Mbed TLS is now part of TrustedFirmware.org.

Crash in ssl_parge_client_hello


Jul 14, 2017 18:08
rafael baptista

On a threaded server ( ~24-48 threads on 24 core server ), I'm getting an infrequent crash under heavy load in:

libpthread.so.0 ??          __restore_rt
ssl_tls.c:2389                 mbedtls_ssl_fetch_input                      
ssl_srv.c:1109                 ssl_parse_client_hello                         
ssl_srv.c:3841                 mbedtls_ssl_handshake_server_step  

Or less frequent:

libpthread.so.0 ??          __restore_rt
debug.c:89                     mbedtls_debug_print_msg                   
ssl_tls.c:2391                 mbedtls_ssl_fetch_input                             
ssl_srv.c:1109                 ssl_parse_client_hello                           
ssl_srv.c:3841                 mbedtls_ssl_handshake_server_step        

This is version 2.4.2

I don't think its a bug in mbedtls - but probably something like mutexes not being set up right. Does anyone have experience with a crash like this, and have a solution?

 
Jul 14, 2017 20:10
rafael baptista

I built mbedtls with the following defined:

MBEDTLS_THREADING_C 

MBEDTS_THREADING_PTHREAD

Every thread uses its own

mbedtls_ssl_context

The following structures are shared globally:

mbedtls_ssl_config             
mbedtls_entropy_context        
mbedtls_ctr_drbg_context       
mbedtls_ssl_cache_context  
mbedtls_ssl_ticket_context  

The following are shared among all connections that use the same certificate:

mbedtls_x509_crt
mbedtls_pk_context

There are many versions of the documentation - but as far as I can tell all the most recent documents say you don't have to mutex protect any of these things if the treading option is turned on.

 
Aug 17, 2017 08:52
Ron Eldor

Hi Rafael,
Without having more information, I believe that the crash might be in the mbedtls_ssl_context that is sent to the function mbedtls_ssl_fetch_input.
Is it possible it gets overriden on your platform? Or is it possible that due to many threads, it gets corrupted?
Regards,
mbed TLS Team member
Ron