Memory leaks are observed for libgcrypt.so.11 in multi-thread mode

Hi,
My program is a multi-thread server(pthread) working in Solaris enviorment, For thread-safe consideration, according to the guide, I have defined the following macro and call the specific function during iniatlization:
GCRY_THREAD_OPTION_PTHREAD_IMPL;
 gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);

Scenario1:
Launch Tls session one after another to guarantee there is no concurrency existing between tls session, there is no memory leak reported by MDB;


Scenario2:
Launch TLS session concurrently, e.g., 50 TPS,  memory leaks are reported by MDB

> ::findleaks
CACHE     LEAKED   BUFCTL CALLER
00204a88      17 0053b860 libUE.so`_ZN12PacketHelper12createPacketEi+0x34
0020dc08      27 00aea708 libgcrypt.so.11`do_malloc+0x54
0020b188      88 012f0b40 libgcrypt.so.11`do_malloc+0x54
0020dc08     100 013aa000 libgcrypt.so.11`do_malloc+0x54
0020ae08      64 00461e00 libgcrypt.so.11`do_malloc+0x54
0020b188      39 0073a780 libgcrypt.so.11`do_malloc+0x54
0020ae08      65 016cf248 libgcrypt.so.11`do_malloc+0x54
0020dc08     129 00aea7f8 libgcrypt.so.11`do_malloc+0x54
----------------------------------------------------------------------
   Total     529 buffers, 325752 bytes

I have disabled the session reusage and deinit tls sessions structure with gnutls_deinit().

Anybody can give me some tips on this issue?

Regards
Tony

---

使用新一代 Windows Live Messenger 轻松交流和共享！ 立刻下载！
_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls

I have redone my test and go through the memory leak points, I get the following info:
> ::findleaks
CACHE     LEAKED   BUFCTL CALLER
00204e08       1 004ab7e8 libclntsh.so.10.1`sigpnm+0x80
0020b188    7816 007f53b0 libgcrypt.so.11`do_malloc+0x54
0020ae08     106 0130e960 libgcrypt.so.11`do_malloc+0x54
0020dc08       1 00c0cd98 libgcrypt.so.11`do_malloc+0x54
0020dc08      63 008a5e78 libgcrypt.so.11`do_malloc+0x54
0020ae08    8153 0043f518 libgcrypt.so.11`do_malloc+0x54
0020b188     422 01046168 libgcrypt.so.11`do_malloc+0x54
0020dc08    8330 00b3d860 libgcrypt.so.11`do_malloc+0x54
0020dc08    8230 01206438 libgcrypt.so.11`do_malloc+0x54
----------------------------------------------------------------------
   Total   33122 buffers, 21130336 bytes
  
> 007f53b0$<bufctl_audit
0x7f53b0:       next            addr            slab
                0               7f3700          21aa50         
0x7f53bc:       cache           timestamp       thread
                20b188          738886035200566511             
0x7f53cc:       lastlog         contents        stackdepth
                1d8000          0               15             
                libumem.so.1`umem_cache_alloc+0x208
                libumem.so.1`umem_alloc+0x44
                libumem.so.1`malloc+0x2c
                libgcrypt.so.11`do_malloc+0x54
                libgcrypt.so.11`_gcry_malloc+0x10
                libgcrypt.so.11`md_enable+0xfc
                libgcrypt.so.11`md_open+0xfc
                libgcrypt.so.11`_gcry_md_open+0x4c
                libgnutls.so.26`wrap_gcry_hash_init+0x60
                libgnutls.so.26`_gnutls_hash_init+0x78
                libgnutls.so.26`gnutls_handshake+0xe8
                libUE.so`_ZN12SSLSETDriver9onReceiveEv+0x268
                libUE.so`_ZN12InTaskRunner3runEv+0x118
                libclassutil.so`_ZN7MThread7routineEv+0x28
                libclassutil.so`_ZN7MThread10thrRoutineEPv+0x1c

All other leaks points also show the same clues: memory leaks happen during the gnutls_handshake.

For the report of MDB, total 21130336 bytes memory leaks are observed. I have launched 167201 session in 3344 seconds.

Anybody can give me some helps? If I am not using gnutls in the proper way???

Regards
Tony

---

From: tang__tong@...
To: help-gnutls@...
Date: Sat, 10 Oct 2009 08:21:05 +0000
Subject: Memory leaks are observed for libgcrypt.so.11 in multi-thread mode

Hi,
My program is a multi-thread server(pthread) working in Solaris enviorment, For thread-safe consideration, according to the guide, I have defined the following macro and call the specific function during iniatlization:
GCRY_THREAD_OPTION_PTHREAD_IMPL;
 gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);

Scenario1:
Launch Tls session one after another to guarantee there is no concurrency existing between tls session, there is no memory leak reported by MDB;


Scenario2:
Launch TLS session concurrently, e.g., 50 TPS,  memory leaks are reported by MDB

> ::findleaks
CACHE     LEAKED   BUFCTL CALLER
00204a88      17 0053b860 libUE.so`_ZN12PacketHelper12createPacketEi+0x34
0020dc08      27 00aea708 libgcrypt.so.11`do_malloc+0x54
0020b188      88 012f0b40 libgcrypt.so.11`do_malloc+0x54
0020dc08     100 013aa000 libgcrypt.so.11`do_malloc+0x54
0020ae08      64 00461e00 libgcrypt.so.11`do_malloc+0x54
0020b188      39 0073a780 libgcrypt.so.11`do_malloc+0x54
0020ae08      65 016cf248 libgcrypt.so.11`do_malloc+0x54
0020dc08     129 00aea7f8 libgcrypt.so.11`do_malloc+0x54
----------------------------------------------------------------------
   Total     529 buffers, 325752 bytes

I have disabled the session reusage and deinit tls sessions structure with gnutls_deinit().

Anybody can give me some tips on this issue?

Regards
Tony

---

使用新一代 Windows Live Messenger 轻松交流和共享！ 立刻下载！

---

使用新一代 Windows Live Messenger 轻松交流和共享！ 立刻下载！
_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls

Some more info for issue investigation:
1)I define my own push/pull function for transport;
   gnutls_transport_set_pull_function(session,pullFunc);
   gnutls_transport_set_push_function(session,pushFunc);

2)To support server name extension, I define the certificate call back func for credential:
    gnutls_certificate_server_set_retrieve_function(_x509Cred,certRequestCallBack);
    In certRequestCallBack():
     st->deinit_all = 0;//I think all cert/key information are shared by all session, so should not be released

According to my understanding, all memory allocated in handshake for a session will be released in gnutls_deinit(session). right?

Regards
Tony

---

From: tang__tong@...
To: help-gnutls@...
Date: Mon, 12 Oct 2009 05:56:34 +0000
Subject: Memory leaks are observed for libgnutls in multi-thread mode

I have redone my test and go through the memory leak points, I get the following info:
> ::findleaks
CACHE     LEAKED   BUFCTL CALLER
00204e08       1 004ab7e8 libclntsh.so.10.1`sigpnm+0x80
0020b188    7816 007f53b0 libgcrypt.so.11`do_malloc+0x54
0020ae08     106 0130e960 libgcrypt.so.11`do_malloc+0x54
0020dc08       1 00c0cd98 libgcrypt.so.11`do_malloc+0x54
0020dc08      63 008a5e78 libgcrypt.so.11`do_malloc+0x54
0020ae08    8153 0043f518 libgcrypt.so.11`do_malloc+0x54
0020b188     422 01046168 libgcrypt.so.11`do_malloc+0x54
0020dc08    8330 00b3d860 libgcrypt.so.11`do_malloc+0x54
0020dc08    8230 01206438 libgcrypt.so.11`do_malloc+0x54
----------------------------------------------------------------------
   Total   33122 buffers, 21130336 bytes
  
> 007f53b0$<bufctl_audit
0x7f53b0:       next            addr            slab
                0               7f3700          21aa50         
0x7f53bc:       cache           timestamp       thread
                20b188          738886035200566511             
0x7f53cc:       lastlog         contents        stackdepth
                1d8000          0               15             
                libumem.so.1`umem_cache_alloc+0x208
                libumem.so.1`umem_alloc+0x44
                libumem.so.1`malloc+0x2c
                libgcrypt.so.11`do_malloc+0x54
                libgcrypt.so.11`_gcry_malloc+0x10
                libgcrypt.so.11`md_enable+0xfc
                libgcrypt.so.11`md_open+0xfc
                libgcrypt.so.11`_gcry_md_open+0x4c
                libgnutls.so.26`wrap_gcry_hash_init+0x60
                libgnutls.so.26`_gnutls_hash_init+0x78
                libgnutls.so.26`gnutls_handshake+0xe8
                libUE.so`_ZN12SSLSETDriver9onReceiveEv+0x268
                libUE.so`_ZN12InTaskRunner3runEv+0x118
                libclassutil.so`_ZN7MThread7routineEv+0x28
                libclassutil.so`_ZN7MThread10thrRoutineEPv+0x1c

All other leaks points also show the same clues: memory leaks happen during the gnutls_handshake.

For the report of MDB, total 21130336 bytes memory leaks are observed. I have launched 167201 session in 3344 seconds.

Anybody can give me some helps? If I am not using gnutls in the proper way???

Regards
Tony

---

From: tang__tong@...
To: help-gnutls@...
Date: Sat, 10 Oct 2009 08:21:05 +0000
Subject: Memory leaks are observed for libgcrypt.so.11 in multi-thread mode

Hi,
My program is a multi-thread server(pthread) working in Solaris enviorment, For thread-safe consideration, according to the guide, I have defined the following macro and call the specific function during iniatlization:
GCRY_THREAD_OPTION_PTHREAD_IMPL;
 gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);

Scenario1:
Launch Tls session one after another to guarantee there is no concurrency existing between tls session, there is no memory leak reported by MDB;


Scenario2:
Launch TLS session concurrently, e.g., 50 TPS,  memory leaks are reported by MDB

> ::findleaks
CACHE     LEAKED   BUFCTL CALLER
00204a88      17 0053b860 libUE.so`_ZN12PacketHelper12createPacketEi+0x34
0020dc08      27 00aea708 libgcrypt.so.11`do_malloc+0x54
0020b188      88 012f0b40 libgcrypt.so.11`do_malloc+0x54
0020dc08     100 013aa000 libgcrypt.so.11`do_malloc+0x54
0020ae08      64 00461e00 libgcrypt.so.11`do_malloc+0x54
0020b188      39 0073a780 libgcrypt.so.11`do_malloc+0x54
0020ae08      65 016cf248 libgcrypt.so.11`do_malloc+0x54
0020dc08     129 00aea7f8 libgcrypt.so.11`do_malloc+0x54
----------------------------------------------------------------------
   Total     529 buffers, 325752 bytes

I have disabled the session reusage and deinit tls sessions structure with gnutls_deinit().

Anybody can give me some tips on this issue?

Regards
Tony

---

使用新一代 Windows Live Messenger 轻松交流和共享！ 立刻下载！

---

使用新一代 Windows Live Messenger 轻松交流和共享！ 立刻下载！

---

使用新一代 Windows Live Messenger 轻松交流和共享！ 立刻下载！
_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls

Hi,
I have checked the source codes of gnutls, in _gnutls_handshake_hash_init(), which will be called by gnutls_hand_shake, both
"session->internals.handshake_mac_handle_md5" and "session->internals.handshake_mac_handle_sha" will be initalized by _gnutls_hash_init(), What confuse me is why only _gnutls_hash_init() for MD5 will trigger memory leak, seems under some situation, only sha related resource of a session allocated by _gnutls_hash_init() is released.

Would anybody give me some advice on this dilema?

Regards
Tony

---

From: tang__tong@...
To: help-gnutls@...
Date: Mon, 12 Oct 2009 06:29:09 +0000
Subject: RE: Memory leaks are observed for libgnutls in multi-thread mode

Some more info for issue investigation:
1)I define my own push/pull function for transport;
   gnutls_transport_set_pull_function(session,pullFunc);
   gnutls_transport_set_push_function(session,pushFunc);

2)To support server name extension, I define the certificate call back func for credential:
    gnutls_certificate_server_set_retrieve_function(_x509Cred,certRequestCallBack);
    In certRequestCallBack():
     st->deinit_all = 0;//I think all cert/key information are shared by all session, so should not be released

According to my understanding, all memory allocated in handshake for a session will be released in gnutls_deinit(session). right?

Regards
Tony

---

From: tang__tong@...
To: help-gnutls@...
Date: Mon, 12 Oct 2009 05:56:34 +0000
Subject: Memory leaks are observed for libgnutls in multi-thread mode

I have redone my test and go through the memory leak points, I get the following info:
> ::findleaks
CACHE     LEAKED   BUFCTL CALLER
00204e08       1 004ab7e8 libclntsh.so.10.1`sigpnm+0x80
0020b188    7816 007f53b0 libgcrypt.so.11`do_malloc+0x54
0020ae08     106 0130e960 libgcrypt.so.11`do_malloc+0x54
0020dc08       1 00c0cd98 libgcrypt.so.11`do_malloc+0x54
0020dc08      63 008a5e78 libgcrypt.so.11`do_malloc+0x54
0020ae08    8153 0043f518 libgcrypt.so.11`do_malloc+0x54
0020b188     422 01046168 libgcrypt.so.11`do_malloc+0x54
0020dc08    8330 00b3d860 libgcrypt.so.11`do_malloc+0x54
0020dc08    8230 01206438 libgcrypt.so.11`do_malloc+0x54
----------------------------------------------------------------------
   Total   33122 buffers, 21130336 bytes
  
> 007f53b0$<bufctl_audit
0x7f53b0:       next            addr            slab
                0               7f3700          21aa50         
0x7f53bc:       cache           timestamp       thread
                20b188          738886035200566511             
0x7f53cc:       lastlog         contents        stackdepth
                1d8000          0               15             
                libumem.so.1`umem_cache_alloc+0x208
                libumem.so.1`umem_alloc+0x44
                libumem.so.1`malloc+0x2c
                libgcrypt.so.11`do_malloc+0x54
                libgcrypt.so.11`_gcry_malloc+0x10
                libgcrypt.so.11`md_enable+0xfc
                libgcrypt.so.11`md_open+0xfc
                libgcrypt.so.11`_gcry_md_open+0x4c
                libgnutls.so.26`wrap_gcry_hash_init+0x60
                libgnutls.so.26`_gnutls_hash_init+0x78
                libgnutls.so.26`gnutls_handshake+0xe8
                libUE.so`_ZN12SSLSETDriver9onReceiveEv+0x268
                libUE.so`_ZN12InTaskRunner3runEv+0x118
                libclassutil.so`_ZN7MThread7routineEv+0x28
                libclassutil.so`_ZN7MThread10thrRoutineEPv+0x1c

All other leaks points also show the same clues: memory leaks happen during the gnutls_handshake.

For the report of MDB, total 21130336 bytes memory leaks are observed. I have launched 167201 session in 3344 seconds.

Anybody can give me some helps? If I am not using gnutls in the proper way???

Regards
Tony

---

From: tang__tong@...
To: help-gnutls@...
Date: Sat, 10 Oct 2009 08:21:05 +0000
Subject: Memory leaks are observed for libgcrypt.so.11 in multi-thread mode

Hi,
My program is a multi-thread server(pthread) working in Solaris enviorment, For thread-safe consideration, according to the guide, I have defined the following macro and call the specific function during iniatlization:
GCRY_THREAD_OPTION_PTHREAD_IMPL;
 gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);

Scenario1:
Launch Tls session one after another to guarantee there is no concurrency existing between tls session, there is no memory leak reported by MDB;


Scenario2:
Launch TLS session concurrently, e.g., 50 TPS,  memory leaks are reported by MDB

> ::findleaks
CACHE     LEAKED   BUFCTL CALLER
00204a88      17 0053b860 libUE.so`_ZN12PacketHelper12createPacketEi+0x34
0020dc08      27 00aea708 libgcrypt.so.11`do_malloc+0x54
0020b188      88 012f0b40 libgcrypt.so.11`do_malloc+0x54
0020dc08     100 013aa000 libgcrypt.so.11`do_malloc+0x54
0020ae08      64 00461e00 libgcrypt.so.11`do_malloc+0x54
0020b188      39 0073a780 libgcrypt.so.11`do_malloc+0x54
0020ae08      65 016cf248 libgcrypt.so.11`do_malloc+0x54
0020dc08     129 00aea7f8 libgcrypt.so.11`do_malloc+0x54
----------------------------------------------------------------------
   Total     529 buffers, 325752 bytes

I have disabled the session reusage and deinit tls sessions structure with gnutls_deinit().

Anybody can give me some tips on this issue?

Regards
Tony

---

使用新一代 Windows Live Messenger 轻松交流和共享！ 立刻下载！

---

使用新一代 Windows Live Messenger 轻松交流和共享！ 立刻下载！

---

使用新一代 Windows Live Messenger 轻松交流和共享！ 立刻下载！

---

Messenger保护盾2.0，更安全可靠的Messenger聊天！ 现在就下载！
_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls

Hi,
 thanks for the investigation.
From the following trace:
                libgcrypt.so.11`md_enable+0xfc
                libgcrypt.so.11`md_open+0xfc

I suppose that this leak occurs in libgcrypt md_enable() in md.c. I
cannot figure out where exactly though. I CC the gcrypt-devel list for
more insight.

best regards,
Nikos

2009/10/12 tangtong <tang__tong@...>:

_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls

Hi,Nikos and Simon

To verify the issue, I have configured my server to run as signle thread mode. Under high TPS, the memory leak still happen in gnutls_handshake, which means the root-cause is not caused by multi-thread.

By more logs and analysis, I have the following findings:
Under high TPS, my server can't serve every session timely, which leads to the closure of the sockets by the clients for timeout reason. The write operation on the server side of the corresponding socket leads to broken pipe error. gnutls_handshake() reports GNUTLS_E_PUSH_ERROR, -53. As a result, the hand-shake stage of tls session is not finished successfully.

After repeated testing, It is evident when aborted tls session caused by error -53 are observed, the memory leak happen.

I have double check my codes, for these aborted session, I have called the gnutls_bye()/gnutls_deinit() function.

My assumption now is for those session which has unfinished hand-shake stage, the resourses are not released properly in gnutls_handshake() for some reason.

What's your opinion?

Regards
Tony

---

搜索本应是快乐的，不是么? 快乐搜索，有问必应！微软隆重推出! 立即试用！
_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls

(dropping libgcrypt-devel because this appears non-libgcrypt related
after all)

tangtong <tang__tong@...> writes:

> Hi,Nikos and Simon
>
> To verify the issue, I have configured my server to run as signle thread mode. Under high TPS, the memory leak still happen in gnutls_handshake, which means the root-cause is not caused by multi-thread.
>
> By more logs and analysis, I have the following findings:
> Under high TPS, my server can't serve every session timely, which leads to the closure of the sockets by the clients for timeout reason. The write operation on the server side of the corresponding socket leads to broken pipe error. gnutls_handshake() reports GNUTLS_E_PUSH_ERROR, -53. As a result, the hand-shake stage of tls session is not finished successfully.

Maybe that suggests a separate problem -- do you specify your own
push/pull functions?  Do they fail?

> After repeated testing, It is evident when aborted tls session caused by error -53 are observed, the memory leak happen.
>
> I have double check my codes, for these aborted session, I have called the gnutls_bye()/gnutls_deinit() function.
>
> My assumption now is for those session which has unfinished hand-shake stage, the resourses are not released properly in gnutls_handshake() for some reason.
>
> What's your opinion?

That seems plausible, we have only tried to fix memory leaks which we
have noticed.  Please provide a small standalone test code that
reproduce your problem, and it should be possible to fix it.  Look at
tests/mini.c, it may be useful as a starting point.

/Simon


_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls

tangtong wrote:
Could you for this (memory leak) scenario to send us debugging output of
gnutls? To do that just add a logging function such as:

static void
tls_log_func (int level, const char *str)
{
  fprintf (stderr, "|<%d>| %s", level, str);
}

and call those after initialization of gnutls.
  gnutls_global_set_log_function (tls_log_func);
  gnutls_global_set_log_level (2);


regards,
Nikos


_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls

Hi,Nikos

The attach is the log for 8tps/20tps, both have memory-leaks.

Regards
Tony

---

更多热辣资讯尽在新版MSN首页！ 立刻访问！


_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls

Hi,Nikos and Simon

I find out another condition for memory leaks beside -53 error is tls sessions's handshake process are interweaven together. If the hanshake of  tls sessions are finished before another session is launched,no memory leaks happen;
But if the handshake of tls sessions are interlaced and at the same time -53 error is observed, the memory leaks will happen. BTW, In my program, all tls session share the same credentials.

Regards
Tony

---

From: tang__tong@...
To: nmav@...
Date: Mon, 19 Oct 2009 03:11:07 +0000
CC: simon@...; help-gnutls@...
Subject: RE: Memory leaks are observed for libgnutls in multi-thread mode

Hi,Nikos

The attach is the log for 8tps/20tps, both have memory-leaks.

Regards
Tony

---

更多热辣资讯尽在新版MSN首页！ 立刻访问！

---

使用新一代 Windows Live Messenger 轻松交流和共享！ 立刻下载！
_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls

tangtong wrote:
> Hi,Nikos
>
> The attach is the log for 8tps/20tps, both have memory-leaks.

Hi Tony,
 Thank you for the report. I managed to reproduce the error by modifying
mini-egain to fail on handshake. Could you please try the attached
patch? It makes the hash functions used during handshake a bit more
conservative in use and are now always released on deinit.


best regards,
Nikos

diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c
index 0d8c5e1..5f2ed62 100644
--- a/lib/gnutls_cipher.c
+++ b/lib/gnutls_cipher.c
@@ -418,6 +418,10 @@ _gnutls_compressed2ciphertext (gnutls_session_t session,
   return length;
 }
 
+#define DEINIT_MAC(td, ver, algo) \
+          if (algo != GNUTLS_MAC_NULL) \
+            mac_deinit (&td, NULL, ver);
+
 /* Deciphers the ciphertext packet, and puts the result to compress_data, of compress_size.
  * Returns the actual compressed packet size.
  */
@@ -473,6 +477,9 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
    ciphertext.size)) < 0)
  {
   gnutls_assert ();
+  DEINIT_MAC(td, ver, session->security_parameters.write_mac_algorithm);
+
+
   return ret;
  }
 
@@ -483,6 +490,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
       if ((ciphertext.size < blocksize) || (ciphertext.size % blocksize != 0))
  {
   gnutls_assert ();
+  DEINIT_MAC(td, ver, session->security_parameters.write_mac_algorithm);
   return GNUTLS_E_DECRYPTION_FAILED;
  }
 
@@ -492,6 +500,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
    ciphertext.size)) < 0)
  {
   gnutls_assert ();
+  DEINIT_MAC(td, ver, session->security_parameters.write_mac_algorithm);
   return ret;
  }
 
@@ -505,6 +514,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
   if (ciphertext.size == 0)
     {
       gnutls_assert ();
+              DEINIT_MAC(td, ver, session->security_parameters.write_mac_algorithm);
       return GNUTLS_E_DECRYPTION_FAILED;
     }
  }
@@ -537,6 +547,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
       break;
     default:
       gnutls_assert ();
+      DEINIT_MAC(td, ver, session->security_parameters.write_mac_algorithm);
       return GNUTLS_E_INTERNAL_ERROR;
     }
 
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index 83dc54e..28443d1 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -69,7 +69,7 @@ int _gnutls_server_select_comp_method (gnutls_session_t session,
 
 /* Clears the handshake hash buffers and handles.
  */
-static void
+void
 _gnutls_handshake_hash_buffers_clear (gnutls_session_t session)
 {
   _gnutls_hash_deinit (&session->internals.handshake_mac_handle_md5, NULL);
@@ -223,7 +223,8 @@ _gnutls_finished (gnutls_session_t session, int type, void *ret)
   if (rc < 0)
     {
       gnutls_assert ();
-      _gnutls_hash_deinit (&td_md5, NULL);
+      if (!_gnutls_version_has_selectable_prf(ver))
+        _gnutls_hash_deinit (&td_md5, NULL);
       return rc;
     }
 
@@ -2197,6 +2198,7 @@ _gnutls_handshake_hash_init (gnutls_session_t session)
       if (ret < 0)
  {
   gnutls_assert ();
+  _gnutls_hash_deinit (&session->internals.handshake_mac_handle_md5, NULL);
   return GNUTLS_E_MEMORY_ERROR;
  }
 
diff --git a/lib/gnutls_handshake.h b/lib/gnutls_handshake.h
index f1b1bd6..2f484f5 100644
--- a/lib/gnutls_handshake.h
+++ b/lib/gnutls_handshake.h
@@ -55,6 +55,8 @@ int _gnutls_negotiate_version (gnutls_session_t session,
 int _gnutls_user_hello_func (gnutls_session_t session,
      gnutls_protocol_t adv_version);
 
+void _gnutls_handshake_hash_buffers_clear (gnutls_session_t session);
+
 #define STATE session->internals.handshake_state
 /* This returns true if we have got there
  * before (and not finished due to an interrupt).
diff --git a/lib/gnutls_hash_int.c b/lib/gnutls_hash_int.c
index e55ae54..c57e324 100644
--- a/lib/gnutls_hash_int.c
+++ b/lib/gnutls_hash_int.c
@@ -77,6 +77,7 @@ _gnutls_hash_init (digest_hd_st * dig, gnutls_digest_algorithm_t algorithm)
   gnutls_assert ();
   return GNUTLS_E_HASH_FAILED;
  }
+      dig->active = 1;
       return 0;
     }
 
@@ -89,6 +90,7 @@ _gnutls_hash_init (digest_hd_st * dig, gnutls_digest_algorithm_t algorithm)
       return result;
     }
 
+  dig->active = 1;
   return 0;
 }
 
@@ -119,9 +121,8 @@ _gnutls_hash_copy (digest_hd_st * dst, digest_hd_st * src)
 {
   int result;
 
+  memset(dst, 0, sizeof(*dst));
   dst->algorithm = src->algorithm;
-  dst->key = NULL; /* it's a hash anyway */
-  dst->keysize = 0;
   dst->registered = src->registered;
 
   if (src->registered)
@@ -165,7 +166,13 @@ _gnutls_hash_output (digest_hd_st * handle, void *digest)
 void
 _gnutls_hash_deinit (digest_hd_st * handle, void *digest)
 {
-  _gnutls_hash_output (handle, digest);
+  if (handle->active != 1)
+    return;
+
+  if (digest != NULL)
+    _gnutls_hash_output (handle, digest);
+
+  handle->active = 0;
 
   if (handle->registered && handle->hd.rh.ctx != NULL)
     {
@@ -269,6 +276,7 @@ _gnutls_hmac_init (digest_hd_st * dig, gnutls_mac_algorithm_t algorithm,
   return GNUTLS_E_HASH_FAILED;
  }
 
+      dig->active = 1;
       return 0;
     }
 
@@ -283,6 +291,7 @@ _gnutls_hmac_init (digest_hd_st * dig, gnutls_mac_algorithm_t algorithm,
 
   _gnutls_mac_ops.setkey (dig->hd.gc, key, keylen);
 
+  dig->active = 1;
   return 0;
 }
 
@@ -323,8 +332,13 @@ _gnutls_hmac_output (digest_hd_st * handle, void *digest)
 void
 _gnutls_hmac_deinit (digest_hd_st * handle, void *digest)
 {
-  _gnutls_hmac_output (handle, digest);
+  if (handle->active != 1)
+    return;
+
+  if (digest)
+    _gnutls_hmac_output (handle, digest);
 
+  handle->active = 0;
   if (handle->registered && handle->hd.rh.ctx != NULL)
     {
       handle->hd.rh.cc->deinit (handle->hd.rh.ctx);
@@ -398,6 +412,7 @@ _gnutls_mac_deinit_ssl3 (digest_hd_st * handle, void *digest)
   if (padsize == 0)
     {
       gnutls_assert ();
+      _gnutls_hash_deinit (handle, NULL);
       return;
     }
 
@@ -407,6 +422,7 @@ _gnutls_mac_deinit_ssl3 (digest_hd_st * handle, void *digest)
   if (rc < 0)
     {
       gnutls_assert ();
+      _gnutls_hash_deinit (handle, NULL);
       return;
     }
 
diff --git a/lib/gnutls_hash_int.h b/lib/gnutls_hash_int.h
index 8017d12..d915af5 100644
--- a/lib/gnutls_hash_int.h
+++ b/lib/gnutls_hash_int.h
@@ -52,6 +52,7 @@ typedef struct
   gnutls_mac_algorithm_t algorithm;
   const void *key;
   int keysize;
+  int active;
 } digest_hd_st;
 
 int _gnutls_hmac_init (digest_hd_st*, gnutls_mac_algorithm_t algorithm,
diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c
index fede2a0..6934aa1 100644
--- a/lib/gnutls_state.c
+++ b/lib/gnutls_state.c
@@ -201,6 +201,8 @@ deinit_internal_params (gnutls_session_t session)
   if (session->internals.params.free_rsa_params)
     gnutls_rsa_params_deinit (session->internals.params.rsa_params);
 
+  _gnutls_handshake_hash_buffers_clear(session);
+
   memset (&session->internals.params, 0, sizeof (session->internals.params));
 }
 

_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls

Hi,Nikos
After applying the patch, I get the following error during handshake:
error number:-18 dec:An error was encountered at the TLS Finished packet calculation.

My lib is based on git 2.9.4.

Regards
Tony

---

搜索本应是快乐的，不是么? 快乐搜索，有问必应！微软隆重推出! 立即试用！
_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls

tangtong wrote:
> Hi,Nikos
> After applying the patch, I get the following error during handshake:
> error number:-18 dec:An error was encountered at the TLS Finished packet calculation.
>
> My lib is based on git 2.9.4.

There is some issue with TLS1.2 hashes and handshake. Anyway the
attached patch should fix the issue you encounter.

The issue with TLS1.2 is that when a client that supports TLS1.2 tries
to connect to a server that doesn't support tls1.2 he will have SHA256
initiated instead of SHA1. I made a quick and dirty fix for it.

regards,
Nikos

diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c
index 0d8c5e1..5f2ed62 100644
--- a/lib/gnutls_cipher.c
+++ b/lib/gnutls_cipher.c
@@ -418,6 +418,10 @@ _gnutls_compressed2ciphertext (gnutls_session_t session,
   return length;
 }
 
+#define DEINIT_MAC(td, ver, algo) \
+          if (algo != GNUTLS_MAC_NULL) \
+            mac_deinit (&td, NULL, ver);
+
 /* Deciphers the ciphertext packet, and puts the result to compress_data, of compress_size.
  * Returns the actual compressed packet size.
  */
@@ -473,6 +477,9 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
    ciphertext.size)) < 0)
  {
   gnutls_assert ();
+  DEINIT_MAC(td, ver, session->security_parameters.write_mac_algorithm);
+
+
   return ret;
  }
 
@@ -483,6 +490,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
       if ((ciphertext.size < blocksize) || (ciphertext.size % blocksize != 0))
  {
   gnutls_assert ();
+  DEINIT_MAC(td, ver, session->security_parameters.write_mac_algorithm);
   return GNUTLS_E_DECRYPTION_FAILED;
  }
 
@@ -492,6 +500,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
    ciphertext.size)) < 0)
  {
   gnutls_assert ();
+  DEINIT_MAC(td, ver, session->security_parameters.write_mac_algorithm);
   return ret;
  }
 
@@ -505,6 +514,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
   if (ciphertext.size == 0)
     {
       gnutls_assert ();
+              DEINIT_MAC(td, ver, session->security_parameters.write_mac_algorithm);
       return GNUTLS_E_DECRYPTION_FAILED;
     }
  }
@@ -537,6 +547,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
       break;
     default:
       gnutls_assert ();
+      DEINIT_MAC(td, ver, session->security_parameters.write_mac_algorithm);
       return GNUTLS_E_INTERNAL_ERROR;
     }
 
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index 83dc54e..742330d 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -69,11 +69,12 @@ int _gnutls_server_select_comp_method (gnutls_session_t session,
 
 /* Clears the handshake hash buffers and handles.
  */
-static void
+void
 _gnutls_handshake_hash_buffers_clear (gnutls_session_t session)
 {
   _gnutls_hash_deinit (&session->internals.handshake_mac_handle_md5, NULL);
   _gnutls_hash_deinit (&session->internals.handshake_mac_handle_sha, NULL);
+  _gnutls_hash_deinit (&session->internals.handshake_mac_handle, NULL);
   session->internals.handshake_mac_handle_init = 0;
   _gnutls_handshake_buffer_clear (session);
 }
@@ -198,7 +199,7 @@ static int
 _gnutls_finished (gnutls_session_t session, int type, void *ret)
 {
   const int siz = TLS_MSG_LEN;
-  opaque concat[36];
+  opaque concat[MAX_HASH_SIZE+16/*MD5*/];
   size_t len;
   const char *mesg;
   digest_hd_st td_md5;
@@ -216,29 +217,35 @@ _gnutls_finished (gnutls_session_t session, int type, void *ret)
   gnutls_assert ();
   return rc;
  }
-    }
 
-  rc =
-    _gnutls_hash_copy (&td_sha, &session->internals.handshake_mac_handle_sha);
-  if (rc < 0)
-    {
-      gnutls_assert ();
-      _gnutls_hash_deinit (&td_md5, NULL);
-      return rc;
-    }
+      rc =
+        _gnutls_hash_copy (&td_sha, &session->internals.handshake_mac_handle_sha);
+      if (rc < 0)
+        {
+          gnutls_assert ();
+          _gnutls_hash_deinit (&td_md5, NULL);
+          return rc;
+        }
 
-  if (!_gnutls_version_has_selectable_prf(ver))
-    {
-      _gnutls_hash_deinit (&td_md5, concat);
-      _gnutls_hash_deinit (&td_sha, &concat[16]);
-      len = 20 + 16;
+        _gnutls_hash_deinit (&td_md5, concat);
+        _gnutls_hash_deinit (&td_sha, &concat[16]);
+        len = 20 + 16;
     }
   else
     {
-      _gnutls_hash_deinit (&td_sha, concat);
-      len = _gnutls_hash_get_algo_len (td_sha.algorithm);
+      rc =
+        _gnutls_hash_copy (&td_sha, &session->internals.handshake_mac_handle);
+      if (rc < 0)
+        {
+          gnutls_assert ();
+          return rc;
+        }
+
+        _gnutls_hash_deinit (&td_sha, concat);
+        len = _gnutls_hash_get_algo_len (td_sha.algorithm);
     }
 
+
   if (type == GNUTLS_SERVER)
     {
       mesg = SERVER_MSG;
@@ -534,8 +541,12 @@ _gnutls_handshake_hash_pending (gnutls_session_t session)
 
   if (siz > 0)
     {
+      /* FIXME: we do not need MD5 and SHA if we are _gnutls_version_has_selectable_prf(ver) and
+       * this is _not_ the first client hello message */
       _gnutls_hash (&session->internals.handshake_mac_handle_sha, data, siz);
       _gnutls_hash (&session->internals.handshake_mac_handle_md5, data, siz);
+      if (session->internals.handshake_mac_handle.algorithm != 0)
+        _gnutls_hash (&session->internals.handshake_mac_handle, data, siz);
     }
 
   _gnutls_handshake_buffer_empty (session);
@@ -923,10 +934,15 @@ _gnutls_handshake_hash_add_sent (gnutls_session_t session,
 
   if (type != GNUTLS_HANDSHAKE_HELLO_REQUEST)
     {
+      /* FIXME: we do not need MD5 and SHA if we are _gnutls_version_has_selectable_prf(ver) and
+       * this is _not_ the first client hello message */
       _gnutls_hash (&session->internals.handshake_mac_handle_sha, dataptr,
     datalen);
       _gnutls_hash (&session->internals.handshake_mac_handle_md5, dataptr,
     datalen);
+      if (session->internals.handshake_mac_handle.algorithm != 0)
+          _gnutls_hash (&session->internals.handshake_mac_handle, dataptr,
+    datalen);
     }
 
   return 0;
@@ -2171,8 +2187,7 @@ inline static int
 _gnutls_handshake_hash_init (gnutls_session_t session)
 {
   gnutls_protocol_t ver = gnutls_protocol_get_version (session);
-  gnutls_digest_algorithm_t hash_algo = GNUTLS_MAC_SHA1;
-
+  
   if (session->internals.handshake_mac_handle_init == 0)
     {
       int ret =
@@ -2185,21 +2200,35 @@ _gnutls_handshake_hash_init (gnutls_session_t session)
   return ret;
  }
 
-      /* The algorithm to compute hash over handshake messages must be
- same as the one used as the basis for PRF.  By now we use
- SHA256. */
-      if (_gnutls_version_has_selectable_prf (ver))
-       hash_algo = GNUTLS_MAC_SHA256;
-
       ret =
  _gnutls_hash_init (&session->internals.handshake_mac_handle_sha,
-   hash_algo);
+   GNUTLS_MAC_SHA1);
       if (ret < 0)
  {
   gnutls_assert ();
+  _gnutls_hash_deinit (&session->internals.handshake_mac_handle_md5, NULL);
   return GNUTLS_E_MEMORY_ERROR;
  }
 
+      /* The algorithm to compute hash over handshake messages must be
+ same as the one used as the basis for PRF.  By now we use
+ SHA256. */
+      if (_gnutls_version_has_selectable_prf (ver))
+        {
+          gnutls_digest_algorithm_t hash_algo = GNUTLS_MAC_SHA256;
+
+          ret =
+           _gnutls_hash_init (&session->internals.handshake_mac_handle,
+   hash_algo);
+           if (ret < 0)
+     {
+       gnutls_assert ();
+       _gnutls_hash_deinit (&session->internals.handshake_mac_handle_md5, NULL);
+       _gnutls_hash_deinit (&session->internals.handshake_mac_handle_sha, NULL);
+       return GNUTLS_E_MEMORY_ERROR;
+       }
+        }
+
       session->internals.handshake_mac_handle_init = 1;
     }
 
diff --git a/lib/gnutls_handshake.h b/lib/gnutls_handshake.h
index f1b1bd6..2f484f5 100644
--- a/lib/gnutls_handshake.h
+++ b/lib/gnutls_handshake.h
@@ -55,6 +55,8 @@ int _gnutls_negotiate_version (gnutls_session_t session,
 int _gnutls_user_hello_func (gnutls_session_t session,
      gnutls_protocol_t adv_version);
 
+void _gnutls_handshake_hash_buffers_clear (gnutls_session_t session);
+
 #define STATE session->internals.handshake_state
 /* This returns true if we have got there
  * before (and not finished due to an interrupt).
diff --git a/lib/gnutls_hash_int.c b/lib/gnutls_hash_int.c
index e55ae54..5e5b2aa 100644
--- a/lib/gnutls_hash_int.c
+++ b/lib/gnutls_hash_int.c
@@ -77,6 +77,7 @@ _gnutls_hash_init (digest_hd_st * dig, gnutls_digest_algorithm_t algorithm)
   gnutls_assert ();
   return GNUTLS_E_HASH_FAILED;
  }
+      dig->active = 1;
       return 0;
     }
 
@@ -89,6 +90,7 @@ _gnutls_hash_init (digest_hd_st * dig, gnutls_digest_algorithm_t algorithm)
       return result;
     }
 
+  dig->active = 1;
   return 0;
 }
 
@@ -119,10 +121,10 @@ _gnutls_hash_copy (digest_hd_st * dst, digest_hd_st * src)
 {
   int result;
 
+  memset(dst, 0, sizeof(*dst));
   dst->algorithm = src->algorithm;
-  dst->key = NULL; /* it's a hash anyway */
-  dst->keysize = 0;
   dst->registered = src->registered;
+  dst->active = 1;
 
   if (src->registered)
     {
@@ -165,7 +167,14 @@ _gnutls_hash_output (digest_hd_st * handle, void *digest)
 void
 _gnutls_hash_deinit (digest_hd_st * handle, void *digest)
 {
-  _gnutls_hash_output (handle, digest);
+  if (handle->active != 1) {
+    return;
+  }
+
+  if (digest != NULL)
+    _gnutls_hash_output (handle, digest);
+
+  handle->active = 0;
 
   if (handle->registered && handle->hd.rh.ctx != NULL)
     {
@@ -269,6 +278,7 @@ _gnutls_hmac_init (digest_hd_st * dig, gnutls_mac_algorithm_t algorithm,
   return GNUTLS_E_HASH_FAILED;
  }
 
+      dig->active = 1;
       return 0;
     }
 
@@ -283,6 +293,7 @@ _gnutls_hmac_init (digest_hd_st * dig, gnutls_mac_algorithm_t algorithm,
 
   _gnutls_mac_ops.setkey (dig->hd.gc, key, keylen);
 
+  dig->active = 1;
   return 0;
 }
 
@@ -323,8 +334,14 @@ _gnutls_hmac_output (digest_hd_st * handle, void *digest)
 void
 _gnutls_hmac_deinit (digest_hd_st * handle, void *digest)
 {
-  _gnutls_hmac_output (handle, digest);
+  if (handle->active != 1) {
+    return;
+  }
+
+  if (digest)
+    _gnutls_hmac_output (handle, digest);
 
+  handle->active = 0;
   if (handle->registered && handle->hd.rh.ctx != NULL)
     {
       handle->hd.rh.cc->deinit (handle->hd.rh.ctx);
@@ -398,6 +415,7 @@ _gnutls_mac_deinit_ssl3 (digest_hd_st * handle, void *digest)
   if (padsize == 0)
     {
       gnutls_assert ();
+      _gnutls_hash_deinit (handle, NULL);
       return;
     }
 
@@ -407,6 +425,7 @@ _gnutls_mac_deinit_ssl3 (digest_hd_st * handle, void *digest)
   if (rc < 0)
     {
       gnutls_assert ();
+      _gnutls_hash_deinit (handle, NULL);
       return;
     }
 
diff --git a/lib/gnutls_hash_int.h b/lib/gnutls_hash_int.h
index 8017d12..d915af5 100644
--- a/lib/gnutls_hash_int.h
+++ b/lib/gnutls_hash_int.h
@@ -52,6 +52,7 @@ typedef struct
   gnutls_mac_algorithm_t algorithm;
   const void *key;
   int keysize;
+  int active;
 } digest_hd_st;
 
 int _gnutls_hmac_init (digest_hd_st*, gnutls_mac_algorithm_t algorithm,
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 100ad37..fe5301c 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -475,6 +475,7 @@ typedef struct
  * message */
   digest_hd_st handshake_mac_handle_sha; /* hash of the handshake messages */
   digest_hd_st handshake_mac_handle_md5; /* hash of the handshake messages */
+  digest_hd_st handshake_mac_handle; /* hash of the handshake messages for TLS 1.2+ */
   int handshake_mac_handle_init; /* 1 when the previous two were initialized */
 
   gnutls_buffer handshake_data_buffer; /* this is a buffer that holds the current handshake message */
diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c
index fede2a0..cd08f44 100644
--- a/lib/gnutls_state.c
+++ b/lib/gnutls_state.c
@@ -201,6 +201,8 @@ deinit_internal_params (gnutls_session_t session)
   if (session->internals.params.free_rsa_params)
     gnutls_rsa_params_deinit (session->internals.params.rsa_params);
 
+  _gnutls_handshake_hash_buffers_clear(session);
+
   memset (&session->internals.params, 0, sizeof (session->internals.params));
 }
 
@@ -208,8 +210,8 @@ deinit_internal_params (gnutls_session_t session)
  * structure within the session, which depend on the current handshake.
  * This is used to allow further handshakes.
  */
-void
-_gnutls_handshake_internal_state_clear (gnutls_session_t session)
+static void
+_gnutls_handshake_internal_state_init (gnutls_session_t session)
 {
   session->internals.extensions_sent_size = 0;
 
@@ -231,6 +233,13 @@ _gnutls_handshake_internal_state_clear (gnutls_session_t session)
   session->internals.last_handshake_out = -1;
 
   session->internals.resumable = RESUME_TRUE;
+}
+
+void
+_gnutls_handshake_internal_state_clear (gnutls_session_t session)
+{
+  _gnutls_handshake_internal_state_init(session);
+
   _gnutls_free_datum (&session->internals.recv_buffer);
 
   deinit_internal_params (session);
@@ -336,7 +345,7 @@ gnutls_init (gnutls_session_t * session, gnutls_connection_end_t con_end)
    * as NULL or 0. This is why calloc is used.
    */
 
-  _gnutls_handshake_internal_state_clear (*session);
+  _gnutls_handshake_internal_state_init (*session);
 
   return 0;
 }

_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls

Hi,Nikos
I have rebuilt the lib with your patch, do the following tests:

1)Setting the client working with tls1.0, and run the testing with high TPS, the memory leaks are not observed anymore.


2)The patch doesn't support "NONE:+VERS-TLS1.2:+AES-256-CBC:+RSA:+SHA256:+COMP-NULL", I think your patch disable the tls1.2 support, it will core with the following dump info:
 fe9a2bb8 _gcry_md_copy (ffbff33c, 0, 0, febc6ed0, 14f8, fed3805c) + 4
 feca8dfc _gnutls_hash_copy (ffbff338, 365c4, 0, 0, 0, 0) + 80
 fec9e0fc _gnutls_finished (36180, 2, ffbff440, 1, 6, 0) + 84
 fec9edc0 _gnutls_send_handshake_final (0, 0, 0, e, e, 4) + 128
 feca2548 _gnutls_handshake_common (36180, 0, 10, 4, ffffffe0, ffbff551) + 30
 feca382c gnutls_handshake (0, 4, 32fc8, 8e8, 17ac, ffbff5c4) + 60
 000119bc main     (1, ffbffa54, ffbffa5c, 22508, 0, 0) + 118
 000112c8 _start   (0, 0, 0, 0, 0, 0) + 5c

The memory leak issues have been resolved, Thanks very much！Would you please do me a favor to provide a patch wich support TLS1.2/SHA256? My pilot project needs it .

BTW, Is there any plan for the stable release of gnutls which support TLS1.2/SHA256?

Regards
Tony

---

聊天+搜索+邮箱 想要轻松出游,手机MSN帮你搞定! 立刻下载！
_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls

tangtong wrote:
> Hi,Nikos

Can you send me information on how I can reproduce this issue? I can use
./gnutls-cli tls.secg.org --priority
"NONE:+VERS-TLS1.2:+AES-128-CBC:+RSA:+DHE-DSS:+SHA256:+COMP-NULL" to
connect using TLS1.2 without any issues.

regards,
Nikos


_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls

Hi,Nikos

The gnutls-cli built by me will core when I enable TLS1.2. I think the code base I use is a little diffent from what you are using. The following is my steps to setup the build enviorment:
1)Download a gnutls releaes package 2.8.3 and decompress it;
2)Download 2.9.4 snap shot and uncompress it to the directory created in the step 1);
3)Run patch you provide.

Seems only snapshot of 2.9.4 is not the whole build env, that's why i decompress it to a build enviorment of 2.8.3.

Regards
Tony

---

全新 Windows 7：寻找最适合您的 PC。 了解详情。
_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls

Thanks. However in order to reproduce it I need to know to which
server you connect to and which options does this server use?

2009/10/23 tangtong <tang__tong@...>:

_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls

Hi,Nikos
 
The server is implemented by myself with gnutls2.9.4 and your patch. To make investigation easy, I will build a simplified server based on gnutls demo server codes and let you know the results later.
 
 
Regards
Tony

 

---

Messenger保护盾2.0，更安全可靠的Messenger聊天！ 现在就下载！
_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls

tangtong wrote:
> Hi,Nikos
>
>  
>
> The server is implemented by myself with gnutls2.9.4 and your patch. To make investigation easy, I will build a simplified server based on gnutls demo server codes and let you know the results later.

Please also try gnutls from the git repository directly:
git://git.sv.gnu.org/gnutls.git

regards,
Nikos


_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls

Hi,Nikos
I have reproduced the core dump with the server/client in the attach. If not using the memory-leak patch, the core will not happen.

Regards
Tony

---

From: tang__tong@...
To: nmav@...
Date: Fri, 23 Oct 2009 14:28:50 +0000
CC: simon@...; help-gnutls@...
Subject: RE: Memory leaks are observed for libgnutls in multi-thread mode

Hi,Nikos
 
The server is implemented by myself with gnutls2.9.4 and your patch. To make investigation easy, I will build a simplified server based on gnutls demo server codes and let you know the results later.
 
 
Regards
Tony

 

---

Messenger保护盾2.0，更安全可靠的Messenger聊天！ 现在就下载！

---

Messenger保护盾2.0，更安全可靠的Messenger聊天！ 现在就下载！
// demo0.cpp : Defines the entry point for the console application.
//

#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <unistd.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <stdexcept>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <inttypes.h>
#include <fcntl.h>
#include <errno.h>
#include <poll.h>
#include <string.h>
#include <unistd.h>
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
#include <gcrypt.h>

#define SA struct sockaddr
#define SOCKET_ERR(err,s) if(err==-1) {perror(s);return(1);}
#define MAX_BUF 1024
#define PORT 5556


void DisplayError();


#define CERT_FILE "ttcert.pem"
#define KEY_FILE "ttkey.pem"
#define CAFILE "ca.pem"


gnutls_certificate_credentials_t x509_cred;
gnutls_x509_crt_t crt;
gnutls_x509_privkey_t key;

static gnutls_datum_t load_file (const char *file)
{
FILE *f;
gnutls_datum_t loaded_file = { NULL, 0 };
long filelen;
void *ptr;
if (!(f = fopen (file, "r"))
|| fseek (f, 0, SEEK_END) != 0
|| (filelen = ftell (f)) < 0
|| fseek (f, 0, SEEK_SET) != 0
|| !(ptr = malloc ((size_t) filelen))
|| fread (ptr, 1, (size_t) filelen, f) < (size_t) filelen)
{
return loaded_file;
}
loaded_file.data = (unsigned char*)ptr;
loaded_file.size = (unsigned int) filelen;
return loaded_file;
}
static void
unload_file (gnutls_datum_t data)
{
free (data.data);
}

static void load_keys()
{
int ret;
gnutls_datum_t data;
data = load_file (CERT_FILE);
if (data.data == NULL)
{
fprintf (stderr, "*** Error loading cert file.\n");
return;
}
gnutls_x509_crt_init (&crt);
ret = gnutls_x509_crt_import (crt, &data, GNUTLS_X509_FMT_PEM);
if (ret < 0)
{
fprintf (stderr, "*** Error loading key file: %s\n",
gnutls_strerror (ret));
return;
}
unload_file (data);
data = load_file (KEY_FILE);
if (data.data == NULL)
{
fprintf (stderr, "*** Error loading key file.\n");
return;
}
gnutls_x509_privkey_init (&key);
/*ret = gnutls_x509_privkey_import (key, &data, GNUTLS_X509_FMT_PEM);
if (ret < 0)
{
fprintf (stderr, "*** Error loading key file: %s\n",
gnutls_strerror (ret));
}*/
ret =gnutls_x509_privkey_import_pkcs8(key,&data,GNUTLS_X509_FMT_PEM,"moto",0);
if (ret < 0)
{
fprintf (stderr, "*** Error loading key file: %s\n",
gnutls_strerror (ret));
}

unload_file (data);
}
gnutls_datum_t cacheItem;
int db_store_func(void *, gnutls_datum_t key,
                                       gnutls_datum_t data)
{
  cacheItem.size = data.size;
  cacheItem.data = (unsigned char*)malloc ((size_t) data.size);
  memcpy(cacheItem.data,data.data,data.size);
  return 0;
}

gnutls_datum_t db_retr_func(void *, gnutls_datum_t key)
{
  gnutls_datum_t result = { NULL, 0 };
  result = cacheItem;
  return cacheItem;
}
int db_remove_func(void *, gnutls_datum_t key)
{
  return 0;
}

ssize_t pullFunc(gnutls_transport_ptr_t sock, void* buffer ,size_t size)
{
  int ret = read((int)sock, (char*)buffer, size);
  return ret;  
}
ssize_t pushFunc(gnutls_transport_ptr_t sock,const void* buffer, size_t size)
{
  int ret = write((int)sock, (char*)buffer, size);
  return ret;  
}


                               
gnutls_priority_t priority_cache;
static gnutls_session_t initialize_tls_session (void)
{
gnutls_session_t session;
gnutls_init (&session, GNUTLS_SERVER);
gnutls_priority_set (session, priority_cache);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, x509_cred);
// gnutls_db_set_store_function(session,db_store_func);
// gnutls_db_set_retrieve_function(session,db_retr_func);
// gnutls_db_set_remove_function(session,db_remove_func);


/* request client certificate if any.
*/
//gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST);
/* Set maximum compatibility mode. This is only suggested on public webservers
* that need to trade security for compatibility
*/
//gnutls_session_enable_compatibility_mode (session);

gnutls_transport_set_pull_function(session,pullFunc);
gnutls_transport_set_push_function(session,pushFunc);
return session;
}

void print_info (gnutls_session_t session)
{
const char *tmp;
gnutls_credentials_type_t cred;
gnutls_kx_algorithm_t kx;
/* print the key exchange¡¯s algorithm name
*/
kx = gnutls_kx_get (session);
tmp = gnutls_kx_get_name (kx);
printf ("- Key Exchange: %s\n", tmp);
/* Check the authentication type used and switch
* to the appropriate.
*/
cred = gnutls_auth_get_type (session);
switch (cred)
{
case GNUTLS_CRD_IA:
printf ("- TLS/IA session\n");
break;
#ifdef ENABLE_SRP
case GNUTLS_CRD_SRP:
printf ("- SRP session with username %s\n",
gnutls_srp_server_get_username (session));
break;
#endif
case GNUTLS_CRD_PSK:
/* This returns NULL in server side.
*/
if (gnutls_psk_client_get_hint (session) != NULL)
printf ("- PSK authentication. PSK hint ¡¯%s¡¯\n",
gnutls_psk_client_get_hint (session));
/* This returns NULL in client side.
*/
if (gnutls_psk_server_get_username (session) != NULL)
printf ("- PSK authentication. Connected as ¡¯%s¡¯\n",
gnutls_psk_server_get_username (session));
break;
case GNUTLS_CRD_ANON: /* anonymous authentication */
printf ("- Anonymous DH using prime of %d bits\n",
gnutls_dh_get_prime_bits (session));
break;
case GNUTLS_CRD_CERTIFICATE: /* certificate authentication */
/* Check if we have been using ephemeral Diffie-Hellman.
*/
if (kx == GNUTLS_KX_DHE_RSA || kx == GNUTLS_KX_DHE_DSS)
{
printf ("\n- Ephemeral DH using prime of %d bits\n",
gnutls_dh_get_prime_bits (session));
}
/* if the certificate list is available, then
* print some information about it.
*/
//print_x509_certificate_info (session);
} /* switch */
/* print the protocol¡¯s name (ie TLS 1.0)
*/
tmp = gnutls_protocol_get_name (gnutls_protocol_get_version (session));
printf ("- Protocol: %s\n", tmp);
/* print the certificate type of the peer.
* ie X.509
*/
tmp =
gnutls_certificate_type_get_name (gnutls_certificate_type_get (session));
printf ("- Certificate Type: %s\n", tmp);
/* print the compression algorithm (if any)
*/
tmp = gnutls_compression_get_name (gnutls_compression_get (session));
printf ("- Compression: %s\n", tmp);
/* print the name of the cipher used.
* ie 3DES.
*/
tmp = gnutls_cipher_get_name (gnutls_cipher_get (session));
printf ("- Cipher: %s\n", tmp);
/* Print the MAC algorithms name.
* ie SHA1
*/
tmp = gnutls_mac_get_name (gnutls_mac_get (session));
printf ("- MAC: %s\n", tmp);
return;
}

int main(int argc, char* argv[])
{
        int err, listen_sd;
        int sd, ret;
        struct sockaddr_in sa_serv;
        struct sockaddr_in sa_cli;
        int client_len;
        char topbuf[512];
        char buffer[MAX_BUF + 1];
        int optval = 1;
        gnutls_session_t session;
        struct pollfd client;
        bool handshake;

        gnutls_global_init ();
       
       
        gnutls_certificate_allocate_credentials (&x509_cred);
        load_keys();
        ret = gnutls_certificate_set_x509_key(x509_cred,&crt,1,key);
       
        gnutls_priority_init (&priority_cache, "NORMAL:+VERS-TLS1.2", NULL);
       
        if(ret <0)
        {
           fprintf (stderr, "*** Error loading key file: %s\n",
           gnutls_strerror (ret));
        }
        /* Socket operations
        */
        listen_sd = socket (AF_INET, SOCK_STREAM, 0);
        SOCKET_ERR (listen_sd, "socket");
        memset (&sa_serv,0 , sizeof (sa_serv));
        sa_serv.sin_family = AF_INET;
        sa_serv.sin_addr.s_addr = INADDR_ANY;
        sa_serv.sin_port = htons (PORT); /* Server Port number */
        setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof (int));
        err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
        SOCKET_ERR (err, "bind");
        err = listen (listen_sd, 1024);
        SOCKET_ERR (err, "listen");
        printf ("Server ready. Listening to port %d.\n\n", PORT);
        client_len = sizeof (sa_cli);
        while(1)
        {
                char* t = new char[100];
                session = initialize_tls_session ();
                handshake = true;
                //gnutls_transport_set_pull_function(session,pullFunc);
                sd = accept (listen_sd, (SA *)& sa_cli, (socklen_t*)&client_len);
                printf ("- connection from %s, port %d\n",
                inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf,sizeof (topbuf)), ntohs (sa_cli.sin_port));
                gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd);
                //int flags = fcntl(sd, F_GETFL, 0);
                //fcntl(sd, F_SETFL, flags | O_NONBLOCK);
                client.fd = sd;
                client.events = POLLRDNORM;

                while(1)
                {
                  ret = poll(&client,1,-1);
                  if(ret > 0)
                  {
                    if(handshake)
                    {
                        ret = gnutls_handshake (session);
                        if (ret < 0 && gnutls_error_is_fatal (ret))
                        {
                                fprintf (stderr, "*** Handshake has failed (%s)\n\n",gnutls_strerror (ret));
                                break;
                    }
                    else if(ret <0)
                    {
                     printf("non-fatal error(%s), go on...\n",gnutls_strerror (ret));
                    }
                    else
                    {
                     printf ("- Handshake was completed\n");
                     print_info(session);
                     handshake = false;
                    }
                     }
                     else
                     {
                        memset (buffer, 0, MAX_BUF + 1);
                        ret = gnutls_record_recv (session, buffer, MAX_BUF);
                        if (ret == 0)
                        {
                                printf ("\n- Peer has closed the GNUTLS connection\n");
                                break;
                        }
                        else if (ret < 0)
                        {
                                fprintf (stderr, "\n*** Received corrupted data(%d). Closing the connection.\n", ret);
                                break;
                        }
                        else if (ret > 0)
                        {
  printf("data received, %d %s\n",ret,buffer);
  gnutls_record_send (session, buffer, strlen (buffer));
  }
                         
                     }  
                   }
                   else
                   {
                    printf("Socket abnormal situation...\n");
                   }
                }
            printf("close session and socket\n");
                gnutls_bye (session, GNUTLS_SHUT_RDWR);
                close(sd);
                gnutls_deinit (session);
        }
        close(listen_sd);
        gnutls_certificate_free_credentials(x509_cred);
        gnutls_priority_deinit(priority_cache);
        gnutls_global_deinit();
        printf("end of test!\n");
        while(1)
        {
           sleep(10);
        }
        return 0;
}




// demo0.cpp : Defines the entry point for the console application.
//

#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <unistd.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <stdexcept>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <inttypes.h>
#include <fcntl.h>
#include <errno.h>
#include <poll.h>
#include <string.h>
#include <unistd.h>
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
#include <gcrypt.h>

#define SA struct sockaddr
#define SOCKET_ERR(err,s) if(err==-1) {perror(s);return(1);}
#define MAX_BUF 1024
#define SERVER "200.61.250.16"
#define PORT 5556
#define MSG "GET / HTTP/1.0\r\n\r\n"

void DisplayError();


#define CAFILE "ttcert.pem"


gnutls_certificate_credentials_t x509_cred;
gnutls_x509_crt_t crt;
gnutls_x509_privkey_t key;

int buildClientSocket(const char* szIpAddress_,int nPort_)
{
    struct sockaddr_in sin;
    int addr;

    memset(&sin, 0, sizeof(sin));    

    sin.sin_family = AF_INET;    
        addr = inet_addr(szIpAddress_);
        if (addr == -1 )    
        {    
            return -1;//invalid ip address
        }        
        else        
        {        
            sin.sin_addr.s_addr = addr;        
        }            
   
    sin.sin_port = htons((u_short)nPort_);

        int fd = socket(AF_INET, SOCK_STREAM, 0);  
        if (fd < 0) {
        return -1;
    }

    /* Connect the socket to other module*/
        if (connect(fd, (struct sockaddr *)&sin, sizeof(sin)) < 0) {
                close(fd);
                return -1;
    }
  return fd;
}


gnutls_priority_t priority_cache;
static gnutls_session_t initialize_tls_session (void)
{
gnutls_session_t session;
gnutls_init (&session, GNUTLS_SERVER);
gnutls_priority_set (session, priority_cache);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, x509_cred);
/* request client certificate if any.
*/
gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST);
/* Set maximum compatibility mode. This is only suggested on public webservers
* that need to trade security for compatibility
*/
gnutls_session_enable_compatibility_mode (session);
return session;
}

void print_info (gnutls_session_t session)
{
const char *tmp;
gnutls_credentials_type_t cred;
gnutls_kx_algorithm_t kx;
/* print the key exchange¡¯s algorithm name
*/
kx = gnutls_kx_get (session);
tmp = gnutls_kx_get_name (kx);
printf ("- Key Exchange: %s\n", tmp);
/* Check the authentication type used and switch
* to the appropriate.
*/
cred = gnutls_auth_get_type (session);
switch (cred)
{
case GNUTLS_CRD_IA:
printf ("- TLS/IA session\n");
break;
#ifdef ENABLE_SRP
case GNUTLS_CRD_SRP:
printf ("- SRP session with username %s\n",
gnutls_srp_server_get_username (session));
break;
#endif
case GNUTLS_CRD_PSK:
/* This returns NULL in server side.
*/
if (gnutls_psk_client_get_hint (session) != NULL)
printf ("- PSK authentication. PSK hint ¡¯%s¡¯\n",
gnutls_psk_client_get_hint (session));
/* This returns NULL in client side.
*/
if (gnutls_psk_server_get_username (session) != NULL)
printf ("- PSK authentication. Connected as ¡¯%s¡¯\n",
gnutls_psk_server_get_username (session));
break;
case GNUTLS_CRD_ANON: /* anonymous authentication */
printf ("- Anonymous DH using prime of %d bits\n",
gnutls_dh_get_prime_bits (session));
break;
case GNUTLS_CRD_CERTIFICATE: /* certificate authentication */
/* Check if we have been using ephemeral Diffie-Hellman.
*/
if (kx == GNUTLS_KX_DHE_RSA || kx == GNUTLS_KX_DHE_DSS)
{
printf ("\n- Ephemeral DH using prime of %d bits\n",
gnutls_dh_get_prime_bits (session));
}
/* if the certificate list is available, then
* print some information about it.
*/
//print_x509_certificate_info (session);
} /* switch */
/* print the protocol¡¯s name (ie TLS 1.0)
*/
tmp = gnutls_protocol_get_name (gnutls_protocol_get_version (session));
printf ("- Protocol: %s\n", tmp);
/* print the certificate type of the peer.
* ie X.509
*/
tmp =
gnutls_certificate_type_get_name (gnutls_certificate_type_get (session));
printf ("- Certificate Type: %s\n", tmp);
/* print the compression algorithm (if any)
*/
tmp = gnutls_compression_get_name (gnutls_compression_get (session));
printf ("- Compression: %s\n", tmp);
/* print the name of the cipher used.
* ie 3DES.
*/
tmp = gnutls_cipher_get_name (gnutls_cipher_get (session));
printf ("- Cipher: %s\n", tmp);
/* Print the MAC algorithms name.
* ie SHA1
*/
tmp = gnutls_mac_get_name (gnutls_mac_get (session));
printf ("- MAC: %s\n", tmp);
return;
}


int main(int argc, char* argv[])
{
        int ret, sd, ii;
        gnutls_session_t session;
        char buffer[MAX_BUF + 1];
        const char *err;
        gnutls_certificate_credentials_t xcred;
       
        gnutls_global_init ();
       
        gnutls_certificate_allocate_credentials (&xcred);
        gnutls_certificate_set_x509_trust_file (xcred, CAFILE, GNUTLS_X509_FMT_PEM);

    for(int i=0;i<1;i++)
    {
        gnutls_init (&session, GNUTLS_CLIENT);
       
        ret = gnutls_priority_set_direct (session, "NONE:+VERS-TLS1.2:+AES-256-CBC:+RSA:+SHA256:+COMP-NULL", &err);
        //ret = gnutls_priority_set_direct (session, "NORMAL", &err);
        if (ret < 0)
        {
                if (ret == GNUTLS_E_INVALID_REQUEST)
                {
                        fprintf (stderr, "Syntax error at: %s\n", err);
                }
                exit (1);
        }
        gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
        sd = buildClientSocket(SERVER,PORT);
        gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd);
        ret = gnutls_handshake (session);
        if (ret < 0)
        {
                fprintf (stderr, "*** Handshake failed\n");
                gnutls_perror (ret);
                goto end;
        }
        else
        {
                printf ("- Handshake was completed\n");
                print_info(session);
        }
        gnutls_record_send (session, MSG, strlen (MSG));
        ret = gnutls_record_recv (session, buffer, MAX_BUF);
        if (ret == 0)
        {
                printf ("- Peer has closed the TLS connection\n");
                goto end;
        }
        else if (ret < 0)
        {
                fprintf (stderr, "*** Error: %s\n", gnutls_strerror (ret));
                goto end;
        }
        printf ("- Received %d bytes: ",ret);
        for (ii = 0; ii < ret; ii++)
        {
                fputc (buffer[ii], stdout);
        }
        gnutls_bye (session, GNUTLS_SHUT_RDWR);
end:
        close(sd);
        gnutls_deinit (session);
     }
     printf("end of test!\n");
     gnutls_certificate_free_credentials (xcred);
     gnutls_global_deinit ();
     return 0;
}


_______________________________________________
Help-gnutls mailing list
Help-gnutls@...
http://lists.gnu.org/mailman/listinfo/help-gnutls