crywrap segfault

To: debian-user-de <debian-user-german@lists.debian.org>
Subject: crywrap segfault
From: Joern Bredereck <jb@bw-networx.net>
Date: Sun, 9 Dec 2007 15:58:22 +0100 (CET)
Message-id: <Pine.LNX.4.64.0712091445020.12789@hathi.bw-networx.net>


Hallo,

ich habe eben mal versucht, crywrap (anstelle von sslwrap) auf unseremWebserver zum laufen zu bringen:


fuchur:~# grep -v ^# /etc/default/crywrap

CRYWRAP_CERTFILE=/etc/crywrap/server.pem

CRYWRAP_KEYFILE=/etc/crywrap/server.pem

if getent passwd crywrap 2>&1 >/dev/null; then
        CRYWRAP_USER=$(id -u crywrap)
else
        CRYWRAP_USER=$(id -u nobody)
fi

CRYWRAP_OPTIONS=

crywrap_map_add  217.146.137.164/80 217.146.137.164/443


fuchur:~# ls -la /etc/crywrap/server.pem
-rw------- 1 crywrap crywrap 2306 2007-12-09 15:50 /etc/crywrap/server.pem



fuchur:~# /etc/init.d/crywrap start

Starting TLS wrapper: crywrap/etc/init.d/crywrap: line 52: 10141 Segmentationfault /usr/sbin/crywrap -d 217.146.137.164/80 -l 217.146.137.164/443 -P/var/run/crywrap/crywrap-0.pid -pcert=/etc/crywrap/server.pem,key=/etc/crywrap/server.pem -u 110


fuchur:~# grep -i crywrap /var/log/syslog

Dec 9 14:22:25 fuchur kernel: crywrap[7926]: segfault at 0000000000000000 rip000000000804b36d rsp 00000000ffa657d0 error 4Dec 9 14:23:46 fuchur kernel: crywrap[8028]: segfault at 0000000000000000 rip000000000804b36d rsp 00000000ffa66ff0 error 4Dec 9 14:24:08 fuchur kernel: crywrap[8034]: segfault at 0000000000000000 rip000000000804b36d rsp 00000000ffe51bd0 error 4Dec 9 14:24:47 fuchur kernel: crywrap[8104]: segfault at 0000000000000000 rip000000000804b36d rsp 00000000ffcc4240 error 4Dec 9 14:41:10 fuchur kernel: crywrap[8568]: segfault at 0000000000000000 rip000000000804b36d rsp 00000000ffde3b60 error 4Dec 9 14:48:39 fuchur kernel: crywrap[8875]: segfault at 0000000000000000 rip000000000804b36d rsp 00000000ffe303b0 error 4Dec 9 15:50:47 fuchur kernel: crywrap[9970]: segfault at 0000000000000000 rip000000000804b36d rsp 00000000ffde3350 error 4Dec 9 15:52:04 fuchur kernel: crywrap[10028]: segfault at 0000000000000000rip 000000000804b36d rsp 00000000ffbf3960 error 4Dec 9 15:53:08 fuchur kernel: crywrap[10059]: segfault at 0000000000000000rip 000000000804b36d rsp 00000000ffc699e0 error 4Dec 9 15:53:16 fuchur kernel: crywrap[10079]: segfault at 0000000000000000rip 000000000804b36d rsp 00000000ff8a0e10 error 4Dec 9 15:55:08 fuchur kernel: crywrap[10141]: segfault at 0000000000000000rip 000000000804b36d rsp 00000000ff88be00 error 4


Ein Strace endet wie folgt:

open("/etc/services", O_RDONLY)         = 4
fcntl64(4, F_GETFD)                     = 0
fcntl64(4, F_SETFD, FD_CLOEXEC)         = 0
fstat64(4, {st_mode=S_IFREG|0644, st_size=18274, ...}) = 0

mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =0xf7fda000

read(4, "# Network services, Internet sty"..., 4096) = 4096
read(4, "9/tcp\t\t\t\t# Quick Mail Transfer P"..., 4096) = 4096
read(4, "otus Note\nlotusnote\t1352/udp\tlot"..., 4096) = 4096
read(4, "cache manager service\nafs3-rmtsy"..., 4096) = 4096
read(4, "tcp\t\t\t# ENBD server statd\npcrd\t\t"..., 4096) = 1890
read(4, "", 4096)                       = 0
close(4)                                = 0
munmap(0xf7fda000, 4096)                = 0
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++
Process 10167 detached




Kann damit jemand was anfangen? Wie kann ich das Problem weiter einkreisen.


Das Zertifikat habe ich mit:


fuchur:~# history |grep openssl

541 openssl req -new -x509 -nodes -out /etc/crywrap/server.pem -keyout/etc/crywrap/server.pem -days 3650

  563  history |grep openssl


angelegt.



Zum Einsatz kommt hier:

fuchur:/etc/init.d# cat /etc/debian_version
4.0
fuchur:/etc/init.d# uname -a

Linux fuchur 2.6.18-5-amd64 #1 SMP Wed Oct 3 01:57:43 UTC 2007 x86_64GNU/Linux


fuchur:/etc/init.d# dpkg -l | grep -i ssl

rc apache-ssl 1.3.34-4.1versatile, high-performance HTTP server withii crywrap 0.2.1-4.2Simple TCP service encryption using TLS/SSLii libc-client-ssl2001 2001adebian-6UW c-client library for mail protocolsii libnet-ssleay-perl 1.30-1Perl module for Secure Sockets Layer (SSL)ii libssl-dev 0.9.8c-4etch1SSL development libraries, header files andii libssl0.9.6 0.9.6m-1sarge5SSL shared libraries (old version)ii libssl0.9.7 0.9.7k-3.1etch1SSL shared librariesii libssl0.9.8 0.9.8c-4etch1SSL shared librariesii openssl 0.9.8c-4etch1Secure Socket Layer (SSL) binary and relatedii ssl-cert 1.0.14Simple debconf wrapper for opensslrc sslwrap 2.0.6-17Simple TCP service encryp



Bin für jeden Tipp dankbar!


Gruß,

Jörn

Reply to:

Follow-Ups:
- Re: crywrap segfault
  - From: Wolf Wiegand <wolf@kondancemilch.de>

Prev by Date: Empfehlung Soundkarte Debian etch
Next by Date: Re: crywrap segfault
Previous by thread: Empfehlung Soundkarte Debian etch
Next by thread: Re: crywrap segfault
Index(es):
- Date
- Thread