Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Segmentation fault using TLS after uprgrade to nodejs 6.7.0 / CentOS 7 #9015

Closed
Dexus opened this issue Oct 10, 2016 · 7 comments
Closed

Segmentation fault using TLS after uprgrade to nodejs 6.7.0 / CentOS 7 #9015

Dexus opened this issue Oct 10, 2016 · 7 comments
Labels
c++ Issues and PRs that require attention from people who are familiar with C++. tls Issues and PRs related to the tls subsystem.

Comments

@Dexus
Copy link

Dexus commented Oct 10, 2016

  • Version: 6.7.0
  • Platform: CentOS 7
  • Subsystem:

Segmentation fault using TLS after uprgrade to nodejs 6.7.0 / CentOS 7
I am using a certificate from Let's Encrypt.

Reportet at haraka/Haraka#1655

#0 0x00007f39c2e8dce0 in asn1_enc_restore (len=len@entry=0x7fff46fb1d74, out=out@entry=0x0, pval=pval@entry=0x1eec3f0, it=it@entry=0x7f39c3150480 )
at tasn_utl.c:190
190 if (!enc || enc->modified)

(gdb) bt
#0 0x00007f39c2e8dce0 in asn1_enc_restore (len=len@entry=0x7fff46fb1d74, out=out@entry=0x0, pval=pval@entry=0x1eec3f0, it=it@entry=0x7f39c3150480 )
at tasn_utl.c:190
#1 0x00007f39c2e8af3b in ASN1_item_ex_i2d (pval=pval@entry=0x1eec3f0, out=out@entry=0x0, it=0x7f39c3150480 , tag=tag@entry=-1, aclass=aclass@entry=0)
at tasn_enc.c:202
#2 0x00007f39c2e8b3e1 in asn1_template_ex_i2d (pval=0x1eec3f0, out=out@entry=0x0, tt=tt@entry=0x7f39c3156760 , tag=tag@entry=-1, iclass=iclass@entry=0)
at tasn_enc.c:413
#3 0x00007f39c2e8b1bb in ASN1_item_ex_i2d (pval=pval@entry=0x7fff46fb1ed8, out=out@entry=0x0, it=it@entry=0x7f39c3150400 , tag=16, tag@entry=-1,
aclass=aclass@entry=0) at tasn_enc.c:231
#4 0x00007f39c2e8b2bf in asn1_item_flags_i2d (val=val@entry=0x1eec3f0, out=out@entry=0x0, it=it@entry=0x7f39c3150400 , flags=flags@entry=0) at tasn_enc.c:122
#5 0x00007f39c2e8b367 in ASN1_item_i2d (val=val@entry=0x1eec3f0, out=out@entry=0x0, it=it@entry=0x7f39c3150400 ) at tasn_enc.c:91
#6 0x00007f39c2e868cc in i2d_X509 (a=a@entry=0x1eec3f0, out=out@entry=0x0) at x_x509.c:141
#7 0x00007f39c319a7bd in ssl3_add_cert_to_buf (buf=0x1e41510, l=0x7fff46fb1f78, x=0x1eec3f0) at s3_both.c:335
#8 0x00007f39c319ae93 in ssl3_output_cert_chain (s=s@entry=0x1eedd40, x=) at s3_both.c:405
#9 0x00007f39c318e645 in ssl3_send_server_certificate (s=s@entry=0x1eedd40) at s3_srvr.c:3398
#10 0x00007f39c318fabd in ssl3_accept (s=0x1eedd40) at s3_srvr.c:417
#11 0x00007f39c319d368 in ssl23_accept (s=0x1eedd40) at s23_srvr.c:210
#12 0x0000000000e55e95 in node::crypto::Connection::ClearOut (args=...) at ../src/node_crypto.cc:3113
#13 0x0000000000729644 in v8::internal::FunctionCallbackArguments::Call (this=this@entry=0x7fff46fb22c0,
f=f@entry=0xe55c80 node::crypto::Connection::ClearOut(v8::FunctionCallbackInfo<v8::Value const&)>) at ../deps/v8/src/api-arguments.cc:16
#14 0x00000000007831e4 in v8::internal::(anonymous namespace)::HandleApiCallHelper (isolate=isolate@entry=0x1d2f7a0, args=...) at ../deps/v8/src/builtins.cc:4322
#15 0x00000000007839ce in v8::internal::Builtin_Impl_HandleApiCall (args=..., isolate=isolate@entry=0x1d2f7a0) at ../deps/v8/src/builtins.cc:4340
#16 0x0000000000783b7e in v8::internal::Builtin_HandleApiCall (args_length=, args_object=0x7fff46fb24c0, isolate=0x1d2f7a0) at ../deps/v8/src/builtins.cc:4337
#17 0x00001498485092a7 in ?? ()
#18 0x0000000000000000 in ?? ()```
@Dexus Dexus changed the title seg Segmentation fault using TLS after uprgrade to nodejs 6.7.0 / CentOS 7 Oct 10, 2016
@mscdex mscdex added tls Issues and PRs related to the tls subsystem. c++ Issues and PRs that require attention from people who are familiar with C++. labels Oct 11, 2016
@mscdex
Copy link
Contributor

mscdex commented Oct 11, 2016

/cc @nodejs/crypto

@bnoordhuis
Copy link
Member

OpenSSL bug? It almost has to be, going by the stack trace.

Does v6.6.0 work for you? v6.7.0 upgraded openssl to 1.0.2j. It's conceivable you are hitting a regression.

@Nibbler999
Copy link
Contributor

Sounds like you're using the epel package. If so, your issue may be caused by their own patch to build against openssl 1.0.1. You should report it to them unless you can reproduce with the official nodejs.org binaries.

http://pkgs.fedoraproject.org/cgit/rpms/nodejs.git/plain/0002-Use-openssl-1.0.1.patch?h=epel7

@Dexus
Copy link
Author

Dexus commented Oct 11, 2016

/cc @deburau

@cnorthwood
Copy link

I've reported this in EPEL: https://bugzilla.redhat.com/show_bug.cgi?id=1402372

@cnorthwood
Copy link

I can reliably reproduce this issue when loading multiple certificates in at once and passing that through, here's a small reproducible test case:

const request = require('request');
const fs = require('fs');

const CERT = fs.readFileSync('/etc/pki/tls/certs/client.crt') + '\n' + fs.readFileSync('/etc/pki/tls/certs/client.crt');
const KEY = fs.readFileSync('/etc/pki/tls/private/client.key');

request({
    method: 'POST',
    uri: 'https://api.test.bbc.co.uk',
    cert: CERT,
    key: KEY,
}, (err, response, body) => {
    console.log(err);
    console.log(body);
});

@bnoordhuis
Copy link
Member

This is the same issue as #9551, see also https://bugzilla.redhat.com/show_bug.cgi?id=1394948.

I'll go ahead and close out this issue. It doesn't appear to be a bug on our end, it's due to a patch that Redhat is carrying to build against an older openssl version.

@aliscco aliscco mentioned this issue Dec 1, 2023
Open
@leonardoadame leonardoadame mentioned this issue Dec 3, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
c++ Issues and PRs that require attention from people who are familiar with C++. tls Issues and PRs related to the tls subsystem.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@mscdex @bnoordhuis @cnorthwood @Nibbler999 @Dexus