验证证书时,OpenSSL与Sig11崩溃 [英] OpenSSL crashes with Sig11 while validating certificate
问题描述
我已经建立了如下的openssl版本1.0.2h,
I have built openssl version 1.0.2h as below,
./Configure -d shared no-idea no-mdc2 no-rc5 debug-linux-x86_64 --prefix=@rpath --openssldir=.
我已经建立了以下的库
libssl.so.1.0.2
libcrypto.so.1.0.2
我已经链接这个库与我的C + +应用程序与Qt 5.0.0。当我运行我的应用程序,它与细分错误崩溃与以下堆栈跟踪,
I have linked this libraries with my C++ application along with Qt 5.0.0. When I run my application it crashes with segmentation fault with the following stack trace,
Thread #1 22887 (Suspended : Container)
trust_1oidany() at x509_trs.c:270 0x7f66362255a9
X509_check_trust() at x509_trs.c:134 0x7f6636225141
check_trust() at x509_vfy.c:807 0x7f663621c212
X509_verify_cert() at x509_vfy.c:370 0x7f663621b3f5
ssl_verify_cert_chain() at 0x3f2a2469b8
ssl3_get_server_certificate() at 0x3f2a2255f3
ssl3_connect() at 0x3f2a227ca2
q_SSL_connect() at qsslsocket_openssl_symbols.cpp:229 0x7f6639b1064a
QSslSocketBackendPrivate::startHandshake() at qsslsocket_openssl.cpp:1,128 0x7f6639b0af78
QSslSocketBackendPrivate::transmit() at qsslsocket_openssl.cpp:983 0x7f6639b0a4ea
QSslSocketPrivate::_q_readyReadSlot() at qsslsocket.cpp:2,431 0x7f6639afcbc3
QSslSocket::qt_static_metacall() at moc_qsslsocket.cpp:167 0x7f6639afdc79
QMetaObject::activate() at qobject.cpp:3,739 0x7f663907dab6
QMetaObject::activate() at qobject.cpp:3,604 0x7f663907d2b6
QIODevice::readyRead() at moc_qiodevice.cpp:155 0x7f6639115081
QAbstractSocketPrivate::canReadNotification() at qabstractsocket.cpp:730 0x7f6639ad4bc6
QAbstractSocketPrivate::readNotification() at qabstractsocket_p.h:69 0x7f6639adae1a
QAbstractSocketEngine::readNotification() at qabstractsocketengine.cpp:152 0x7f6639ac6701
QReadNotifier::event() at qnativesocketengine.cpp:1,169 0x7f6639ae3a06
QApplicationPrivate::notify_helper() at qapplication.cpp:3,753 0x7f6637647b22
QApplication::notify() at qapplication.cpp:3,197 0x7f66376451dc
QCoreApplication::notifyInternal() at qcoreapplication.cpp:965 0x7f663903eb36
QCoreApplication::sendEvent() at qcoreapplication.h:224 0x7f66390428c7
socketNotifierSourceDispatch() at qeventdispatcher_glib.cpp:101 0x7f66390b5450
g_main_context_dispatch() at 0x3f1aa40642
0x3f1aa44c98
g_main_context_iteration() at 0x3f1aa44e4c
QEventDispatcherGlib::processEvents() at qeventdispatcher_glib.cpp:418 0x7f66390b6199
QEventLoop::processEvents() at qeventloop.cpp:128 0x7f663903b712
QEventLoop::exec() at qeventloop.cpp:204 0x7f663903b9f5
QThread::exec() at qthread.cpp:522 0x7f6638df9000
QThread::run() at qthread.cpp:589 0x7f6638df91a6
QThreadPrivate::start() at qthread_unix.cpp:338 0x7f6638e00683
start_thread() at 0x3f19a07aa1
clone() at 0x3f192e8aad
当我调试这个,下面一行有一些无效的指针解引用
When I did debug this, the below line has some invalid pointer dereference,
if (x->aux && (x->aux->trust || x->aux->reject))
但我无法找出导致的原因。我没有任何指针,以进一步处理这个问题。
But I'm unable to trace out what's causing that. I do not have any pointer to proceed further with this issue. could someone shed light on this.
推荐答案
我找到了这个问题的根本原因。在本地构建的 openssl 库不包括 -rpath ,因此 libssl.so 无法找到 libcrypto.so ,因此出现问题。因此,我更新了配置以包含 -rpath ,如此处。另请参阅此链接我如何设法包括多个 -rpath 选项。尽管我不知道这是否是合法的做法,但解决方案适用于我。
I found the root cause for this issue. The openssl libraries which I built locally does not include -rpath, thus the libssl.so is unable to find libcrypto.so, hence the issue. So I updated Configure to include -rpath as indicated here. Also please refer to this link on how I managed to include multiple -rpath option. Despite I'm not sure whether this is legitimate way of doing it but the solution works for me.
这篇关于验证证书时,OpenSSL与Sig11崩溃的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
