[Botan-devel] threads - segmentation fault

Stanislav Kuhn kuhn at analytica.biz
Mon Dec 18 14:28:36 EST 2006


Hi jack...

You were absolutely right...
That helped a lot with handling more requests...

Unfortunately I hit another problem...

I'll pase peace of code that is doing decryption...

It throws St9exception exception after ending pipe.

Here is a code:

try 
      {
	      //lets strip out our headers first
	      int index_from = 0;
	      index_from = line.find("x-header-xxxxxxx\r\n");
	      line.erase(index_from);
	     
	      //now lets send header from other servers to the server
	      syslog(LOG_INFO,"sending non encrypted headers added on the
way..");
	      this->s->WriteString(line);
	      this->s->WriteString("\r\n");
	      this->s->Flush();
	      
	      //read key
	      line="";tag="";
	      syslog(LOG_INFO,"reading a key..");
	      this->c->ReadLine(line);
				//syslog(LOG_INFO, "key: %s", line.c_str());
				syslog(LOG_INFO,"loading a key..");
				
				std::auto_ptr<PKCS8_PrivateKey>
key_pkcs8(PKCS8::load_key("/opt/sc/mailsk/test.pri", "H8sl0"));
				RSA_PrivateKey* key_rsa =
dynamic_cast<RSA_PrivateKey*>(key_pkcs8.get()); 
				std::auto_ptr<PK_Decryptor>
dec(get_pk_decryptor(*key_rsa, "EME1(SHA-1)"));
				std::auto_ptr<S2K>
s2k(get_s2k("PBKDF2(SHA-1)"));
				s2k->set_iterations(8192);
				syslog(LOG_INFO,"decrypting and setting aes
key..");
	
s2k->change_salt(dec->decrypt(b64_decode(line)));
				SymmetricKey key_aes = s2k->derive_key(32,
"BLK");
				syslog(LOG_INFO,"vector inicialization..");
				InitializationVector iv =
s2k->derive_key(16, "IVL");
				syslog(LOG_INFO,"opening pipe..");
				Pipe pipe(new Base64_Decoder,
get_cipher("AES-256/CBC", key_aes, iv, DECRYPTION));
				pipe.start_msg();
				line="";
      
      	while (t[0] != '\r' || t[1] != '\n' || t[2] != '.' || t[3] != '\r'
|| t[4] != '\n')
      	{
			char c = this->c->ReadChar ();
			    
    	            if (c != '\r' && c != '\n' && c != '.')
	    		{  
			        line.push_back(c); //for debug only
			        pipe.write(c);
			   	  //this->s->WriteString(tag);
	    		}
         
	   	    while(pipe.remaining() > 0) 
		    {
		      this->s->WriteString(pipe.read_all_as_string());
	           this->s->Flush();
	          }
			   
          t.push_back (c);
	    t.pop_front ();
        }
			
        syslog(LOG_INFO,"ending pipe..");
	  syslog(LOG_INFO,"crypted message:%s<",line.c_str());
        pipe.end_msg();
        line = pipe.read_all_as_string();
        syslog(LOG_INFO,"writing rest from the pipe..");
	  this->s->WriteString(line);
	  //this->s->WriteChar('<');
	  this->s->Flush ();
      }
      catch (std::exception e)
	{
		syslog(LOG_ERR, "decrypt exception1 in
equest::HandleData():[%d] %s", getpid(), e.what());
	}


And here is syslog output....


Dec 18 19:06:08 sc2 incomingd: crypted
message:I6ujAnvuz3VylblhTDr33O/PE4O4XZb6yHX6nq3FLdtrqv5JDCPyfUz+mclm+qFds4su
1dbmRBAzcE0PETa3irISlIOndCielW6RauXIYW8O4xF5tbl4bhrXFR9ZO0+4uj23bfTqDAbmKwve
nItLKV+SV4acVgyVdYOYXQEqTdeS8X8cpNyOpWDy8F4xnU2dJeouVWBEBKSmw5HnfOZEd3MK1Rbw
03mNWtg75DZJAspA3nGrZscFp1UAqa8w+lp1eHQmJ2i52ek34RTrvAMibPOTQZVfZacSKM0lhrE0
SD34o/atNqbR0DHanxJsRcPQfclhd+LwjJUJzO4hpIM/LJX9tXhNi8ajhX0nT/x43rj8Yh6UprLb
P60Lw+rt6cjtrZc7Sj8GCNB/0VZWhcA0M2rsK9vgWOc5zLVxXLeyr3a5WzDqbZreB1MsVSnBZAzj
h8zU2TT3u8hUOcKGlqS2H5tcr0VtpdIzxuO3sPcYsBDTk3m8xcAaqMUOs7PWV909/7rSdBhrvyOh
xXR+p2FAG27QLdb/lHjkMiJT0PCjKXQc3G5O/MAph4wQNkvNXuk80eVBnHEbEbobttYFNY0oLQ==
<
Dec 18 19:06:10 sc2 incomingd: decrypt exception1 in
Request::HandleData():[5944] St9exception


Note that when crypted message is sent, it is done in 64 chars blocks with
break line on the end. When we decrypt, there is reading that ignores \n \r
\. characters

Sorry for the mess it does in email... Message in syslog is without any
breakline or space. "<" on the end is added only in syslog to verify that
there is no space on the end of crypted message.

Thanks for your help
Stan


-----Original Message-----
From: botan-devel-bounces at randombit.net
[mailto:botan-devel-bounces at randombit.net] On Behalf Of Jack Lloyd
Sent: 17 December 2006 14:43
To: Botan development list
Subject: Re: [Botan-devel] threads - segmentation fault

On Sun, Dec 17, 2006 at 01:33:42PM -0000, Stanislav Kuhn wrote:
> 
> We have threads created this way:
> 
> Every time when we get connection, parent creates new request object that
> forks itself as a new thread. In one of the function of the request object
> is botan library inicializatin and crypting stuff.

This sounds like it could be the problem. The initialization code
should only be run once (for example in the primary thread inside
main); otherwise the various initializations will stomp on some shared
state and (among other things) deallocate memory, which seems like it
could be the problem here.

If you could send me a stripped down example that replicates the issue
(offlist would be fine), that would probably also help.

-Jack
_______________________________________________
botan-devel mailing list
botan-devel at randombit.net
http://www.randombit.net/mailman/listinfo/botan-devel




More information about the botan-devel mailing list