There's a segfault when py-requests GETs an https resource (segv occurs
after it calls verify_cb, it happens every time for every site I've tried).
e.g.
$ printf "import requests\nr = requests.get('https://www.openbsd.org/')\n" |
python2.7
Segmentation fault (core dumped)
Any ideas who is to blame or where to poke at next?
$ python2.7
Python 2.7.12 (default, Oct 3 2016, 09:11:44)
[GCC 4.2.1 20070719 ] on openbsd6
Type "help", "copyright", "credits" or "license" for more information.
>>> import requests
>>> r = requests.get('https://dmtx.uk/')
Segmentation fault (core dumped)
$ gdb `which python2.7` python2.7.core
GNU gdb 6.3
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "amd64-unknown-openbsd6.0"...(no debugging symbols
found)
Core was generated by `python2.7'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/lib/libpthread.so.23.0...done.
Loaded symbols for /usr/lib/libpthread.so.23.0
Reading symbols from /usr/lib/libpthread.so.22.0...done.
Loaded symbols for /usr/lib/libpthread.so.22.0
Loaded symbols for /usr/local/bin/python2.7
Reading symbols from /usr/local/lib/libpython2.7.so.0.0...done.
Loaded symbols for /usr/local/lib/libpython2.7.so.0.0
Symbols already loaded for /usr/lib/libpthread.so.23.0
Reading symbols from /usr/lib/libutil.so.12.1...done.
Loaded symbols for /usr/lib/libutil.so.12.1
Reading symbols from /usr/lib/libstdc++.so.57.0...done.
Loaded symbols for /usr/lib/libstdc++.so.57.0
Reading symbols from /usr/lib/libm.so.10.0...done.
Loaded symbols for /usr/lib/libm.so.10.0
Reading symbols from /usr/lib/libc.so.89.2...done.
Loaded symbols for /usr/lib/libc.so.89.2
Reading symbols from /usr/libexec/ld.so...done.
Loaded symbols for /usr/libexec/ld.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/_locale.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_locale.so
Reading symbols from /usr/local/lib/libintl.so.6.0...done.
Loaded symbols for /usr/local/lib/libintl.so.6.0
Reading symbols from /usr/local/lib/libiconv.so.6.0...done.
Loaded symbols for /usr/local/lib/libiconv.so.6.0
Reading symbols from /usr/local/lib/python2.7/lib-dynload/readline.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/readline.so
Reading symbols from /usr/lib/libreadline.so.4.0...done.
Loaded symbols for /usr/lib/libreadline.so.4.0
Reading symbols from /usr/lib/libncursesw.so.14.0...done.
Loaded symbols for /usr/lib/libncursesw.so.14.0
Reading symbols from /usr/local/lib/python2.7/lib-dynload/time.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/time.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/cStringIO.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/cStringIO.so
Reading symbols from
/usr/local/lib/python2.7/lib-dynload/_collections.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_collections.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/operator.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/operator.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/itertools.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/itertools.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/_heapq.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_heapq.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/_socket.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_socket.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/_functools.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_functools.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/_ssl.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_ssl.so
Reading symbols from /usr/lib/libssl.so.39.1...done.
Loaded symbols for /usr/lib/libssl.so.39.1
Reading symbols from /usr/lib/libcrypto.so.38.1...done.
Loaded symbols for /usr/lib/libcrypto.so.38.1
Reading symbols from /usr/local/lib/python2.7/lib-dynload/strop.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/strop.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/_struct.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_struct.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/binascii.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/binascii.so
Reading symbols from /usr/lib/libz.so.5.0...done.
Loaded symbols for /usr/lib/libz.so.5.0
Reading symbols from /usr/local/lib/python2.7/lib-dynload/datetime.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/datetime.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/array.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/array.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/_io.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_io.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/math.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/math.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/_hashlib.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_hashlib.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/_random.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_random.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/fcntl.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/fcntl.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/select.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/select.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/_ctypes.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_ctypes.so
Reading symbols from /usr/local/lib/libffi.so.1.2...done.
Loaded symbols for /usr/local/lib/libffi.so.1.2
Reading symbols from /usr/local/lib/libuuid.so.14.0...done.
Loaded symbols for /usr/local/lib/libuuid.so.14.0
Reading symbols from /usr/local/lib/python2.7/lib-dynload/zlib.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/zlib.so
Reading symbols from
/usr/local/lib/python2.7/site-packages/cryptography/hazmat/bindings/_openssl.so...done.
Loaded symbols for
/usr/local/lib/python2.7/site-packages/cryptography/hazmat/bindings/_openssl.so
Reading symbols from
/usr/local/lib/python2.7/site-packages/_cffi_backend.so...done.
Loaded symbols for /usr/local/lib/python2.7/site-packages/_cffi_backend.so
Symbols already loaded for /usr/lib/libpthread.so.22.0
Reading symbols from /usr/local/lib/python2.7/lib-dynload/_json.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_json.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/_bisect.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_bisect.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/cPickle.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/cPickle.so
Reading symbols from /usr/local/lib/python2.7/lib-dynload/unicodedata.so...done.
Loaded symbols for /usr/local/lib/python2.7/lib-dynload/unicodedata.so
#0 0x000015a8f5d58fc0 in ?? ()
(gdb) bt
#0 0x000015a8f5d58fc0 in ?? ()
#1 0x000015a944d9c19c in internal_verify (ctx=0x7f7fffff2d00) at
/usr/src/lib/libcrypto/x509/x509_vfy.c:1611
#2 0x000015a944d9d859 in X509_verify_cert (ctx=0x7f7fffff2d00) at
/usr/src/lib/libcrypto/x509/x509_vfy.c:374
#3 0x000015a8d527b690 in ssl_verify_cert_chain (s=0x15a95bd59000, sk=Variable
"sk" is not available.
) at /usr/src/lib/libssl/ssl_cert.c:448
#4 0x000015a8d528edd0 in ssl3_get_server_certificate (s=0x15a95bd59000) at
/usr/src/lib/libssl/s3_clnt.c:1015
#5 0x000015a8d52901c1 in ssl3_connect (s=0x15a95bd59000) at
/usr/src/lib/libssl/s3_clnt.c:297
#6 0x000015a8d527f7de in ssl23_connect (s=0x15a95bd59000) at
/usr/src/lib/libssl/s23_clnt.c:477
#7 0x000015a87fd79e5c in _cffi_f_SSL_do_handshake () from
/usr/local/lib/python2.7/site-packages/cryptography/hazmat/bindings/_openssl.so
#8 0x000015a8a0904868 in PyEval_EvalFrameEx () from
/usr/local/lib/libpython2.7.so.0.0
#9 0x000015a8a090462a in PyEval_EvalFrameEx () from
/usr/local/lib/libpython2.7.so.0.0
#10 0x000015a8a090667d in PyEval_EvalCodeEx () from
/usr/local/lib/libpython2.7.so.0.0
#11 0x000015a8a0904567 in PyEval_EvalFrameEx () from
/usr/local/lib/libpython2.7.so.0.0
#12 0x000015a8a090667d in PyEval_EvalCodeEx () from
/usr/local/lib/libpython2.7.so.0.0
#13 0x000015a8a0904567 in PyEval_EvalFrameEx () from
/usr/local/lib/libpython2.7.so.0.0
#14 0x000015a8a090667d in PyEval_EvalCodeEx () from
/usr/local/lib/libpython2.7.so.0.0
#15 0x000015a8a0904567 in PyEval_EvalFrameEx () from
/usr/local/lib/libpython2.7.so.0.0
#16 0x000015a8a090667d in PyEval_EvalCodeEx () from
/usr/local/lib/libpython2.7.so.0.0
#17 0x000015a8a0904567 in PyEval_EvalFrameEx () from
/usr/local/lib/libpython2.7.so.0.0
#18 0x000015a8a090667d in PyEval_EvalCodeEx () from
/usr/local/lib/libpython2.7.so.0.0
#19 0x000015a8a0904567 in PyEval_EvalFrameEx () from
/usr/local/lib/libpython2.7.so.0.0
#20 0x000015a8a090667d in PyEval_EvalCodeEx () from
/usr/local/lib/libpython2.7.so.0.0
#21 0x000015a8a088df37 in function_call () from
/usr/local/lib/libpython2.7.so.0.0
#22 0x000015a8a0864008 in PyObject_Call () from
/usr/local/lib/libpython2.7.so.0.0
#23 0x000015a8a0900247 in PyEval_EvalFrameEx () from
/usr/local/lib/libpython2.7.so.0.0
#24 0x000015a8a090667d in PyEval_EvalCodeEx () from
/usr/local/lib/libpython2.7.so.0.0
#25 0x000015a8a088df37 in function_call () from
/usr/local/lib/libpython2.7.so.0.0
#26 0x000015a8a0864008 in PyObject_Call () from
/usr/local/lib/libpython2.7.so.0.0
#27 0x000015a8a0900247 in PyEval_EvalFrameEx () from
/usr/local/lib/libpython2.7.so.0.0
#28 0x000015a8a090667d in PyEval_EvalCodeEx () from
/usr/local/lib/libpython2.7.so.0.0
#29 0x000015a8a088df37 in function_call () from
/usr/local/lib/libpython2.7.so.0.0
#30 0x000015a8a0864008 in PyObject_Call () from
/usr/local/lib/libpython2.7.so.0.0
#31 0x000015a8a0900247 in PyEval_EvalFrameEx () from
/usr/local/lib/libpython2.7.so.0.0
#32 0x000015a8a090667d in PyEval_EvalCodeEx () from
/usr/local/lib/libpython2.7.so.0.0
#33 0x000015a8a088df37 in function_call () from
/usr/local/lib/libpython2.7.so.0.0
#34 0x000015a8a0864008 in PyObject_Call () from
/usr/local/lib/libpython2.7.so.0.0
#35 0x000015a8a0900247 in PyEval_EvalFrameEx () from
/usr/local/lib/libpython2.7.so.0.0
#36 0x000015a8a090667d in PyEval_EvalCodeEx () from
/usr/local/lib/libpython2.7.so.0.0
#37 0x000015a8a0904567 in PyEval_EvalFrameEx () from
/usr/local/lib/libpython2.7.so.0.0
#38 0x000015a8a090667d in PyEval_EvalCodeEx () from
/usr/local/lib/libpython2.7.so.0.0
#39 0x000015a8a0906772 in PyEval_EvalCode () from
/usr/local/lib/libpython2.7.so.0.0
#40 0x000015a8a0923902 in run_mod () from /usr/local/lib/libpython2.7.so.0.0
#41 0x000015a8a09254eb in PyRun_InteractiveOneFlags () from
/usr/local/lib/libpython2.7.so.0.0
#42 0x000015a8a09256fe in PyRun_InteractiveLoopFlags () from
/usr/local/lib/libpython2.7.so.0.0
#43 0x000015a8a092582c in PyRun_AnyFileExFlags () from
/usr/local/lib/libpython2.7.so.0.0
#44 0x000015a8a093643c in Py_Main () from /usr/local/lib/libpython2.7.so.0.0
#45 0x000015a675e00462 in _start () from /usr/local/bin/python2.7
#46 0x0000000000000000 in ?? ()
(gdb) frame 1
#1 0x000015a944d9c19c in internal_verify (ctx=0x7f7fffff2d00) at
/usr/src/lib/libcrypto/x509/x509_vfy.c:1611
1611 ok = (*cb)(1, ctx);
(gdb) list
1606 goto end;
1607
1608 /* The last error (if any) is still in the error value
*/
1609 ctx->current_issuer = xi;
1610 ctx->current_cert = xs;
1611 ok = (*cb)(1, ctx);
1612 if (!ok)
1613 goto end;
1614
1615 n--;
(gdb) p *ctx
$1 = {ctx = 0x15a8e3598700, current_method = 0, cert = 0x15a8ba55ff00,
untrusted = 0x15a8be37cee0, crls = 0x0, param = 0x15a913dac300,
other_ctx = 0x0, verify = 0x15a944d9c090 <internal_verify>,
verify_cb = 0x15a8f5d58fc0,
get_issuer = 0x15a944dd59b0 <X509_STORE_CTX_get1_issuer>,
check_issued = 0x15a944d9b990 <check_issued>,
check_revocation = 0x15a944d9cbe0 <check_revocation>,
get_crl = 0, check_crl = 0x15a944d9d970 <check_crl>,
cert_crl = 0x15a944d9b7c0 <cert_crl>,
check_policy = 0x15a944d9b660 <check_policy>,
lookup_certs = 0x15a944dd5e30 <X509_STORE_get1_certs>,
lookup_crls = 0x15a944dd5c30 <X509_STORE_get1_crls>,
cleanup = 0, valid = 0, last_untrusted = 2, chain = 0x15a90e0f90a0,
tree = 0x0, explicit_policy = 0, error_depth = 2, error = 0,
current_cert = 0x15a94b2ac400, current_issuer = 0x15a94b2ac400,
current_crl = 0x0, current_crl_score = 0, current_reasons = 0,
parent = 0x0, ex_data = {sk = 0x15a90c5969a0}}
(gdb) list
1606 goto end;
1607
1608 /* The last error (if any) is still in the error value
*/
1609 ctx->current_issuer = xi;
1610 ctx->current_cert = xs;
1611 ok = (*cb)(1, ctx);
1612 if (!ok)
1613 goto end;
1614
1615 n--;
(gdb) p *ctx->cert
$2 = {cert_info = 0x15a8930ff000, sig_alg = 0x15a887c641a0,
signature = 0x15a9078c4880, valid = 0, references = 2,
name = 0x15a8b98ffa00 "/CN=dmtx.uk", ex_data = {sk = 0x0},
ex_pathlen = -1, ex_pcpathlen = 0, ex_flags = 263,
ex_kusage = 160, ex_xkusage = 3, ex_nscert = 0,
skid = 0x15a90c596fe0, akid = 0x15a8be37c080,
policy_cache = 0x0, crldp = 0x0,
altname = 0x15a8e0140a20, nc = 0x0,
sha1_hash = "])D\231Dëï·ö\017]óî{Ël!À)X", aux = 0x0}
(gdb) p *ctx->verify
$3 = {int (X509_STORE_CTX *)} 0x15a944d9c090 <internal_verify>
(gdb) p *ctx->verify_cb
$4 = {int (int, X509_STORE_CTX *)} 0x15a8f5d58fc0
