1 (edited by zeta 2018-11-01 08:24:04)

Topic: compiling with debugging -g option

How can I compile wolfssl source with -g debugging option? (linux)
I looked at the Makefile.
It was 5000 lines and there was no FLAG definition.
I don't know where to look at and where to touch.
And when I run command 'gdb client'(client in the example directory) , it says file format not recognized.
But still I can run the program in the command line but not in gdb.

Share

Re: compiling with debugging -g option

Hi zeta,

The Makefile is actually just an auto-generated file that has more information about the wolfSSL configure options than regular compiler options. Compiler options can be added when building however by using the "CFLAGS" variable. Additionally, using the "--enable-debug" option should perform the same function as the "-g" option. I've shown both of these options below:

./autogen.sh
./configure CFLAGS="-g"    #Option A
./configure --enable-debug #Option B

More information about building wolfSSL can be found in chapter 2 of the wolfSSL manual. Please let me know how this suggestion works out for you!

Thank you!

Share

Re: compiling with debugging -g option

How much will it cost to consult a debugging?
I do not want to remove all the bugs, I just want to remove one bug.
Not even solution, but I just want to know the reason of the bug.
It will not be a hard problem for you.

I am working on a tls project and having some difficulties.
I asked a lot here, and had much help from you.
I tried for some time and concluded to consult you if the cost is not too much.

Github page of my project is https://github.com/ParkSeungwon/http2.
You should use the tls branch not the master branch.

you should install these libraries.
mysqlcppconn, jsoncpp, gmp(gnu multiprecision library), gmpxx(gmp for c++), catch2

On a linux machine, you can compile my project just by using make command on a root directory.
Just delete incltouch line in the root Makefile.

When compile is done, run ./https.x.(a tls server program) and run openssl s_client.
Then openssl will send bad record mac(20) alert.(after server finished message)
I want to know why this is happening.
I think you need to see tls.h, tls.cc, https.h and https.cc in tls directory.
Especially encode function of tls/tls.cc.

My program works fine with my own client. tls-cl.x. But not with openssl or wolfssl.
I post two pics to help you understand my problem.
First picture shows my https.x receiving bad record mac from openssl s_client.
But in server side the mac is verified well as you can see.
It decrypted the alert message well and MAC was also verified.
But client side, it says bad record mac..

The second picture shows that error is occured during decryption.
This is wolfssl example client. I added some logging lines to debug my program.
But all I added was just printf syntaxes.
From upper picture I could see that finished message content is well generated.(prf result 12)
I could verify it with prf result of my server.
Also hmac key was fine. But the hmac jumped some other lines I don't know about.
Because Hmac_update is not called. I added logging lines to every functions in hmac.c.

Post's attachments

1.png
1.png 74.32 kb, file has never been downloaded. 

You don't have the permssions to download the attachments of this post.

Share

Re: compiling with debugging -g option

Hi @zeta,

I have let our business management team know of your request for consulting prices. Please watch for a direct email from one of the wolfSSL business managers shortly!

Warm Regards,

- K

Re: compiling with debugging -g option

I sent email like below but there is no answer..
I don't think I can trust email. Can you just post here?
Or google hangout(talk) will be fine.

Sent email :
I am sorry, but I don't have a phone and am traveling right now.
I don't think any hostel will allow lengthy international phone call.
How about using IRC or chat at PM 5:00 UTC-3.
I can use google talk my id is zezeon1@gmail.com
I will be waiting..

Share

6 (edited by zeta 2018-11-27 12:30:44)

Re: compiling with debugging -g option

I found the reason..
It was quite odd.
the server key was changed after calling wc_AesSetKey or wc_AesCbcDecrypt function.
So I just mem copied the server key to store it  before calling those functions, and restored after calling them.
Then it worked fine.
I could use openssl s_client to show my webpage..
Maybe it is a bug or my system is faulty.
Were you able to reproduce the bug I described?

With some more research, I found that those functions are making some overflow on Aes struct.
wc_AesCbcDecrypt(&aes, --> I think this function write 4 more byte of 0s after aes structure.
I added some array to give some space for overflow after the Aes struct.
Aes aes;
char c[32];
like this.
Then encoding and decoding was fine. Both openssl, wolfssl client program worked fine.
Is this my special case or is this bug in wolfssl?
I wonder ..
And why there is no more reply?...
I wonder..

Share

Re: compiling with debugging -g option

Hi zeta,

Apologies as we have had a busy holiday season here in the U.S. I will review your latest first thing tomorrow and get back to you!

- Kaleb