Topic: cyassl-2.4.0 ParseCert() is smashing stack (YASSL_API_TESTING)

Hi there,

As recommended, we're using the experimental API for decoding raw ASN1 certs, but have run into an issue in libcyassl-2.4.0 where the ParseCert function appears to be smashing the stack.

Please find the code snippet and gdb trace below.  Is there a ParseCert() replacement on the roadmap?

Many thanks.
Joe

Code snippet

            #define XDEBUG(...) fprintf(stderr, ##__VA_ARGS__)
            XDEBUG("Bloxx: Going to parse cert\n");
            if (ParseCert(&cert, CERT_TYPE, NO_VERIFY, 0) != 0)
            {
                XDEBUG("Bloxx: Failed to parse cert\n");
                XERROR("Bloxx: [%s] Unable to decode certificate "
                       "(unable to parse ASN1 DER buffer)",
                       __FUNCTION__);
            }
            else
            {
                XDEBUG("Bloxx: Parsed cert\n");
                XDEBUG("Bloxx: Serial Sz = %d\n", cert.serialSz);
            }

            #undef XDEBUG


Trace from gdb

Tue Jul  3 09:39:25 2012: Loaded CA cert

...

Tue Jul  3 09:39:25 2012: Bloxx: init
Tue Jul  3 09:39:25 2012: Bloxx: [db] Connecting...
Tue Jul  3 09:39:25 2012: intofiy read error, will continue
Tue Jul  3 09:39:25 2012: intofiy read error, will continue
Tue Jul  3 09:39:25 2012: intofiy read error, will continue
Tue Jul  3 09:39:25 2012: intofiy read error, will continue
Tue Jul  3 09:39:25 2012: Bloxx: [db] Connected
^C
Program received signal SIGINT, Interrupt.
0x00007ffff6e872d3 in epoll_wait () at ../sysdeps/unix/syscall-template.S:82
82    ../sysdeps/unix/syscall-template.S: No such file or directory.
    in ../sysdeps/unix/syscall-template.S
(gdb) break bloxx_sslbump
Breakpoint 1 at 0x40cc30: file src/bloxx.c, line 89.
(gdb) c
Continuing.
Tue Jul  3 09:39:38 2012: intofiy read error, will continue
Tue Jul  3 09:39:51 2012: Accepted a connection, sent to thread 0
Tue Jul  3 09:39:51 2012: Peer is from 172.21.127.11 port 56971
Tue Jul  3 09:39:51 2012: In ReadCb
Tue Jul  3 09:39:51 2012: Checking DownStream Headers
Tue Jul  3 09:39:51 2012: End of headers at 173
Tue Jul  3 09:39:51 2012: CONNECT 74.125.132.94:443 HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0.1
Proxy-Connection: keep-alive
Host: 74.125.132.94

Tue Jul  3 09:39:51 2012: Trying to caputre proxy auth header if there
Tue Jul  3 09:39:51 2012: Search of evbuffer failed
Tue Jul  3 09:39:51 2012: No proxy auth header, ok
Tue Jul  3 09:39:51 2012: In FirstBumpInRequest
Tue Jul  3 09:39:51 2012: In GetRequestInfo
Tue Jul  3 09:39:51 2012:
    request method  = CONNECT
    request uri     = 74.125.132.94:443
    request version = HTTP/1.1
    request host    = 74.125.132.94
    request port    = 443

Tue Jul  3 09:39:51 2012: In IsCertCached
Tue Jul  3 09:39:51 2012: Starting to get peer's cert
Tue Jul  3 09:39:51 2012: Check Headers continue
Tue Jul  3 09:39:51 2012: In EventCb
Tue Jul  3 09:39:51 2012: Connected to certStream nonblocking OK
Tue Jul  3 09:39:51 2012: Calling SSL_connect cert
Tue Jul  3 09:39:51 2012: Cyassl SendCb sent
Tue Jul  3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 5
Tue Jul  3 09:39:51 2012: Cyassl ReceiveCb doesn't have any data ready yet
Tue Jul  3 09:39:51 2012: SSL_connect cert continue non/blocking
Tue Jul  3 09:39:51 2012: In ReadCb
Tue Jul  3 09:39:51 2012: Calling SSL_connect cert
Tue Jul  3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 5
Tue Jul  3 09:39:51 2012: Cyassl ReceiveCb got data
Tue Jul  3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 74
Tue Jul  3 09:39:51 2012: Cyassl ReceiveCb got data
Tue Jul  3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 5
Tue Jul  3 09:39:51 2012: Cyassl ReceiveCb got data
Tue Jul  3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 7482
Tue Jul  3 09:39:51 2012: Cyassl ReceiveCb got data
Tue Jul  3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 4730
Tue Jul  3 09:39:51 2012: Cyassl ReceiveCb doesn't have any data ready yet
Tue Jul  3 09:39:51 2012: SSL_connect cert continue non/blocking
Tue Jul  3 09:39:51 2012: In ReadCb
Tue Jul  3 09:39:51 2012: Calling SSL_connect cert
Tue Jul  3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 4730
Tue Jul  3 09:39:51 2012: Cyassl ReceiveCb got data
Tue Jul  3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 3470
Tue Jul  3 09:39:51 2012: Cyassl ReceiveCb doesn't have any data ready yet
Tue Jul  3 09:39:51 2012: SSL_connect cert continue non/blocking
Tue Jul  3 09:39:51 2012: In ReadCb
Tue Jul  3 09:39:51 2012: Calling SSL_connect cert
Tue Jul  3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 3470
Tue Jul  3 09:39:51 2012: Cyassl ReceiveCb got data
Tue Jul  3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 2052
Tue Jul  3 09:39:51 2012: Cyassl ReceiveCb doesn't have any data ready yet
Tue Jul  3 09:39:51 2012: SSL_connect cert continue non/blocking
Tue Jul  3 09:39:51 2012: In ReadCb
Tue Jul  3 09:39:51 2012: Calling SSL_connect cert
Tue Jul  3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 2052
Tue Jul  3 09:39:51 2012: Cyassl ReceiveCb got data
Tue Jul  3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 5
Tue Jul  3 09:39:51 2012: Cyassl ReceiveCb got data
Tue Jul  3 09:39:51 2012: CyaSSL Receive Cb requesting sz = 4
Tue Jul  3 09:39:51 2012: Cyassl ReceiveCb got data
Tue Jul  3 09:39:51 2012: SSL_connect cert success
Tue Jul  3 09:39:51 2012: Peer's cert is 6777 bytes

Tue Jul  3 09:39:51 2012: Spoofed cert, now saving it
Tue Jul  3 09:39:51 2012: Caching spoofed cert
Tue Jul  3 09:39:51 2012: Scheduling downstream request
Tue Jul  3 09:39:51 2012: In ReadCb
Tue Jul  3 09:39:51 2012: Checking DownStream Headers
Tue Jul  3 09:39:51 2012: End of headers at 173
Tue Jul  3 09:39:51 2012: CONNECT 74.125.132.94:443 HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0.1
Proxy-Connection: keep-alive
Host: 74.125.132.94

Tue Jul  3 09:39:51 2012: Trying to caputre proxy auth header if there
Tue Jul  3 09:39:51 2012: Search of evbuffer failed
Tue Jul  3 09:39:51 2012: No proxy auth header, ok
Tue Jul  3 09:39:51 2012: In FirstBumpInRequest
Tue Jul  3 09:39:51 2012: In GetRequestInfo
Tue Jul  3 09:39:51 2012:
    request method  = CONNECT
    request uri     = 74.125.132.94:443
    request version = HTTP/1.1
    request host    = 74.125.132.94
    request port    = 443

Tue Jul  3 09:39:51 2012: In IsCertCached
Tue Jul  3 09:39:51 2012: We don't have bloxx answer yet, saving it
[Switching to Thread 0x7ffff3c04700 (LWP 22326)]

Breakpoint 1, bloxx_sslbump (req=0x7ffff3bf3ce0) at src/bloxx.c:89
89    {
(gdb) n
Tue Jul  3 09:39:53 2012: intofiy read error, will continue
Tue Jul  3 09:39:53 2012: intofiy read error, will continue
Tue Jul  3 09:39:53 2012: intofiy read error, will continue
Tue Jul  3 09:39:53 2012: intofiy read error, will continue
Tue Jul  3 09:39:53 2012: intofiy read error, will continue
90        assert(req);
(gdb)
Tue Jul  3 09:39:54 2012: intofiy read error, will continue
89    {
(gdb)
Tue Jul  3 09:39:54 2012: intofiy read error, will continue
90        assert(req);
(gdb)
Tue Jul  3 09:39:54 2012: intofiy read error, will continue
91        assert(req->src);
(gdb)
Tue Jul  3 09:39:54 2012: intofiy read error, will continue
Tue Jul  3 09:39:54 2012: intofiy read error, will continue
Tue Jul  3 09:39:54 2012: intofiy read error, will continue
92        assert(req->dst);
(gdb)
Tue Jul  3 09:39:55 2012: intofiy read error, will continue
Tue Jul  3 09:39:55 2012: intofiy read error, will continue
93        assert(req->cert.data);
(gdb)
Tue Jul  3 09:39:56 2012: intofiy read error, will continue
Tue Jul  3 09:39:56 2012: intofiy read error, will continue
94        assert(req->cert.len > 0);
(gdb)
Tue Jul  3 09:39:57 2012: intofiy read error, will continue
Tue Jul  3 09:39:57 2012: intofiy read error, will continue
102        XDEBUG("Bloxx: [%s] Got req->src = '%s'",
(gdb)
Tue Jul  3 09:39:58 2012: intofiy read error, will continue
Tue Jul  3 09:39:58 2012: intofiy read error, will continue
Tue Jul  3 09:39:58 2012: intofiy read error, will continue
Tue Jul  3 09:39:58 2012: intofiy read error, will continue
Tue Jul  3 09:39:58 2012: intofiy read error, will continue
Tue Jul  3 09:39:58 2012: Bloxx: [bloxx_sslbump] Got req->src = '172.21.127.11'
104        XDEBUG("Bloxx: [%s] Got req->dst = '%s'",
(gdb)
Tue Jul  3 09:39:59 2012: intofiy read error, will continue
Tue Jul  3 09:39:59 2012: intofiy read error, will continue
Tue Jul  3 09:39:59 2012: intofiy read error, will continue
Tue Jul  3 09:39:59 2012: intofiy read error, will continue
111        if (inet_pton(AF_INET, req->dst, &addr))
(gdb)
Tue Jul  3 09:40:00 2012: intofiy read error, will continue
104        XDEBUG("Bloxx: [%s] Got req->dst = '%s'",
(gdb)
Tue Jul  3 09:40:01 2012: intofiy read error, will continue
Tue Jul  3 09:40:01 2012: Bloxx: [bloxx_sslbump] Got req->dst = '74.125.132.94'
Tue Jul  3 09:40:01 2012: intofiy read error, will continue
111        if (inet_pton(AF_INET, req->dst, &addr))
(gdb)
Tue Jul  3 09:40:02 2012: intofiy read error, will continue
Tue Jul  3 09:40:02 2012: intofiy read error, will continue
Tue Jul  3 09:40:02 2012: intofiy read error, will continue
109        struct in_addr addr = { };
(gdb)
Tue Jul  3 09:40:02 2012: intofiy read error, will continue
111        if (inet_pton(AF_INET, req->dst, &addr))
(gdb)
Tue Jul  3 09:40:03 2012: intofiy read error, will continue
Tue Jul  3 09:40:03 2012: intofiy read error, will continue
Tue Jul  3 09:40:03 2012: intofiy read error, will continue
Tue Jul  3 09:40:03 2012: intofiy read error, will continue
113            XDEBUG("Bloxx: [%s] Detected IPv4 address (%s)",
(gdb)
Tue Jul  3 09:40:04 2012: intofiy read error, will continue
Tue Jul  3 09:40:04 2012: intofiy read error, will continue
Tue Jul  3 09:40:04 2012: intofiy read error, will continue
Tue Jul  3 09:40:04 2012: intofiy read error, will continue
Tue Jul  3 09:40:04 2012: intofiy read error, will continue
Tue Jul  3 09:40:04 2012: intofiy read error, will continue
Tue Jul  3 09:40:04 2012: Bloxx: [bloxx_sslbump] Detected IPv4 address (74.125.132.94)
115            XDEBUG("Bloxx: [%s] Checking for IPv4 tunnel rule",
(gdb)
Tue Jul  3 09:40:05 2012: intofiy read error, will continue
Tue Jul  3 09:40:05 2012: intofiy read error, will continue
Tue Jul  3 09:40:05 2012: intofiy read error, will continue
Tue Jul  3 09:40:05 2012: intofiy read error, will continue
Tue Jul  3 09:40:05 2012: intofiy read error, will continue
Tue Jul  3 09:40:05 2012: Bloxx: [bloxx_sslbump] Checking for IPv4 tunnel rule
118            pthread_rwlock_rdlock(&ip4Lock);
(gdb)
Tue Jul  3 09:40:05 2012: intofiy read error, will continue
Tue Jul  3 09:40:05 2012: intofiy read error, will continue
Tue Jul  3 09:40:05 2012: intofiy read error, will continue
120            if (LookupHashTable(&ip4Rules, (void *)&addr, NULL))
(gdb)
Tue Jul  3 09:40:06 2012: intofiy read error, will continue
Tue Jul  3 09:40:06 2012: intofiy read error, will continue
Tue Jul  3 09:40:06 2012: intofiy read error, will continue
Tue Jul  3 09:40:06 2012: intofiy read error, will continue
Tue Jul  3 09:40:06 2012: intofiy read error, will continue
128            pthread_rwlock_unlock(&ip4Lock);
(gdb)
Tue Jul  3 09:40:07 2012: intofiy read error, will continue
Tue Jul  3 09:40:07 2012: intofiy read error, will continue
Tue Jul  3 09:40:07 2012: intofiy read error, will continue
Tue Jul  3 09:40:07 2012: intofiy read error, will continue
148        if (bump)
(gdb)
Tue Jul  3 09:40:07 2012: intofiy read error, will continue
Tue Jul  3 09:40:07 2012: intofiy read error, will continue
151            if (IsDebugLevel())
(gdb)
Tue Jul  3 09:40:08 2012: intofiy read error, will continue
Tue Jul  3 09:40:08 2012: intofiy read error, will continue
Tue Jul  3 09:40:08 2012: intofiy read error, will continue
153                XDEBUG("Bloxx: [%s] Checking for certificate tunnel rule",
(gdb)
Tue Jul  3 09:40:08 2012: intofiy read error, will continue
Tue Jul  3 09:40:08 2012: intofiy read error, will continue
Tue Jul  3 09:40:08 2012: intofiy read error, will continue
Tue Jul  3 09:40:08 2012: intofiy read error, will continue
Tue Jul  3 09:40:08 2012: intofiy read error, will continue
Tue Jul  3 09:40:08 2012: Bloxx: [bloxx_sslbump] Checking for certificate tunnel rule
156                XDEBUG("Bloxx: [%s] Decoding certificate",
(gdb)
Tue Jul  3 09:40:08 2012: intofiy read error, will continue
Tue Jul  3 09:40:08 2012: intofiy read error, will continue
Tue Jul  3 09:40:08 2012: intofiy read error, will continue
Tue Jul  3 09:40:08 2012: intofiy read error, will continue
Tue Jul  3 09:40:08 2012: Bloxx: [bloxx_sslbump] Decoding certificate
160                DecodedCert cert = { };
(gdb)
Tue Jul  3 09:40:09 2012: intofiy read error, will continue
Tue Jul  3 09:40:09 2012: intofiy read error, will continue
Tue Jul  3 09:40:09 2012: intofiy read error, will continue
161                InitDecodedCert(&cert,
(gdb) watch cert.subjectCN
Hardware watchpoint 2: cert.subjectCN
(gdb) n
Tue Jul  3 09:40:21 2012: intofiy read error, will continue
160                DecodedCert cert = { };
(gdb)
Tue Jul  3 09:40:23 2012: intofiy read error, will continue
Tue Jul  3 09:40:23 2012: intofiy read error, will continue
Tue Jul  3 09:40:23 2012: intofiy read error, will continue
161                InitDecodedCert(&cert,
(gdb)
Tue Jul  3 09:40:23 2012: intofiy read error, will continue
Tue Jul  3 09:40:23 2012: intofiy read error, will continue
Tue Jul  3 09:40:23 2012: intofiy read error, will continue
Tue Jul  3 09:40:23 2012: intofiy read error, will continue
Tue Jul  3 09:40:23 2012: intofiy read error, will continue
Hardware watchpoint 2: cert.subjectCN

Old value = 0x7ffff3bf3c40 ""
New value = 0x0
0x00007ffff7141120 in InitDecodedCert () from /usr/lib/libcyassl.so.3
(gdb)
Single stepping until exit from function InitDecodedCert,
which has no line number information.
Tue Jul  3 09:40:24 2012: intofiy read error, will continue
Tue Jul  3 09:40:24 2012: intofiy read error, will continue
Tue Jul  3 09:40:24 2012: intofiy read error, will continue
Tue Jul  3 09:40:24 2012: intofiy read error, will continue
Tue Jul  3 09:40:24 2012: intofiy read error, will continue
bloxx_sslbump (req=0x7ffff3bf3ce0) at src/bloxx.c:166
166                XDEBUG("Bloxx: Going to parse cert\n");
(gdb)
Tue Jul  3 09:40:25 2012: intofiy read error, will continue
Tue Jul  3 09:40:25 2012: intofiy read error, will continue
Tue Jul  3 09:40:25 2012: intofiy read error, will continue
Bloxx: Going to parse cert
167                if (ParseCert(&cert, CERT_TYPE, NO_VERIFY, 0) != 0)
(gdb)
Tue Jul  3 09:40:26 2012: intofiy read error, will continue
Tue Jul  3 09:40:26 2012: intofiy read error, will continue
Hardware watchpoint 2: cert.subjectCN

Old value = 0x0
New value = 0x6603b0 "google.com0\201\237\060\r\006\t*\206H\206\367\r\001\001\001\005"
0x00007ffff71447d4 in ?? () from /usr/lib/libcyassl.so.3
(gdb)
Cannot find bounds of current function
(gdb)

Joseph Spadavecchia
joseph@redtrie.com

Share

Re: cyassl-2.4.0 ParseCert() is smashing stack (YASSL_API_TESTING)

No replacement is on the map yet.

If you --enable-yassl-testing the same ParseCert() is called with the same arguments.  Also, SSL_connect() calls ParseCert().  I've never seen this stack problem in those instances.  Is it possible something else is damaging the stack and you're just seeing it then?

Share

Re: cyassl-2.4.0 ParseCert() is smashing stack (YASSL_API_TESTING)

The problem is that the stack smashing does not occur in version 2.2.0.

With the same version of our code (0.9-73), the stack smashing does not happen when we use cyassl-2.2.0 embedded SSL.  The problem only when we upgrade to 2.4.0, again with version 0.9-73 (or later) or our code.

Since SSL_connect() calls ParseCert(), this increases the priority for us to resolve this.

In order to eliminate any of our code as suspect could you please suggest a simple unit test?

Thanks.

Joseph Spadavecchia
joseph@redtrie.com

Share

Re: cyassl-2.4.0 ParseCert() is smashing stack (YASSL_API_TESTING)

Hi Todd,

Please find below a gdb trace of it happening with --enable-yassl-testing

This is with version 0.9-73 of our code and libcyassl-2.4.0.  We have tested with versions >= 0.9-73 and the same issue happens.  When we downgrade cyassl to version 2.2.0, then the problem goes away.

Many thanks,
*Joe


^C
Program received signal SIGINT, Interrupt.
0x00007ffff70b32d3 in epoll_wait () at ../sysdeps/unix/syscall-template.S:82
82    ../sysdeps/unix/syscall-template.S: No such file or directory.
    in ../sysdeps/unix/syscall-template.S
(gdb) break bloxx_sslbump
Breakpoint 1 at 0x40c160: file src/bloxx.c, line 786.
(gdb) c
Continuing.
Wed Jul  4 09:43:51 2012: intofiy read error, will continue
Wed Jul  4 09:44:09 2012: Accepted a connection, sent to thread 0
Wed Jul  4 09:44:09 2012: Peer is from 172.21.127.11 port 51238
Wed Jul  4 09:44:09 2012: In ReadCb
Wed Jul  4 09:44:09 2012: Checking DownStream Headers
Wed Jul  4 09:44:09 2012: End of headers at 175
Wed Jul  4 09:44:09 2012: CONNECT 173.194.67.104:443 HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0.1
Proxy-Connection: keep-alive
Host: 173.194.67.104

Wed Jul  4 09:44:09 2012: Trying to caputre proxy auth header if there
Wed Jul  4 09:44:09 2012: Search of evbuffer failed
Wed Jul  4 09:44:09 2012: No proxy auth header, ok
Wed Jul  4 09:44:09 2012: In FirstBumpInRequest
Wed Jul  4 09:44:09 2012: In GetRequestInfo
Wed Jul  4 09:44:09 2012:
    request method  = CONNECT
    request uri     = 173.194.67.104:443
    request version = HTTP/1.1
    request host    = 173.194.67.104
    request port    = 443

Wed Jul  4 09:44:09 2012: In IsCertCached
Wed Jul  4 09:44:09 2012: Starting to get peer's cert
Wed Jul  4 09:44:09 2012: Check Headers continue
Wed Jul  4 09:44:09 2012: In EventCb
Wed Jul  4 09:44:09 2012: Connected to certStream nonblocking OK
Wed Jul  4 09:44:09 2012: Calling SSL_connect cert
Wed Jul  4 09:44:09 2012: Cyassl SendCb sent
Wed Jul  4 09:44:09 2012: CyaSSL Receive Cb requesting sz = 5
Wed Jul  4 09:44:09 2012: Cyassl ReceiveCb doesn't have any data ready yet
Wed Jul  4 09:44:09 2012: SSL_connect cert continue non/blocking
Wed Jul  4 09:44:09 2012: In ReadCb
Wed Jul  4 09:44:09 2012: Calling SSL_connect cert
Wed Jul  4 09:44:09 2012: CyaSSL Receive Cb requesting sz = 5
Wed Jul  4 09:44:09 2012: Cyassl ReceiveCb got data
Wed Jul  4 09:44:09 2012: CyaSSL Receive Cb requesting sz = 74
Wed Jul  4 09:44:09 2012: Cyassl ReceiveCb got data
Wed Jul  4 09:44:09 2012: CyaSSL Receive Cb requesting sz = 5
Wed Jul  4 09:44:09 2012: Cyassl ReceiveCb got data
Wed Jul  4 09:44:09 2012: CyaSSL Receive Cb requesting sz = 1625
Wed Jul  4 09:44:09 2012: Cyassl ReceiveCb got data
Wed Jul  4 09:44:09 2012: CyaSSL Receive Cb requesting sz = 5
Wed Jul  4 09:44:09 2012: Cyassl ReceiveCb got data
Wed Jul  4 09:44:09 2012: CyaSSL Receive Cb requesting sz = 4
Wed Jul  4 09:44:09 2012: Cyassl ReceiveCb got data
Wed Jul  4 09:44:09 2012: SSL_connect cert success
Wed Jul  4 09:44:09 2012: Peer's cert is 805 bytes

Wed Jul  4 09:44:09 2012: Spoofed cert, now saving it
Wed Jul  4 09:44:09 2012: Caching spoofed cert
Wed Jul  4 09:44:09 2012: Scheduling downstream request
Wed Jul  4 09:44:09 2012: In ReadCb
Wed Jul  4 09:44:09 2012: Checking DownStream Headers
Wed Jul  4 09:44:09 2012: End of headers at 175
Wed Jul  4 09:44:09 2012: CONNECT 173.194.67.104:443 HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0.1
Proxy-Connection: keep-alive
Host: 173.194.67.104

Wed Jul  4 09:44:09 2012: Trying to caputre proxy auth header if there
Wed Jul  4 09:44:09 2012: Search of evbuffer failed
Wed Jul  4 09:44:09 2012: No proxy auth header, ok
Wed Jul  4 09:44:09 2012: In FirstBumpInRequest
Wed Jul  4 09:44:09 2012: In GetRequestInfo
Wed Jul  4 09:44:09 2012:
    request method  = CONNECT
    request uri     = 173.194.67.104:443
    request version = HTTP/1.1
    request host    = 173.194.67.104
    request port    = 443

Wed Jul  4 09:44:09 2012: In IsCertCached
Wed Jul  4 09:44:09 2012: We don't have bloxx answer yet, saving it
[Switching to Thread 0x7ffff6716700 (LWP 16392)]

Breakpoint 1, bloxx_sslbump (req=0x7ffff6705d00) at src/bloxx.c:786
786    {
(gdb) watch cert.subjectCN
Hardware watchpoint 2: cert.subjectCN
(gdb) n
Wed Jul  4 09:44:19 2012: intofiy read error, will continue
Wed Jul  4 09:44:19 2012: intofiy read error, will continue
Wed Jul  4 09:44:19 2012: intofiy read error, will continue
Wed Jul  4 09:44:19 2012: intofiy read error, will continue
787        assert(req);
(gdb)
Wed Jul  4 09:44:19 2012: intofiy read error, will continue
Wed Jul  4 09:44:19 2012: intofiy read error, will continue
788        assert(req->src);
(gdb)
Wed Jul  4 09:44:20 2012: intofiy read error, will continue
Wed Jul  4 09:44:20 2012: intofiy read error, will continue
789        assert(req->dst);
(gdb)
Wed Jul  4 09:44:20 2012: intofiy read error, will continue
Wed Jul  4 09:44:20 2012: intofiy read error, will continue
790        assert(req->cert.data);
(gdb)
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
791        assert(req->cert.len > 0);
(gdb)
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
798        DecodedCert cert = { };
(gdb)
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
Wed Jul  4 09:44:21 2012: intofiy read error, will continue
799        InitDecodedCert(&cert,
(gdb)
Wed Jul  4 09:44:23 2012: intofiy read error, will continue
Wed Jul  4 09:44:23 2012: intofiy read error, will continue
Wed Jul  4 09:44:23 2012: intofiy read error, will continue
Hardware watchpoint 2: cert.subjectCN

Old value = 0x7ffff6705c79 ""
New value = 0x0
0x00007ffff736d120 in InitDecodedCert () from /usr/lib/libcyassl.so.3
(gdb)
Single stepping until exit from function InitDecodedCert,
which has no line number information.
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
Wed Jul  4 09:44:24 2012: intofiy read error, will continue
bloxx_sslbump (req=<value optimized out>) at src/bloxx.c:803
803        if (ParseCert(&cert, CERT_TYPE, NO_VERIFY, 0) != 0)
(gdb)
Wed Jul  4 09:44:25 2012: intofiy read error, will continue
Wed Jul  4 09:44:25 2012: intofiy read error, will continue
Wed Jul  4 09:44:25 2012: intofiy read error, will continue
Wed Jul  4 09:44:25 2012: intofiy read error, will continue
Wed Jul  4 09:44:25 2012: intofiy read error, will continue
Wed Jul  4 09:44:25 2012: intofiy read error, will continue
Hardware watchpoint 2: cert.subjectCN

Old value = 0x0
New value = 0x61cf68 "www.google.com0\201\237\060\r\006\t*\206H\206\367\r\001\001\001\005"
0x00007ffff73707d4 in ?? () from /usr/lib/libcyassl.so.3
(gdb)
Cannot find bounds of current function
(gdb)

Joseph Spadavecchia
joseph@redtrie.com

Share