--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: libocamlnet-ssl-ocaml: segfault on custom ssl bindings
- From: Romain Beauxis <toots@rastageeks.org>
- Date: Mon, 12 Nov 2007 02:56:34 +0100
- Message-id: <20071112015634.30605.28367.reportbug@records.rastageeks.org>
Package: libocamlnet-ssl-ocaml
Version: 2.2.8.1-1
Severity: grave
Tags: patch
Justification: renders package unusable
Hi !
While playing with the ssl_client.ml example, I ended up correcting two
issues:
* ssl_client.ml must use:
let cl_ctx = Ssl.create_context Ssl.TLSv1 Ssl.Client_context in
to use the correct function from ocaml-ssl
* The example segfaulted..
After some introspection, helped by Sam, we found out that the package
ships its custom ssl extra-bindings.
These are out-of-date and caused the segfault.
Attached is patch that fixes them.
Of course, those bindings may be directly provided by ocaml-ssl, this
would help to get them in sync with latest ocaml-ssl has well as
debugging them along the others...
Romain
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.22-1-amd64 (SMP w/1 CPU core)
Locale: LANG=fr_FR, LC_CTYPE=fr_FR (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages libocamlnet-ssl-ocaml depends on:
ii libc6 2.6.1-6 GNU C Library: Shared libraries
ii libocamlnet-ocaml 2.2.8.1-1 OCaml application-level Internet l
ii libssl-ocaml 0.4.2-3 OCaml bindings for OpenSSL
ii ocaml-base-nox [ocaml-base-no 3.10.0-8 Runtime system for ocaml bytecode
libocamlnet-ssl-ocaml recommends no packages.
-- no debconf information
--- ocamlnet-2.2.8.1.orig/src/equeue-ssl/ssl_exts_stubs.c
+++ ocamlnet-2.2.8.1/src/equeue-ssl/ssl_exts_stubs.c
@@ -6,41 +6,29 @@
#include <caml/memory.h>
#include <caml/misc.h>
#include <caml/mlvalues.h>
-
+#include <caml/signals.h>
#include <openssl/ssl.h>
#include <openssl/pem.h>
#include <openssl/err.h>
#include <openssl/bio.h>
#include <unistd.h>
-
-/* The following definitions are copied from ssl_stubs.c: */
-
-struct ssl_socket__t
-{
- SSL *handler;
- int fd;
-};
-
-typedef struct ssl_socket__t ssl_socket_t;
-
-static ssl_socket_t* ssl_socket_of_block(value block)
-{
- return (ssl_socket_t*)Field(block, 1);
-}
+#define SSL_val(v) (*((SSL**)Data_custom_val(v)))
CAMLprim value ocaml_ssl_single_shutdown(value socket)
{
CAMLparam1(socket);
int ret;
- ssl_socket_t *ssl = ssl_socket_of_block(socket);
- ret = SSL_shutdown(ssl->handler);
+ SSL *ssl = SSL_val(socket);
+ caml_enter_blocking_section();
+ ret = SSL_shutdown(ssl);
if (ret == -1) {
raise_with_arg(*caml_named_value("ssl_exn_shutdown_error"),
- Val_int(SSL_get_error(ssl->handler, ret)));
+ Val_int(SSL_get_error(ssl, ret)));
};
+ caml_leave_blocking_section();
CAMLreturn(Val_unit);
}
@@ -52,8 +40,10 @@
CAMLlocal3(rcvd,sent,ret);
int r;
- ssl_socket_t *ssl = ssl_socket_of_block(socket);
- r = SSL_get_shutdown(ssl->handler);
+ SSL *ssl = SSL_val(socket);
+ caml_enter_blocking_section();
+ r = SSL_get_shutdown(ssl);
+ caml_leave_blocking_section();
rcvd = Val_bool(r & SSL_RECEIVED_SHUTDOWN);
sent = Val_bool(r & SSL_SENT_SHUTDOWN);
ret = alloc_tuple(2);
@@ -71,8 +61,10 @@
BIO *b;
int eof;
- ssl_socket_t *ssl = ssl_socket_of_block(socket);
- b = SSL_get_rbio(ssl->handler);
+ SSL *ssl = SSL_val(socket);
+ caml_enter_blocking_section();
+ b = SSL_get_rbio(ssl);
+ caml_leave_blocking_section();
if (b == NULL)
failwith("Ssl.get_rbio_eof: No rbio found");
eof = BIO_eof(b);
@@ -87,8 +79,10 @@
CAMLparam1(socket);
CAMLlocal1(ret);
long m;
- ssl_socket_t *ssl = ssl_socket_of_block(socket);
- m = SSL_get_mode(ssl->handler);
+ SSL *ssl = SSL_val(socket);
+ caml_enter_blocking_section();
+ m = SSL_get_mode(ssl);
+ caml_leave_blocking_section();
ret = alloc_tuple(3);
Store_field(ret, 0, Val_bool(m & SSL_MODE_ENABLE_PARTIAL_WRITE));
Store_field(ret, 1, Val_bool(m & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER));
@@ -100,12 +94,14 @@
{
CAMLparam2(socket,mode);
long m;
- ssl_socket_t *ssl = ssl_socket_of_block(socket);
+ SSL *ssl = SSL_val(socket);
m = 0;
if (Bool_val(Field(mode, 0))) m |= SSL_MODE_ENABLE_PARTIAL_WRITE;
if (Bool_val(Field(mode, 1))) m |= SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER;
if (Bool_val(Field(mode, 2))) m |= SSL_MODE_AUTO_RETRY;
- SSL_set_mode(ssl->handler, m);
+ caml_enter_blocking_section();
+ SSL_set_mode(ssl, m);
+ caml_leave_blocking_section();
CAMLreturn(Val_unit);
}
--- End Message ---
--- Begin Message ---
Source: ocamlnet
Source-Version: 2.2.9-2
We believe that the bug you reported is fixed in the latest version of
ocamlnet, which is due to be installed in the Debian FTP archive:
libapache2-mod-ocamlnet_2.2.9-2_i386.deb
to pool/main/o/ocamlnet/libapache2-mod-ocamlnet_2.2.9-2_i386.deb
libequeue-gtk2-ocaml-dev_2.2.9-2_all.deb
to pool/main/o/ocamlnet/libequeue-gtk2-ocaml-dev_2.2.9-2_all.deb
libequeue-ocaml-dev_2.2.9-2_all.deb
to pool/main/o/ocamlnet/libequeue-ocaml-dev_2.2.9-2_all.deb
libequeue-ocaml_2.2.9-2_all.deb
to pool/main/o/ocamlnet/libequeue-ocaml_2.2.9-2_all.deb
libnetclient-ocaml-dev_2.2.9-2_all.deb
to pool/main/o/ocamlnet/libnetclient-ocaml-dev_2.2.9-2_all.deb
libnethttpd-ocaml-dev_2.2.9-2_i386.deb
to pool/main/o/ocamlnet/libnethttpd-ocaml-dev_2.2.9-2_i386.deb
libocamlnet-gtk2-ocaml-dev_2.2.9-2_i386.deb
to pool/main/o/ocamlnet/libocamlnet-gtk2-ocaml-dev_2.2.9-2_i386.deb
libocamlnet-ocaml-bin_2.2.9-2_i386.deb
to pool/main/o/ocamlnet/libocamlnet-ocaml-bin_2.2.9-2_i386.deb
libocamlnet-ocaml-dev_2.2.9-2_i386.deb
to pool/main/o/ocamlnet/libocamlnet-ocaml-dev_2.2.9-2_i386.deb
libocamlnet-ocaml-doc_2.2.9-2_all.deb
to pool/main/o/ocamlnet/libocamlnet-ocaml-doc_2.2.9-2_all.deb
libocamlnet-ocaml_2.2.9-2_i386.deb
to pool/main/o/ocamlnet/libocamlnet-ocaml_2.2.9-2_i386.deb
libocamlnet-ssl-ocaml-dev_2.2.9-2_i386.deb
to pool/main/o/ocamlnet/libocamlnet-ssl-ocaml-dev_2.2.9-2_i386.deb
libocamlnet-ssl-ocaml_2.2.9-2_i386.deb
to pool/main/o/ocamlnet/libocamlnet-ssl-ocaml_2.2.9-2_i386.deb
librpc-ocaml-dev_2.2.9-2_all.deb
to pool/main/o/ocamlnet/librpc-ocaml-dev_2.2.9-2_all.deb
ocamlnet_2.2.9-2.diff.gz
to pool/main/o/ocamlnet/ocamlnet_2.2.9-2.diff.gz
ocamlnet_2.2.9-2.dsc
to pool/main/o/ocamlnet/ocamlnet_2.2.9-2.dsc
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 450903@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Stefano Zacchiroli <zack@debian.org> (supplier of updated ocamlnet package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 03 Mar 2008 09:00:15 +0100
Source: ocamlnet
Binary: libocamlnet-ocaml-dev libocamlnet-ocaml libocamlnet-ocaml-bin libocamlnet-gtk2-ocaml-dev libocamlnet-ssl-ocaml-dev libocamlnet-ssl-ocaml libnethttpd-ocaml-dev libapache2-mod-ocamlnet libocamlnet-ocaml-doc libequeue-ocaml-dev libnetclient-ocaml-dev librpc-ocaml-dev libequeue-ocaml libequeue-gtk2-ocaml-dev
Architecture: source all i386
Version: 2.2.9-2
Distribution: unstable
Urgency: medium
Maintainer: Debian OCaml Maintainers <debian-ocaml-maint@lists.debian.org>
Changed-By: Stefano Zacchiroli <zack@debian.org>
Description:
libapache2-mod-ocamlnet - OCaml application-level Internet libraries - netcgi2 Apache2 conn
libequeue-gtk2-ocaml-dev - transitional dummy package for Ocamlnet 2.2
libequeue-ocaml - transitional dummy package for Ocamlnet 2.2
libequeue-ocaml-dev - transitional dummy package for Ocamlnet 2.2
libnetclient-ocaml-dev - transitional dummy package for Ocamlnet 2.2
libnethttpd-ocaml-dev - OCaml application-level Internet libraries - HTTP daemon developm
libocamlnet-gtk2-ocaml-dev - OCaml application-level Internet libraries - GTK2 development lib
libocamlnet-ocaml - OCaml application-level Internet libraries - core runtime librari
libocamlnet-ocaml-bin - OCaml application-level Internet libraries - binaries
libocamlnet-ocaml-dev - OCaml application-level Internet libraries - core development lib
libocamlnet-ocaml-doc - OCaml application-level Internet libraries - documentation and ex
libocamlnet-ssl-ocaml - OCaml application-level Internet libraries - SSL runtime librarie
libocamlnet-ssl-ocaml-dev - OCaml application-level Internet libraries - SSL development libr
librpc-ocaml-dev - transitional dummy package for Ocamlnet 2.2
Closes: 450903 462291
Changes:
ocamlnet (2.2.9-2) unstable; urgency=medium
.
[ Stefano Zacchiroli ]
* fix vcs-svn field to point just above the debian/ dir
* close an old TODO item in debian/TODO
* bump urgency for the OCaml 3.10.1 transition
* debian/rules: fix the kfreebsd fix (avoid failing bogusly when we are not
on a BSD arch)
.
[ Stephane Glondu ]
* Add patch configure_kfreebsd.dpatch to make configure script recognize
GNU/kFreeBSD as FreeBSD and fix compatibility with kFreeBSD port
(rpc-auth-local not available). (Closes: #462291)
* Add patch fix_ssl_bindings.dpatch to fix faulty ssl bindings,
(Closes: #450903).
Files:
71ad26a0ed7b11405dbae2e539cf5ea9 1372 devel optional ocamlnet_2.2.9-2.dsc
654ae858e869f6bf614646af8421e015 15511 devel optional ocamlnet_2.2.9-2.diff.gz
cb5adb8a6ec3234fc012a82f1e2730d2 969556 doc optional libocamlnet-ocaml-doc_2.2.9-2_all.deb
5ffdbd6e8165645b716b3809b6babb21 9040 libdevel optional libequeue-ocaml-dev_2.2.9-2_all.deb
1cee03faccb24c9a21c81b58d13b70b1 9048 libdevel optional libnetclient-ocaml-dev_2.2.9-2_all.deb
935db0e2bf1a3c761114febc3a6b1574 9046 libdevel optional librpc-ocaml-dev_2.2.9-2_all.deb
5ab6387efa23de2649465bd2cb33c124 9030 libs optional libequeue-ocaml_2.2.9-2_all.deb
14935a5577f244c91acc8ae816c77034 9050 libdevel optional libequeue-gtk2-ocaml-dev_2.2.9-2_all.deb
9e7c0e36a36ba1c763add57633901caf 6281912 libdevel optional libocamlnet-ocaml-dev_2.2.9-2_i386.deb
e4be7f243468012d729dcba316f5a5bb 15800 libs optional libocamlnet-ocaml_2.2.9-2_i386.deb
2abd1d4893f81dab83ef3be65b1a990f 1294600 libdevel optional libocamlnet-ocaml-bin_2.2.9-2_i386.deb
28e78386d5ae39fb560bb6292d43f168 35348 libdevel optional libocamlnet-gtk2-ocaml-dev_2.2.9-2_i386.deb
422518004f2cae7be0c2799a568ad7f1 76014 libdevel optional libocamlnet-ssl-ocaml-dev_2.2.9-2_i386.deb
fb920ea4d1ce7e55ee2ee2e720f5f26d 11996 libs optional libocamlnet-ssl-ocaml_2.2.9-2_i386.deb
fc9d3d847a6e636e6a915f386d4c75a2 1179362 libdevel optional libnethttpd-ocaml-dev_2.2.9-2_i386.deb
863ee56e8e4c2fc13b3b4fa06c0a7279 118156 net optional libapache2-mod-ocamlnet_2.2.9-2_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHy7r41cqbBPLEI7wRAgjgAJ9AwdW/EpZPzqolzw1ZUzNA6CSamACfVE0Q
fwk42IAwBFkL45p++Db9rBc=
=E+Nc
-----END PGP SIGNATURE-----
--- End Message ---