Tor crash on OpenBSD-current since 2014-08-10
Tor is broken under OpenBSD-current since this patch, I think, http://marc.info/?l=openbsd-cvs&m=140768179627976&w=2). The function prune_v2_cipher_list() in src/common/tortls.c now crash Tor (Segmentation fault). All Tor versions impacted.
Commenting out the prune_v2_cipher_list() seems to be enough as a workaround.
Here is a gdb backtrace with tor-0.2.5.7-rc in debug mode:
Oct 02 14:41:12.000 [debug] tor_tls_debug_state_callback(): SSL 0x83b91000 is now in state before/accept initialization [type=16,val=1]. Oct 02 14:41:12.000 [debug] tor_tls_debug_state_callback(): SSL 0x83b91000 is now in state before/accept initialization [type=8193,val=1]. Oct 02 14:41:12.000 [debug] tor_tls_debug_state_callback(): SSL 0x83b91000 is now in state unknown state [type=8194,val=-1]. Oct 02 14:41:12.000 [debug] tor_tls_handshake(): After call, 0x82a59d80 was in state unknown state Oct 02 14:41:12.000 [debug] connection_tls_continue_handshake(): wanted read Oct 02 14:41:12.000 [debug] conn_read_callback(): socket 22 wants to read. Oct 02 14:41:12.000 [debug] tor_tls_handshake(): About to call SSL_accept on 0x82a59d80 (unknown state)
Program received signal SIGSEGV, Segmentation fault. 0x00000000 in ?? () (gdb) bt #0 0x00000000 in ?? () #1 0x1a8d578b in tor_tls_classify_client_ciphers (ssl=0x83b91000, peer_ciphers=0x85251200) at src/common/tortls.c:1489 #2 (closed) 0x1a8d58ff in tor_tls_session_secret_cb (ssl=0x83b91000, secret=0x8a659608, secret_len=0x8a659604, peer_ciphers=0x85251200, cipher=0xcfbe0184, arg=0x0) at src/common/tortls.c:1683 #3 (closed) 0x0b9e09ec in ssl3_get_client_hello (s=0x83b91000) at /usr/src/lib/libssl/ssl/../../libssl/src/ssl/s3_srvr.c:1119 #4 (closed) 0x0b9e176f in ssl3_accept (s=0x83b91000) at /usr/src/lib/libssl/ssl/../../libssl/src/ssl/s3_srvr.c:346 #5 (closed) 0x0b9f22fa in SSL_accept (s=0x83b91000) at /usr/src/lib/libssl/ssl/../../libssl/src/ssl/ssl_lib.c:922 #6 (closed) 0x0b9d8836 in ssl23_get_client_hello (s=0x83b91000) at /usr/src/lib/libssl/ssl/../../libssl/src/ssl/s23_srvr.c:573 #7 (closed) 0x0b9d915c in ssl23_accept (s=0x83b91000) at /usr/src/lib/libssl/ssl/../../libssl/src/ssl/s23_srvr.c:232 #8 (closed) 0x0b9f22fa in SSL_accept (s=0x83b91000) at /usr/src/lib/libssl/ssl/../../libssl/src/ssl/ssl_lib.c:922 #9 (closed) 0x1a8d5d59 in tor_tls_handshake (tls=0x82a59d80) at src/common/tortls.c:2113 #10 (closed) 0x1a865f10 in connection_tls_continue_handshake (conn=0x83b93000) at src/or/connection_or.c:1468 #11 (closed) 0x1a857dee in connection_handle_read (conn=0x83b93000) at src/or/connection.c:3287 #12 (closed) 0x1a7a842f in conn_read_callback (fd=22, event=2, _conn=0x83b93000) at src/or/main.c:736 #13 (closed) 0x0bb9ca02 in event_base_loop (base=0x7e447000, flags=0) at /usr/src/lib/libevent/event.c:404 #14 (closed) 0x1a7a3eab in do_main_loop () at src/or/main.c:2027 #15 (closed) 0x1a7a55ca in tor_main (argc=3, argv=0xcfbe09c4) at src/or/main.c:3047 #16 (closed) 0x1a7a1cdd in main (argc=536912672, argv=0x8696ee00) at src/or/tor_main.c:30 (gdb)