Skip Menu |
 

This queue is for tickets about the Net-SSLeay CPAN distribution.

Report information
The Basics
Id: 78842
Status: resolved
Priority: 0/
Queue: Net-SSLeay

People
Owner: MIKEM [...] cpan.org
Requestors: brian [...] bldewolf.com
Cc:
AdminCc:

Bug Information
Severity: Normal
Broken in: 1.48
Fixed in: (no value)



Subject: Net::SSLeay::CTX_set_options causes segfault
Download (untitled) / with headers
text/plain 568b
I updated from 1.36nb2 to 1.48 today and suddenly started getting segfaults. It first occurred in my pkgsrc install (openssl-0.9.8x, perl-5.14.2nb5) but I also reproduced the issues in a Gentoo install (openssl-1.0.0i, perl-5.12.4-r1), making me doubt that it was external to Net::SSLeay. The code I used to reproduce is: use Net::SSLeay; my $ctx = Net::SSLeay::CTX_new(); Net::SSLeay::CTX_set_options($ctx, &Net::SSLeay::OP_ALL); Let me know if you need any more info about my environment to reproduce it. I'm currently rolled back to 1.36 to keep things working.
From: brian [...] bldewolf.com
Download (untitled) / with headers
text/plain 317b
On Tue Aug 07 20:55:32 2012, bldewolf wrote: Show quoted text
> The code I used to reproduce is: > use Net::SSLeay; > my $ctx = Net::SSLeay::CTX_new(); > Net::SSLeay::CTX_set_options($ctx, &Net::SSLeay::OP_ALL); >
Sorry, this is an incomplete test case and I'm suspecting the bugginess is somewhere on my side. Sorry for the noise.
From: brian [...] bldewolf.com
Download (untitled) / with headers
text/plain 775b
On Tue Aug 07 21:24:12 2012, bldewolf wrote: Show quoted text
> Sorry, this is an incomplete test case and I'm suspecting the bugginess > is somewhere on my side. Sorry for the noise.
Well, I can't seem to generate a small test case, but I narrowed it down to the 1.42 -> 1.43 version change. When running munin-node 1.4.5 with 1.43, Net::SSLeay::CTX_set_options fails to be set and then the segfault actually occurs in SSL_CTX_use_PrivateKey_file when it's loading the private key. I'm not sure exactly what's causing the breakage because my by-hand tests don't fail (even using Munin's own TLS module, which wraps around Net::SSLeay, works fine, so I'm not sure what black magic Munin does to break Net::SSLeay). I'll look at it again tomorrow to hopefully find a better test scenario.
From: brian [...] bldewolf.com
Download (untitled) / with headers
text/plain 173b
Woops, looks like this ended up being Munin using the return value of Net::SSLeay::CTX_set_options as a boolean even though it's not intended as such. No actual bug here...
Thanks for the update


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.