Welcome! Log In Create A New Profile

Advanced

Re: SSL3_CTX_CTRL:called a function you should not call

March 17, 2015 06:25AM
Maxim Dounin Wrote:
-------------------------------------------------------
> If you see problems with nginx 1.7.9, consider following hints
> at http://wiki.nginx.org/Debugging.
I think it will not help (at least if not did by anyone who really knows both openssl and nginx internals).
the problem is quickly traceable to

long
ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
{
CERT *cert;

cert = ctx->cert;

switch (cmd) {
case SSL_CTRL_SET_TMP_RSA_CB:
SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
(yes, this occurence, exactly)

inside libressl-2.1.3/ssl/s3_lib.c, and this function seems newer called by nginx code directly and not supposed to be externally-called at all.
The pure openssl have some pointer-magic in this place, dropped by libressl developers (with the data structure itself, so no easy way to bring it back)

I think the only thing developers may do (if not willing to really investigate and fix this issue) - just stop declaring nginx compatibility with libressl. It not only nonworking, but worse - it cleanly execute some garbage instead of code.
(I have full system log of stack-protection mechanics trying to prevent this)

and yes, 1.7.10 still does the same. The problem itself does not appear on any connection, just in some special cases, but easely reproduceable.
Subject Author Posted

SSL3_CTX_CTRL:called a function you should not call

173279834462 February 01, 2015 10:56AM

Re: SSL3_CTX_CTRL:called a function you should not call

173279834462 February 01, 2015 11:32AM

Re: SSL3_CTX_CTRL:called a function you should not call

Maxim Dounin February 03, 2015 10:26AM

Re: SSL3_CTX_CTRL:called a function you should not call

173279834462 February 03, 2015 11:34AM

Re: SSL3_CTX_CTRL:called a function you should not call

Maxim Dounin February 03, 2015 12:22PM

Re: SSL3_CTX_CTRL:called a function you should not call

rbqdg9 March 17, 2015 06:25AM

Re: SSL3_CTX_CTRL:called a function you should not call

rbqdg9 March 17, 2015 06:59AM

Re: SSL3_CTX_CTRL:called a function you should not call

Maxim Dounin March 17, 2015 09:28AM

Re: SSL3_CTX_CTRL:called a function you should not call

rbqdg9 March 17, 2015 10:11AM

Re: SSL3_CTX_CTRL:called a function you should not call

Maxim Dounin March 17, 2015 10:40AM

Re: SSL3_CTX_CTRL:called a function you should not call

rbqdg9 March 17, 2015 11:39AM

Re: SSL3_CTX_CTRL:called a function you should not call

173279834462 March 17, 2015 11:37AM

Re: SSL3_CTX_CTRL:called a function you should not call

rbqdg9 March 17, 2015 11:44AM

Re: SSL3_CTX_CTRL:called a function you should not call

173279834462 March 17, 2015 12:20PM

Re: SSL3_CTX_CTRL:called a function you should not call

173279834462 March 17, 2015 01:14PM

Re: SSL3_CTX_CTRL:called a function you should not call

173279834462 March 17, 2015 12:29PM

Re: SSL3_CTX_CTRL:called a function you should not call

173279834462 March 19, 2015 04:02PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 55
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready