223"...
(gdb) print len
$14 = 32
More information about the Pkg-openssl-devel
mailing list