
I've gotten v5.17 compiled on AIX 5.3 & 6.1 with the following xlccmp.13.1.0 13.1.0.3 COMMITTED XL C compiler openssl.base 1.0.1.513 COMMITTED Open Secure Socket Layer IV71446m9a Ifix for Openssl CVE Everything seems to have compiled fine. I packaged it up, installed, and set up a quick config. The server side aborts on me. Debug output follows. Need some direction on where to look next. Thanks in advance! 2015.05.06 12:08:03 LOG7[ui]: Clients allowed=31999 2015.05.06 12:08:03 LOG5[ui]: stunnel 5.17 on powerpc-ibm-aix5.3.0.0 platform 2015.05.06 12:08:03 LOG5[ui]: Compiled/running with OpenSSL 1.0.1e 11 Feb 2013 2015.05.06 12:08:03 LOG5[ui]: Threading:PTHREAD Sockets:SELECT,IPv6 TLS:ENGINE,OCSP,PSK,SNI 2015.05.06 12:08:03 LOG7[ui]: errno: (*_Errno()) 2015.05.06 12:08:03 LOG5[ui]: Reading configuration from file /opt/freeware/etc/stunnel/stunnel.conf 2015.05.06 12:08:03 LOG5[ui]: UTF-8 byte order mark not detected 2015.05.06 12:08:03 LOG7[ui]: Compression disabled 2015.05.06 12:08:03 LOG7[ui]: Snagged 64 random bytes from //.rnd 2015.05.06 12:08:03 LOG7[ui]: Wrote 1024 new random bytes to //.rnd 2015.05.06 12:08:03 LOG7[ui]: PRNG seeded successfully 2015.05.06 12:08:03 LOG6[ui]: Initializing service [client] 2015.05.06 12:08:03 LOG6[ui]: Loading certificate from file: /usr/share/ssl/certs/skdkgesaix53-client-cert.pem 2015.05.06 12:08:03 LOG6[ui]: Loading key from file: /usr/share/ssl/certs/skdkgesaix53-client-key.pem 2015.05.06 12:08:03 LOG7[ui]: Private key check succeeded 2015.05.06 12:08:03 LOG7[ui]: Verify directory set to /usr/share/ssl/certs 2015.05.06 12:08:03 LOG7[ui]: Added /usr/share/ssl/certs revocation lookup directory 2015.05.06 12:08:03 LOG6[ui]: Peer certificate location /usr/share/ssl/certs 2015.05.06 12:08:03 LOG7[ui]: SSL options: 0x01000004 (+0x03000000, -0x02000000) 2015.05.06 12:08:03 LOG6[ui]: Initializing service [server] 2015.05.06 12:08:03 LOG6[ui]: Loading certificate from file: /usr/share/ssl/certs/skdkgesaix53-server-cert.pem 2015.05.06 12:08:03 LOG6[ui]: Loading key from file: /usr/share/ssl/certs/skdkgesaix53-server-key.pem 2015.05.06 12:08:03 LOG7[ui]: Private key check succeeded 2015.05.06 12:08:03 LOG7[ui]: Verify directory set to /usr/share/ssl/certs 2015.05.06 12:08:03 LOG7[ui]: Added /usr/share/ssl/certs revocation lookup directory 2015.05.06 12:08:03 LOG6[ui]: Peer certificate location /usr/share/ssl/certs 2015.05.06 12:08:03 LOG7[ui]: DH initialization 2015.05.06 12:08:03 LOG7[ui]: Could not load DH parameters from /usr/share/ssl/certs/skdkgesaix53-server-cert.pem 2015.05.06 12:08:03 LOG7[ui]: Using hardcoded DH parameters 2015.05.06 12:08:03 LOG7[ui]: DH initialized with 2048-bit key 2015.05.06 12:08:03 LOG7[ui]: ECDH initialization 2015.05.06 12:08:03 LOG7[ui]: ECDH initialized with curve prime256v1 2015.05.06 12:08:03 LOG7[ui]: SSL options: 0x01004004 (+0x03004000, -0x02000000) 2015.05.06 12:08:03 LOG5[ui]: Configuration successful 2015.05.06 12:08:03 LOG7[ui]: Listening file descriptor created (FD=7) 2015.05.06 12:08:03 LOG7[ui]: Service [client] (FD=7) bound to 127.0.0.1:22 2015.05.06 12:08:03 LOG7[ui]: Listening file descriptor created (FD=8) 2015.05.06 12:08:03 LOG7[ui]: Service [server] (FD=8) bound to 172.26.85.13:2222 2015.05.06 12:08:04 LOG7[main]: Created pid file /var/pid/stunnel.pid 2015.05.06 12:08:29 LOG7[main]: Service [server] accepted (FD=3) from 172.26.85.14:52649 2015.05.06 12:08:29 LOG7[0]: Service [server] started 2015.05.06 12:08:29 LOG5[0]: Service [server] accepted connection from 172.26.85.14:52649 2015.05.06 12:08:29 LOG7[0]: SSL state (accept): before/accept initialization 2015.05.06 12:08:29 LOG7[0]: SNI: no virtual services defined 2015.05.06 12:08:29 LOG7[0]: SSL state (accept): SSLv3 read client hello A 2015.05.06 12:08:29 LOG7[0]: SSL state (accept): SSLv3 write server hello A 2015.05.06 12:08:29 LOG7[0]: SSL state (accept): SSLv3 write certificate A INTERNAL ERROR: Bad magic at tls.c, line 182 --Doug

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06.05.2015 18:14, Eckert, Doug wrote:
I've gotten v5.17 compiled on AIX 5.3 & 6.1 with the following
xlccmp.13.1.0 13.1.0.3 COMMITTED XL C compiler openssl.base 1.0.1.513 COMMITTED Open Secure Socket Layer IV71446m9a Ifix for Openssl CVE
Everything seems to have compiled fine. I packaged it up, installed, and set up a quick config. The server side aborts on me. Debug output follows. Need some direction on where to look next. Thanks in advance! [cut] 2015.05.06 12:08:03 LOG5[ui]: stunnel 5.17 on powerpc-ibm-aix5.3.0.0 platform 2015.05.06 12:08:03 LOG5[ui]: Compiled/running with OpenSSL 1.0.1e 11 Feb 2013 [cut] INTERNAL ERROR: Bad magic at tls.c, line 182
There seems to be a bug in your OpenSSL. OPENSSL_free() function was invoked on a memory block that was *not* allocated with OPENSSL_malloc(), or it was already released (double free). You may try to compile your OpenSSL from source. Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJVSwJYAAoJEC78f/DUFuAUUZ8P/RSlI2Gi/0jKZntJ/7HckgU7 OqoqzWQcd/++zLgKsBa6ZKTRP70C5eAe0z26ecQczASQURzmTVNiqvBrjyVKmWRO VJM0KVLeI5d38bRx5qBkxR3ZLa7/H68YdbczC6YiEaYGBIUUsxV19/8QXwcZGDvO 3odKzy0n21TaMvdM9ACLCZHD02Pq1dQwFwYl8POhtezKbF0Rgh2OHJgVETE6Ha39 ttS+muqGpaXcNQGpJ1EYtWdsSYKbSNEOawmEil9LMWYKsekbWYYf3JbJPSkL+ILO 1H8vv2v5lqoihtp96PdMgx9sLn6xxbgy89UwuxS3WOIB2+/ZT0KCx5FoDh/1KwsZ ie1C+4o62CY1a8Zf07l1Z5Cc9U81GJpDhM04rUmfTldhWZaBbQJtOwRNlh2droHe uBKd7VuFV9R62wVWKtZfB0wIWzh4QMkYh/bnw+B+n9gZBenGm/8ySa2bcp3v0aXs bRebIh42yECfVdFJVLA9L08hB07OoDxog2PljNuJDPN3RCp9Rozjb4CY0Vjl+GZ/ mzbOFOsN6bxb2X1WDDH6N87XHW4dcp2xqZmKp6Mw8PhXduE2DRdK9e3zTj6Pmu+K f8yK7022MkqMoiHW26Jv6c60t6WY6GDE+Rzf+A67yQEFbYB4pg2QrKuRvoXnLXdy l1HO01v+ra2zYfQF0y/v =aSTh -----END PGP SIGNATURE-----

Thanks for the reply! I've re-tried without eFix IV71446m9a (interim fixes for CVE & such) applied and got the same result. I was hoping it was something that may have been introduced recently. I've opened a support case against OpenSSL 1.0.1.513, as it's likely to manifest in other ways as well. On Thu, May 7, 2015 at 2:12 AM, Michal Trojnara <Michal.Trojnara@mirt.net> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 06.05.2015 18:14, Eckert, Doug wrote:
I've gotten v5.17 compiled on AIX 5.3 & 6.1 with the following
xlccmp.13.1.0 13.1.0.3 COMMITTED XL C compiler openssl.base 1.0.1.513 COMMITTED Open Secure Socket Layer IV71446m9a Ifix for Openssl CVE
Everything seems to have compiled fine. I packaged it up, installed, and set up a quick config. The server side aborts on me. Debug output follows. Need some direction on where to look next. Thanks in advance! [cut] 2015.05.06 12:08:03 LOG5[ui]: stunnel 5.17 on powerpc-ibm-aix5.3.0.0 platform 2015.05.06 12:08:03 LOG5[ui]: Compiled/running with OpenSSL 1.0.1e 11 Feb 2013 [cut] INTERNAL ERROR: Bad magic at tls.c, line 182
There seems to be a bug in your OpenSSL. OPENSSL_free() function was invoked on a memory block that was *not* allocated with OPENSSL_malloc(), or it was already released (double free).
You may try to compile your OpenSSL from source.
Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBAgAGBQJVSwJYAAoJEC78f/DUFuAUUZ8P/RSlI2Gi/0jKZntJ/7HckgU7 OqoqzWQcd/++zLgKsBa6ZKTRP70C5eAe0z26ecQczASQURzmTVNiqvBrjyVKmWRO VJM0KVLeI5d38bRx5qBkxR3ZLa7/H68YdbczC6YiEaYGBIUUsxV19/8QXwcZGDvO 3odKzy0n21TaMvdM9ACLCZHD02Pq1dQwFwYl8POhtezKbF0Rgh2OHJgVETE6Ha39 ttS+muqGpaXcNQGpJ1EYtWdsSYKbSNEOawmEil9LMWYKsekbWYYf3JbJPSkL+ILO 1H8vv2v5lqoihtp96PdMgx9sLn6xxbgy89UwuxS3WOIB2+/ZT0KCx5FoDh/1KwsZ ie1C+4o62CY1a8Zf07l1Z5Cc9U81GJpDhM04rUmfTldhWZaBbQJtOwRNlh2droHe uBKd7VuFV9R62wVWKtZfB0wIWzh4QMkYh/bnw+B+n9gZBenGm/8ySa2bcp3v0aXs bRebIh42yECfVdFJVLA9L08hB07OoDxog2PljNuJDPN3RCp9Rozjb4CY0Vjl+GZ/ mzbOFOsN6bxb2X1WDDH6N87XHW4dcp2xqZmKp6Mw8PhXduE2DRdK9e3zTj6Pmu+K f8yK7022MkqMoiHW26Jv6c60t6WY6GDE+Rzf+A67yQEFbYB4pg2QrKuRvoXnLXdy l1HO01v+ra2zYfQF0y/v =aSTh -----END PGP SIGNATURE----- _______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users

Stunnel v5.03 is the most recent version we're using, although with earlier OpenSSL versions in place. With that in mind, I compiled stunnel v5.03 with same OpenSSL 1.0.1.513 and iFix IV71446m9a applied as with the v5.17 attempt. I'm able to create sessions with no problem. The internal error/bad magic does not occur. On Thu, May 7, 2015 at 2:12 AM, Michal Trojnara <Michal.Trojnara@mirt.net> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 06.05.2015 18:14, Eckert, Doug wrote:
I've gotten v5.17 compiled on AIX 5.3 & 6.1 with the following
xlccmp.13.1.0 13.1.0.3 COMMITTED XL C compiler openssl.base 1.0.1.513 COMMITTED Open Secure Socket Layer IV71446m9a Ifix for Openssl CVE
Everything seems to have compiled fine. I packaged it up, installed, and set up a quick config. The server side aborts on me. Debug output follows. Need some direction on where to look next. Thanks in advance! [cut] 2015.05.06 12:08:03 LOG5[ui]: stunnel 5.17 on powerpc-ibm-aix5.3.0.0 platform 2015.05.06 12:08:03 LOG5[ui]: Compiled/running with OpenSSL 1.0.1e 11 Feb 2013 [cut] INTERNAL ERROR: Bad magic at tls.c, line 182
There seems to be a bug in your OpenSSL. OPENSSL_free() function was invoked on a memory block that was *not* allocated with OPENSSL_malloc(), or it was already released (double free).
You may try to compile your OpenSSL from source.
Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBAgAGBQJVSwJYAAoJEC78f/DUFuAUUZ8P/RSlI2Gi/0jKZntJ/7HckgU7 OqoqzWQcd/++zLgKsBa6ZKTRP70C5eAe0z26ecQczASQURzmTVNiqvBrjyVKmWRO VJM0KVLeI5d38bRx5qBkxR3ZLa7/H68YdbczC6YiEaYGBIUUsxV19/8QXwcZGDvO 3odKzy0n21TaMvdM9ACLCZHD02Pq1dQwFwYl8POhtezKbF0Rgh2OHJgVETE6Ha39 ttS+muqGpaXcNQGpJ1EYtWdsSYKbSNEOawmEil9LMWYKsekbWYYf3JbJPSkL+ILO 1H8vv2v5lqoihtp96PdMgx9sLn6xxbgy89UwuxS3WOIB2+/ZT0KCx5FoDh/1KwsZ ie1C+4o62CY1a8Zf07l1Z5Cc9U81GJpDhM04rUmfTldhWZaBbQJtOwRNlh2droHe uBKd7VuFV9R62wVWKtZfB0wIWzh4QMkYh/bnw+B+n9gZBenGm/8ySa2bcp3v0aXs bRebIh42yECfVdFJVLA9L08hB07OoDxog2PljNuJDPN3RCp9Rozjb4CY0Vjl+GZ/ mzbOFOsN6bxb2X1WDDH6N87XHW4dcp2xqZmKp6Mw8PhXduE2DRdK9e3zTj6Pmu+K f8yK7022MkqMoiHW26Jv6c60t6WY6GDE+Rzf+A67yQEFbYB4pg2QrKuRvoXnLXdy l1HO01v+ra2zYfQF0y/v =aSTh -----END PGP SIGNATURE----- _______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
-- *Doug Eckert* *Technical Architect* *Global Business Technology* *Dow Jones* | *A News Corporation Company* P.O. Box 300 | Princeton NJ 08543-0300 (W) 609.520.4993 (C) 732.666.3681 *Email: **doug.eckert@dowjones.com* <alias@dowjones.com>

On 12.05.2015 18:29, Eckert, Doug wrote:
With that in mind, I compiled stunnel v5.03 with same OpenSSL 1.0.1.513 and iFix IV71446m9a applied as with the v5.17 attempt. I'm able to create sessions with no problem. The internal error/bad magic does not occur.
Additional security checks to the OpenSSL memory management functions were introduced in stunnel 5.09. The enclosed patch disables them in the latest stunnel 5.17. Mike
participants (2)
-
Eckert, Doug
-
Michal Trojnara