bugzilla-daemon at mindrot.org
2004-May-06 02:15 UTC
[Bug 864] sshd segfaults on connect on SunOS
http://bugzilla.mindrot.org/show_bug.cgi?id=864
Summary: sshd segfaults on connect on SunOS
Product: Portable OpenSSH
Version: 3.8.1p1
Platform: Sparc
OS/Version: SunOS
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: jsr at dexter.mi.org
sshd segfaults on connect
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-May-06 02:18 UTC
[Bug 864] sshd segfaults on connect on SunOS
http://bugzilla.mindrot.org/show_bug.cgi?id=864 ------- Additional Comments From jsr at dexter.mi.org 2004-05-06 12:18 ------- Created an attachment (id=627) --> (http://bugzilla.mindrot.org/attachment.cgi?id=627&action=view) sshd debug log Thie problem started in 3.8p1 ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-May-06 02:22 UTC
[Bug 864] sshd segfaults on connect on SunOS
http://bugzilla.mindrot.org/show_bug.cgi?id=864
jsr at dexter.mi.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #627|application/octet-stream |text/plain
mime type| |
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-May-06 02:24 UTC
[Bug 864] sshd segfaults on connect on SunOS
http://bugzilla.mindrot.org/show_bug.cgi?id=864 ------- Additional Comments From jsr at dexter.mi.org 2004-05-06 12:24 ------- (From update of attachment 627) This started in 3.8p1 ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-May-06 02:31 UTC
[Bug 864] sshd segfaults on connect on SunOS
http://bugzilla.mindrot.org/show_bug.cgi?id=864 ------- Additional Comments From dtucker at zip.com.au 2004-05-06 12:31 ------- Could you please run sshd under a debugger and get a stack trace? If you have gdb, you can do this with: # gdb ./sshd (gdb) set args -ddd (gdb run [connect to server and wait for segfault] (gdb) bt then attach the backtrace to this bug. Which OpenSSL version are you using, and did you use the same version with the previously working OpenSSH version? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-May-08 02:00 UTC
[Bug 864] sshd segfaults on connect on SunOS
http://bugzilla.mindrot.org/show_bug.cgi?id=864 ------- Additional Comments From jsr at dexter.mi.org 2004-05-08 12:00 ------- Created an attachment (id=629) --> (http://bugzilla.mindrot.org/attachment.cgi?id=629&action=view) gdb log OpenSSL 0.9.7d 17 Mar 2004 The previous version of OpenSSH that worked was 3.7.1p2 using the same version of OpenSSL ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-May-08 02:09 UTC
[Bug 864] sshd segfaults on connect on SunOS
http://bugzilla.mindrot.org/show_bug.cgi?id=864 ------- Additional Comments From djm at mindrot.org 2004-05-08 12:08 ------- The fault is definitely in libcrypto. Did you compile OpenSSH on the system or on another box and move the binaries there? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-May-08 02:13 UTC
[Bug 864] sshd segfaults on connect on SunOS
http://bugzilla.mindrot.org/show_bug.cgi?id=864
------- Additional Comments From dtucker at zip.com.au 2004-05-08 12:13 -------
Does OpenSSL's self test ("make tests") pass?
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-May-08 03:58 UTC
[Bug 864] sshd segfaults on connect on SunOS
http://bugzilla.mindrot.org/show_bug.cgi?id=864 ------- Additional Comments From jsr at dexter.mi.org 2004-05-08 13:58 ------- openssl-0.9.7d passes "make test" except for complaining that SunOS "bc" doesn't work. openssh-3.8.1p1 seems to work fine with openssl-0.9.7c openssh-3.7.1p2 works with openssl-0.9.7d ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-May-08 04:11 UTC
[Bug 864] sshd segfaults on connect on SunOS
http://bugzilla.mindrot.org/show_bug.cgi?id=864 ------- Additional Comments From djm at mindrot.org 2004-05-08 14:11 ------- Looking more at the debug trace causes me to seriously suspect a problem in OpenSSL. Notice where we cross from OpenSSH to OpenSSL:> #0 0x8bc60 in getrn () > #1 0x8babc in lh_retrieve () > #2 0x68a9c in def_get_class () > #3 0x68c04 in int_new_ex_data () > #4 0x69314 in CRYPTO_new_ex_data () > #5 0x47bb8 in RSA_new_method () > #6 0x48080 in RSA_new () > #7 0x323cc in key_new (type=1) at key.c:61The line is question is simply:> if ((rsa = RSA_new()) == NULL) > fatal("key_new: RSA_new failed");I.e there are no parameters coming from OpenSSH that could be pointing to bad places. The problem could still be corruption happening elsewhere in OpenSSH, but that is less likely. You could test for this by linking with ElectricFence or similar. Can you create keys using "openssl genrsa 1024"? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.