search

panux / packages-main

Packages for Project Panux
MIT License
5 stars 2 forks source link

gnutls broken in container #43

Open niaow opened 7 years ago

niaow commented 7 years ago

Steps to replicate:

lpkg update
lpkg install gdb wget
wget https://google.com

Error:

Program received signal SIGILL, Illegal instruction.
0x00007f6a76487d18 in __gmpn_divisible_p () from /lib/libgmp.so.10

To debug I ran:

gdb --args wget https://google.com

Stacktrace:

#0  0x00007f6a76487d18 in __gmpn_divisible_p () from /lib/libgmp.so.10
#1  0x00007f6a76476436 in __gmpz_congruent_p () from /lib/libgmp.so.10
#2  0x00007f6a766e97a0 in nettle_ecc_point_set (p=p@entry=0x7fff213e8040, 
    x=0x556044e0c460, y=0x556044e0c320) at ecc-point.c:97
#3  0x00007f6a7741767a in _ecc_params_to_pubkey (pub=pub@entry=0x7fff213e8040, 
    curve=curve@entry=0x7f6a7690a320 <nettle_secp_256r1>, 
    pk_params=<optimized out>, pk_params=<optimized out>) at pk.c:140
#4  0x00007f6a77418e89 in _wrap_nettle_pk_verify (algo=<optimized out>, 
    vdata=0x7fff213e8100, signature=<optimized out>, pk_params=0x556044e0c4c8)
    at pk.c:660
#5  0x00007f6a7736f96c in dsa_verify_hashed_data (params=0x556044e0c4c8, 
    signature=0x7fff213e8340, hash=0x7fff213e8180, 
    algo=0x7f6a77670bd0 <hash_algorithms+112>, pk=GNUTLS_PK_ECDSA)
    at pubkey.c:1866
#6  pubkey_verify_hashed_data (pk=GNUTLS_PK_ECDSA, hash_algo=<optimized out>, 
    hash=0x7fff213e8180, signature=0x7fff213e8340, 
    issuer_params=0x556044e0c4c8) at pubkey.c:1920
#7  0x00007f6a7735ee00 in verify_tls_hash (
    session=session@entry=0x556044df5840, 
    ver=ver@entry=0x7f6a77670f80 <sup_versions+96>, 
    cert=cert@entry=0x7fff213e8350, 
    hash_concat=hash_concat@entry=0x7fff213e8200, 
    signature=signature@entry=0x7fff213e8340, sha1pos=sha1pos@entry=0,
    sign_algo=GNUTLS_SIGN_ECDSA_SHA256, pk_algo=GNUTLS_PK_ECDSA)
    at tls-sig.c:277
#8  0x00007f6a7735f567 in _gnutls_handshake_verify_data (
    session=session@entry=0x556044df5840, cert=cert@entry=0x7fff213e8350, 
    params=params@entry=0x7fff213e83c0, 
    signature=signature@entry=0x7fff213e8340, 
    sign_algo=sign_algo@entry=GNUTLS_SIGN_ECDSA_SHA256) at tls-sig.c:371
#9  0x00007f6a773e231a in _gnutls_proc_dhe_signature (
    session=session@entry=0x556044df5840, data=<optimized out>, 
    data@entry=0x556044997545 "\004\003", _data_size=_data_size@entry=75, 
    vparams=vparams@entry=0x7fff213e83c0) at cert.c:2213
#10 0x00007f6a773eaddd in proc_ecdhe_server_kx (session=0x556044df5840, 
    data=0x556044997500 "\003", _data_size=144) at ecdhe.c:310
#11 0x00007f6a7734df14 in _gnutls_recv_server_kx_message (
    session=session@entry=0x556044df5840) at kx.c:506
#12 0x00007f6a773495a8 in handshake_client (session=0x556044df5840)
    at handshake.c:2866
#13 gnutls_handshake (session=0x556044df5840) at handshake.c:2611
#14 0x00005560427b27a4 in _do_handshake ()
#15 0x00005560427b2ce4 in ssl_connect_wget ()
#16 0x000055604278cf51 in establish_connection ()
#17 0x000055604278e3d9 in gethttp ()
#18 0x0000556042790c5e in http_loop ()
#19 0x00005560427a1015 in retrieve_url ()
#20 0x0000556042799aaf in main ()
niaow commented 7 years ago

I modified the wget pkgen to use libressl, so wget works now. However, gnutls is broken probbably.