[stunnel-users] Bad Magic
MichaĆ Trojnara
Michal.Trojnara at stunnel.org
Tue Feb 21 23:23:02 CET 2017
On 21.02.2017 16:04, Melzer, Jacob wrote:
> 2017.02.21 09:31:25 LOG5[ui]: stunnel 5.40 on powerpc-ibm-aix6.1.0.0
> platform
> 2017.02.21 09:31:25 LOG5[ui]: Compiled/running with OpenSSL 1.0.2j 26
> Sep 2016
[cut]
> INTERNAL ERROR: Bad magic at OpenSSL, line 0
This is the way stunnel detects heap corruption. Something is very
wrong with your deployment. This could either be caused by stunnel or
by OpenSSL. I suspect the latter, as your client works fine. There is
very little architecture-dependent code in stunnel, so a bug in stunnel
would likely cause it to fail miserably also in the client mode.
> mem.CRYPTO_free() at 0xd97dd8d8
> bn_lib.bn_expand2 at AF37_5() at 0xd97e8da4
> bn_mont.BN_mod_mul_montgomery() at 0xd981e150
> ecp_mont.ec_GFp_mont_field_mul() at 0xd9837a18
> ecp_smpl.ec_GFp_simple_point_get_affine_coordinates() at 0xd9839890
> ec_lib.EC_POINT_get_affine_coordinates_GFp() at 0xd9a81dfc
> ecp_oct.ec_GFp_simple_point2oct() at 0xd9acc0d4
> ec_oct.EC_POINT_point2oct() at 0xd9acb754
> ssl3_send_server_key_exchange() at 0xd99e7c28
> ssl3_accept() at 0xd99e9950
> SSL_accept() at 0xd99c0b98
It may be an issue in big number implementation. It is hard to be sure,
because your heap was already corrupted before the CRYPTO_free() call.
> Should I be concerned that it looks like it is executing "free_function"
> from within an if statement "if OPENSSL_VERSION_NUMBER<0x1010000L but my
> openssl version is
>
> 2017.02.21 09:31:35 LOG5[ui]: Compiled/running with OpenSSL 1.0.2j 26
> Sep 2016
Yes, "OPENSSL_VERSION_NUMBER<0x10100000L" means "older than OpenSSL 1.1.0".
> - I had the same problem with earlier versions of openssl.
What about newer versions (1.1.0e, 1.0.2k)?
A debug build of OpenSSL may also be useful to get a more detailed stack
trace.
Also, make sure you're *not* using the IBM's build of OpenSSL, as it
contains some additional bugs courtesy of IBM.
Best regards,
Mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 884 bytes
Desc: OpenPGP digital signature
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20170221/82b0884d/attachment.sig>
More information about the stunnel-users
mailing list