Hi,
I am using Haraka https://github.com/haraka/Haraka. After the upgrade to nodejs 6.7.0 TLS stopped working. Everytime a client started using TLS, haraka crashed with a segmentation fault. I am using a certificate from Let's Encrypt.
I don't know if it is an error in nodejs or in the way haraka is using it. In the former case, the following information from the core dump may be helpful:
Core was generated by `node /usr/bin/haraka -c /root/haraka-test'. Program terminated with signal 11, Segmentation fault. #0 0x00007f39c2e8dce0 in asn1_enc_restore (len=len@entry=0x7fff46fb1d74, out=out@entry=0x0, pval=pval@entry=0x1eec3f0, it=it@entry=0x7f39c3150480 ) at tasn_utl.c:190 190 if (!enc || enc->modified)
(gdb) bt #0 0x00007f39c2e8dce0 in asn1_enc_restore (len=len@entry=0x7fff46fb1d74, out=out@entry=0x0, pval=pval@entry=0x1eec3f0, it=it@entry=0x7f39c3150480 ) at tasn_utl.c:190 #1 0x00007f39c2e8af3b in ASN1_item_ex_i2d (pval=pval@entry=0x1eec3f0, out=out@entry=0x0, it=0x7f39c3150480 , tag=tag@entry=-1, aclass=aclass@entry=0) at tasn_enc.c:202 #2 0x00007f39c2e8b3e1 in asn1_template_ex_i2d (pval=0x1eec3f0, out=out@entry=0x0, tt=tt@entry=0x7f39c3156760 , tag=tag@entry=-1, iclass=iclass@entry=0) at tasn_enc.c:413 #3 0x00007f39c2e8b1bb in ASN1_item_ex_i2d (pval=pval@entry=0x7fff46fb1ed8, out=out@entry=0x0, it=it@entry=0x7f39c3150400 , tag=16, tag@entry=-1, aclass=aclass@entry=0) at tasn_enc.c:231 #4 0x00007f39c2e8b2bf in asn1_item_flags_i2d (val=val@entry=0x1eec3f0, out=out@entry=0x0, it=it@entry=0x7f39c3150400 , flags=flags@entry=0) at tasn_enc.c:122 #5 0x00007f39c2e8b367 in ASN1_item_i2d (val=val@entry=0x1eec3f0, out=out@entry=0x0, it=it@entry=0x7f39c3150400 ) at tasn_enc.c:91 #6 0x00007f39c2e868cc in i2d_X509 (a=a@entry=0x1eec3f0, out=out@entry=0x0) at x_x509.c:141 #7 0x00007f39c319a7bd in ssl3_add_cert_to_buf (buf=0x1e41510, l=0x7fff46fb1f78, x=0x1eec3f0) at s3_both.c:335 #8 0x00007f39c319ae93 in ssl3_output_cert_chain (s=s@entry=0x1eedd40, x=) at s3_both.c:405 #9 0x00007f39c318e645 in ssl3_send_server_certificate (s=s@entry=0x1eedd40) at s3_srvr.c:3398 #10 0x00007f39c318fabd in ssl3_accept (s=0x1eedd40) at s3_srvr.c:417 #11 0x00007f39c319d368 in ssl23_accept (s=0x1eedd40) at s23_srvr.c:210 #12 0x0000000000e55e95 in node::crypto::Connection::ClearOut (args=...) at ../src/node_crypto.cc:3113 #13 0x0000000000729644 in v8::internal::FunctionCallbackArguments::Call (this=this@entry=0x7fff46fb22c0, f=f@entry=0xe55c80 node::crypto::Connection::ClearOut(v8::FunctionCallbackInfo<v8::Value const&)>) at ../deps/v8/src/api-arguments.cc:16 #14 0x00000000007831e4 in v8::internal::(anonymous namespace)::HandleApiCallHelper (isolate=isolate@entry=0x1d2f7a0, args=...) at ../deps/v8/src/builtins.cc:4322 #15 0x00000000007839ce in v8::internal::Builtin_Impl_HandleApiCall (args=..., isolate=isolate@entry=0x1d2f7a0) at ../deps/v8/src/builtins.cc:4340 #16 0x0000000000783b7e in v8::internal::Builtin_HandleApiCall (args_length=, args_object=0x7fff46fb24c0, isolate=0x1d2f7a0) at ../deps/v8/src/builtins.cc:4337 #17 0x00001498485092a7 in ?? () #18 0x0000000000000000 in ?? ()
Regards Werner
I think I'm seeing related behaviour in https://github.com/jupyterhub/configurable-http-proxy whenever it tries to use ssl:
kernel: traps: node[12194] general protection ip:7ff4c82e6ce0 sp:7fffb7d4d2a0 error:0 in libcrypto.so.1.0.1e[7ff4c81de000+1be000]
Follow up:
I installed nodejs 6.8.0 from nodejs.org, same error.
Then I installed openssl 1.1.0b from source and now the error is gone.
That's strange, our builds fail with openssl 1.1.0b and nodejs v6.8.0 bundles openssl 1.0.2j. Did you try opening upstream issue?
----- Original Message ----- From: "Werner Fleck" wf-keyword-github.1a66ee@flexoft.net To: nodejs@lists.fedoraproject.org Sent: Thursday, October 13, 2016 8:32:11 PM Subject: Re: Segmentation fault using TLS after uprgrade to nodejs 6.7.0 / CentOS 7
Follow up:
I installed nodejs 6.8.0 from nodejs.org, same error.
Then I installed openssl 1.1.0b from source and now the error is gone. _______________________________________________ nodejs mailing list -- nodejs@lists.fedoraproject.org To unsubscribe send an email to nodejs-leave@lists.fedoraproject.org
nodejs@lists.fedoraproject.org