curl-library
Re: Crash on iOS during HTTPS connection (libcurl with DarwinSSL)
Date: Thu, 17 Oct 2013 17:08:35 +0000
Additional information gathered suggests an error situation that should have been handled gracefully by libcurl / DarwinSSL but is not:
I have now rebuilt libcurl with openssl. The result is a fully functional application, that 'reports' the error and closes the connection.
Here is the error :
* Rebuilt URL to: https://www.google.com/
* About to connect() to www.google.com<http://www.google.com> port 443 (#0)
* Trying 173.194.43.115...
* Adding handle: conn: 0x1f186200
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x1f186200) send_pipe: 1, recv_pipe: 0
* Connected to www.google.com<http://www.google.com> (173.194.43.115) port 443 (#0)
* error setting certificate verify locations:
CAfile: /var/mobile/Applications/69D5AB7A-3663-4E00-8EDE-47CE659B855F/Library/cacert.pem
CApath:
* Closing connection 0
This obviously points to an error with the certificate and its location. The previous stack trace hinted at that as well since at the time of the crash, system was trying to read data from the certificate. Apparently, there are limitations to how a certificate can be accessed.
I have also tried placing the certificate as a resource which places the file in the app bundle, but the failure is the same :
* error setting certificate verify locations:
CAfile: /var/mobile/Applications/69D5AB7A-3663-4E00-8EDE-47CE659B855F/MyApplication.app/assets/cacert.pem
CApath:
* Closing connection 0
On 2013-10-17, at 10:12 AM, Arcin Bozkurt <arcin.bozkurt_at_youilabs.com<mailto:arcin.bozkurt_at_youilabs.com>> wrote:
Hi,
I am trying to to lib curl to work with the Security framework on iOS and have a simple application where I am testing easy / multi HTTP secure connections. I have a lib curl configuration that I can run on my main thread or on a separate thread I have created (like an HTTP service thread). I have two versions, one based on curl_easy, another on curl_multi API. lib curl runs successfully if the code is on the main thread, but it will crash deep inside iOS framework if it runs on the http service thread (_retainedComponentString)
The stack trace is below :
* thread #6: tid = 0x2337, 0x34060e0a CoreFoundation`_retainedComponentString + 14, stop reason = EXC_BAD_ACCESS (code=2, address=0x2fe94d10)
frame #0: 0x34060e0a CoreFoundation`_retainedComponentString + 14
frame #1: 0x340608e8 CoreFoundation`CFURLCreateStringWithFileSystemPath + 380
frame #2: 0x3406970c CoreFoundation`CFURLGetFileSystemRepresentation + 536
frame #3: 0x34083a42 CoreFoundation`_CFGetFileProperties + 50
frame #4: 0x340bc472 CoreFoundation`__CFBundleCopyFrameworkURLForExecutablePath + 650
frame #5: 0x340838ea CoreFoundation`_CFBundleEnsureBundleExistsForImagePath + 14
frame #6: 0x340837fc CoreFoundation`CFBundleGetBundleWithIdentifier + 96
frame #7: 0x35e2de62 Security`SecFrameworkBundleLookup + 18
frame #8: 0x3c3fbeea libsystem_c.dylib`pthread_once + 70
frame #9: 0x35e2de28 Security`SecFrameworkCopyLocalizedString + 32
frame #10: 0x35e26490 Security`obtainSummaryFromX501Name + 308
frame #11: 0x35e29bbc Security`parseRDNContent + 100
frame #12: 0x35e2632a Security`parseX501NameContent + 58
frame #13: 0x35e26268 Security`SecCertificateCopySubjectSummary + 40
frame #14: 0x003271f2 Gladiator`darwinssl_connect_common + 1766
frame #15: 0x00321cd0 Gladiator`Curl_ssl_connect_nonblocking + 28
frame #16: 0x0030fe06 Gladiator`https_connecting + 14
frame #17: 0x00314186 Gladiator`Curl_protocol_connecting + 26
frame #18: 0x0031e8ba Gladiator`multi_runsingle + 874
frame #19: 0x0031f3ae Gladiator`curl_multi_perform + 102
frame #20: 0x0031c364 Gladiator`curl_easy_perform + 260
The behaviour is the same whether I use easy or multi API.
Could the problem be related to how I have built libcurl?
I am using 7.32.0 and building against SDK 6.1 using :
--disable-shared --with-darwinssl --without-libssh2 --without-ca-bundle --without-ldap --disable-ldap --disable-ftp --enable-debug
Any suggestions?
Thanks
Arcin
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-10-17