Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FS#588 - openvpn-mbedtls crash on mpc85xx with signal 4 (SIGILL) #7937

Closed
openwrt-bot opened this issue Mar 3, 2017 · 6 comments
Closed
Labels

Comments

@openwrt-bot
Copy link

lynxis:

device: tp-link wdr4900
affected version: lede 17.01 / openvpn-mbedtls - 2.4.0-3

openvpn config:

dev tun-monitoring
remote somehost 1194

ca /etc/openvpn/monitoring-vpn/ca.crt
cert /etc/openvpn/monitoring-vpn/xyz.crt
key /etc/openvpn/monitoring-vpn/xyz.key
tls-auth /etc/openvpn/monitoring-vpn/ta.key 1
remote-cert-tls server

keepalive 10 120
cipher AES-256-CBC
comp-lzo yes

persist-key
persist-tun

@openwrt-bot
Copy link
Author

lynxis:

openvpn-openssl works

@openwrt-bot
Copy link
Author

nbd:

Please make a core dump and figure out exactly where it crashes in the code.

@openwrt-bot
Copy link
Author

ajmcc:

Hi, not sure if this is the right thing to do but here goes anyway.

I'm running a TL-WDR4900 on lede-17.01.0-r3205-59508e3-mpc85xx-generic-tl-wdr4900-v1-squashfs-sysupgrade.bin.

I find that 'curl' fails with 'Illegal Instruction' when making a https transfer, but is fine with http. Syslog:

Mar 29 17:11:33 <1.6> 10.0.20.4 c-fw kernel: [2073277.579797] curl[14801]: unhandled signal 4 at b7d2b408 nip b7d2b408 lr b7d19af8 code 30001

I feel the finger may be pointing toward a problem with libembedtls on mpc85xx.

The packages on my firewall:

curl - 7.52.1-3
libmbedtls - 2.4.2-1

@openwrt-bot
Copy link
Author

marcellos:

The problem is still there with my TL-WR4900 (mpc85xx) lede-17.01.04 stable release.

branch (git-17.290.79498-d3f0685) / LEDE Reboot 17.01.4 r3560-79f57e422d

$ curl https://www.example.com
[ 4674.378378] curl[7408]: unhandled signal 4 at b77eda40 nip b77eda40 lr b77dbcfc code 30001

Tested with:
curl_7.52.1-5
libcurl_7.52.1-5
libmbedtls_2.6.0-1

Also tested upgrading manually cURL and Libcurl (powerpc_8540.ipk)
curl_7.55.1-2
libcurl_7.55.1-2
libmbedtls_2.6.0-1

Strange fact is that before upgrading to the stable branch, I was using the nightly snapshot (downloaded 16/10) and there curl/libcurl_7.55.1-2 (+ libmbedtls_2.6.0-1) were there and all was working without a problem.
Any clues?

@openwrt-bot
Copy link
Author

SAm0815:

I think this was fixed with an update of mbedtls in a later release.

@PolynomialDivision
Copy link
Member

This is still an issue:

curl[7227]: illegal instruction (4) at b7c94288 nip b7c94288 lr b7c6b528 code 1 in libmbedcrypto.so.2.28.1[b7c3e000+7e000]
curl[7227]: code: 3d7e0000 809e8004 91490000 816b814c 7d6903a6 4e800421 80010024 83c10018
curl[7227]: code: 38210020 7c0803a6 4e800020 9421fff0 <7d4d42e6> 7c6c42e6 7d2d42e6 7c0a4840

PolynomialDivision referenced this issue in openwrt/packages Oct 15, 2022
The decision to switch the default to wolfSSL was taken because of
hostapd back from when curl was in base. Unfortunately, not only is
wolfSSL bigger but it has also been causing issues recently. There's
also no relation between hostapd and curl.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
PolynomialDivision added a commit to PolynomialDivision/packages that referenced this issue Oct 16, 2022
Curl does not work with mbedtls. This is a known issue:
- Mbed-TLS/mbedtls#6430
- openwrt/openwrt#7937
- openwrt#5293
- https://forum.openwrt.org/t/curl-illegal-instruction-17-01-0-r3205-59508e3-mpc85xx-generic/2697

Use wolfssl instead of mbedtls.

Signed-off-by: Nick Hainke <vincent@systemli.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants