<moved to private mail> On Mon, Feb 23, 2004, Paul L. Allen wrote:
> > OK, here's where it took me: > > The setup is a stack consisting of a buffered BIO, an SSL BIO, and > a socket BIO. In a typical test run, client and server have had a > conversation of a hundred or so messages. The most recent exchange > involved a message from the client of about 4500 bytes. Messages are > newline-delimited ASCII lines exchanged via BIO_puts()/BIO_gets(), > with a BIO_flush() after each BIO_puts(). > > The client sends a 4-byte message using BIO_puts(). > buffer_write() stashes the bytes in the buffer and returns. > The client calls BIO_flush() on the buffered BIO. > In buffer_ctl(), BIO_write() gets called to get the SSL BIO to write the > bytes. > BIO_write() calls the bwrite method on the SSL BIO, which resolves to > ssl_write(). > ssl_write() calls SSL_write(). > SSL_write() calls ssl->method->ssl_write, which resolves to ssl3_write(). > ssl3_write() calls ssl3_write_bytes(). > ssl3_write_bytes() calls do_ssl3_write(). > do_ssl3_write() calls s->method->ssl3_enc->mac(), which hangs until a > SIGALRM gets delivered in about 60 seconds. > > On all prior runs down this pathway, s->method->ssl3_enc->mac() > returns OK, s->method->ssl3_enc->enc() is called, followed by s2n(), > ssl3_write_pending() gets called to ask the socket BIO to write the > data, and we return back up the stack to where BIO_flush() returns to > my code. The above experiment is with the 2/19 snapshot of the OpenSSL > code, liberally sprinkled with fprintf's. It's possible that I've > missed some links in the chain, although I've tried pretty hard not to. > > The hang always involves a short message from the client following > an interchange involving a long message from the client. If I move > the transaction containing the long line around in the sequence of > test transactions, the client sometimes does not hang. But when it > does hang, it is always right after a long transaction. Interestingly, > the "long" transactions consist of a 4500 byte message from the client, > a short (100 bytes) message from the server, another short message from > the client (which always succeeds), and another short message from the > server. When the hang happens, it is on the next message from the > client (the second short client message after a long one). > > I'm stumped! > I'm not immediately sure what the problem is either. It might be stack corruption somewhere or something confusing the malloc library. Have you tried it under a debugging malloc library that can detect and out of bounds accesses? Have you tried this under a different OS to see if you get the same behaviour? I could look into this as part of my commercial consultancy services if you can't get anywhere. Maybe with a discount if it turned out to be an OpenSSL bug :-) Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
