Re: ssl_callback_SSLVerify re-negotiation handshake crash

On Tue, Apr 04, 2006, Love H=F6rnquist =C5strand wrote:

> We are running 2.8.25-1.3.34 with openssl 0.9.7g. When using
> client authentication we have crashes in ssl_callback_SSLVerify
> relasted calls. Please see backtrace below.
>
> The last entires in the log before the child httpd starts crashing is:
>
> Awaiting re-negotiation handshake
>
> Have anyone seen problems like this before and have a solution ?
> If not, we'll go ahead and add more logging and do more debugging of
> the problem.
>
> Love
>
>
> (gdb) bt
> #0 CRYPTO_get_ex_data (ad=3D0xe8, idx=3D137019688) at ex_data.c:628
> #1 0x4035c035 in SSL_get_ex_data (s=3D0x1, idx=3D296) at ssl_lib.c:222=
0
> #2 0x4031cf08 in ssl_callback_SSLVerify (ok=3D1, ctx=3D0xbfffed20)
> at ssl_engine_kernel.c:1507
> #3 0x404125ec in internal_verify (ctx=3D0x87f55e0) at x509_vfy.c:880
> #4 0x40411e66 in X509_verify_cert (ctx=3D0xbfffed20) at x509_vfy.c:306
> #5 0x00000002 in ?? ()

I've checked the source and I it seems like the SSL* returned by
X509_STORE_CTX_get_app_data() at ssl_engine_kernel.c:1506 is the root of
the problem. But I've no clue why it is not a valid one for you... you
have to add more debugs to the code to determine the problem.

Ralf S. Engelschall
rse@engelschall.com
www.engelschall.com

__________________________________________________ ____________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org