Package: libcurl3-gnutls Version: 7.36.0-2 Severity: normal Tags: upstream Dear Maintainer, Libcurl-gnutls tries to verify things in certificates even when instructed not to do so using
curl_easy_setopt(curl_context, CURLOPT_SSL_VERIFYPEER, 0); curl_easy_setopt(curl_context, CURLOPT_SSL_VERIFYHOST, 0); Example backtrace from Claws-Mail's RSSyl plugin trying to subscribe to feed https://www.claws-mail.org/feed/ You can see in frame #1 that chainp is NULL (and it's been tested before for nullity) but libcurl still tries to import a certificate from it. Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7fffccfdc700 (LWP 29824)] 0x00007ffff2cb16a9 in gnutls_x509_crt_import () from /usr/lib/x86_64-linux-gnu/libgnutls.so.26 (gdb) bt full #0 0x00007ffff2cb16a9 in gnutls_x509_crt_import () from /usr/lib/x86_64-linux-gnu/libgnutls.so.26 No symbol table info available. #1 0x00007fffe0fa8b89 in gtls_connect_step3 (conn=conn@entry=0x7fffc80130e0, sockindex=sockindex@entry=0) at vtls/gtls.c:740 cert_list_size = 32767 chainp = 0x0 verify_status = 1 x509_cert = 0x7fffc83feeb0 x509_issuer = 0x19 issuerp = {data = 0x4000 <Address 0x4000 out of bounds>, size = 4054326803} certbuf = "\t\000\000\000\000\000\000\000\356\337\366\340\377\177\000\000\000\000\000\000\v\000\000\000\030\000\000\000\060\000\000\000P\271\375\314\377\177\000\000\200\270\375\314\377\177", '\000' <repeats 18 times>, "\330M\315\362\377\177\000\000\360\377\377\377", '\000' <repeats 12 times>, "\001\000\000\000\000\000\000\000\000\270\375\314\377\177\000\000\330M\315\362\377\177\000\000\005\000\000\000\377\177\000\000\000\000\000\000\000\000\000\000r\001\315\362\377\177\000\000\005\000\000\000\377\177\000\000\060\270\375\314\377\177\000\000@\v\000\310\377\177\000\000\000\000\000\000\000\000\000\000\205\022\337\367\377\177\000\000Pq\357\362\377\177\000\000\330M\315\362\377\177\000\000\005\000\000\000\000\000\000\000"... size = 140736967730693 algo = <optimized out> bits = 0 certclock = <optimized out> ptr = <optimized out> data = 0x7fffc8000b40 session = 0x7fffc84028d0 rc = <optimized out> incache = <optimized out> ssl_sessionid = 0x7fffc80014b3 result = CURLE_OK #2 0x00007fffe0fa973a in gtls_connect_common (conn=conn@entry=0x7fffc80130e0, sockindex=sockindex@entry=0, nonblocking=nonblocking@entry=true, done=done@entry=0x7fffccfdba95) at vtls/gtls.c:973 rc = <optimized out> connssl = 0x7fffc80132e8 #3 0x00007fffe0fa9acd in Curl_gtls_connect_nonblocking (conn=conn@entry=0x7fffc80130e0, sockindex=sockindex@entry=0, done=done@entry=0x7fffccfdba95) at vtls/gtls.c:988 No locals. #4 0x00007fffe0faa1d0 in Curl_ssl_connect_nonblocking (conn=conn@entry=0x7fffc80130e0, sockindex=sockindex@entry=0, done=0x7fffccfdba95) at vtls/vtls.c:293 res = <optimized out> #5 0x00007fffe0f691de in https_connecting (conn=0x7fffc80130e0, done=<optimized out>) at http.c:1355 result = CURLE_OK #6 0x00007fffe0f8b6ef in multi_runsingle (multi=multi@entry=0x7fffc8009a50, now=..., data=data@entry=0x7fffc8000b40) at multi.c:1200 disconnect_conn = false msg = 0x0 connected = false async = false protocol_connect = false dophase_done = false done = false result = CURLM_OK k = <optimized out> timeout_ms = <optimized out> control = -520732957 ---Type <return> to continue, or q <return> to quit--- #7 0x00007fffe0f8c251 in curl_multi_perform (multi_handle=multi_handle@entry=0x7fffc8009a50, running_handles=running_handles@entry=0x7fffccfdbb54) at multi.c:1759 result = <optimized out> wc = 0x7fffc80096c8 multi = 0x7fffc8009a50 data = 0x7fffc8000b40 returncode = CURLM_OK t = 0x7ffff1b4484d <__GI___clock_gettime+29> now = {tv_sec = 333847, tv_usec = 743708} #8 0x00007fffe0f838b3 in easy_transfer (multi=0x7fffc8009a50) at easy.c:705 still_running = 1 ret = 1 done = false mcode = <optimized out> code = CURLE_OK before = {tv_sec = 333847, tv_usec = 696937} without_fds = <optimized out> #9 easy_perform (events=false, data=0x7fffc8000b40) at easy.c:793 multi = 0x7fffc8009a50 mcode = <optimized out> code = CURLE_OK #10 curl_easy_perform (easy=0x7fffc8000b40) at easy.c:812 No locals. #11 0x00007fffe08e672c in rssyl_fetch_feed_threaded (arg=0xad55d0) at feed.c:191 *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? * What exactly did you do (or not do) that was effective (or ineffective)? * What was the outcome of this action? * What outcome did you expect instead? *** End of the template - remove these template lines *** -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.13-1-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libcurl3-gnutls depends on: ii libc6 2.18-5 ii libcomerr2 1.42.9-3 ii libgnutls28 3.2.13-2 ii libgssapi-krb5-2 1.12.1+dfsg-1 ii libidn11 1.28-2 ii libk5crypto3 1.12.1+dfsg-1 ii libkrb5-3 1.12.1+dfsg-1 ii libldap-2.4-2 2.4.39-1 ii libnettle4 2.7.1-2 ii libssh2-1 1.4.3-2 ii multiarch-support 2.18-5 ii zlib1g 1:1.2.8.dfsg-1 Versions of packages libcurl3-gnutls recommends: ii ca-certificates 20140325 libcurl3-gnutls suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
