Closed xd009642 closed 3 years ago
I am not aware of any versions of OpenSSL newer than 1.0.1 that don't work with TlsConnector. Can you create a self contained example that reproduces this behavior?
I'm working on it but haven't managed to reproduce it outside the project yet. A colleague has been getting segfaults and attached GDB and found:
Thread 1 "project_name" received signal SIGSEGV, Segmentation fault.
0x00007ffff3f727a1 in bssl::ssl_cert_clear_certs(bssl::CERT*) () from /opt/tensorflow/lib/libtensorflow_framework.so
I'm guessing tensorflow which we also use is causing some weird interaction... I'll dig deeper and see if I can figure it out.
Just to clarify they aren't having an issue with native-tls but having a different segfault during initialisation and I'm getting this during initialisation. And I'm slightly assuming the sudden failure may be related
IIRC tensorflow uses its own statically linked build of BoringSSL but doesn't properly hide the symbols, so if you try to link in an OpenSSL as well wires get crossed and things break.
Okay that's good to know, it's a bit strange how we're using hyper_tls, native-tls and tensorflow in 5 other projects with no issues. But that might be down to some slight version mismatch :thinking:. I can't really avoid tensorflow so I'll see if I can move to rustls and sidestep the issue
So moving to rustls fixed my issue and I wasn't able to reproduce the issue on a small project on my system with just native-tls in so some issues with openssl and some other native library seem most likely.
So I have the following inadvisable code for a private cloud with no external internet access:
And with
openssl version
which outputsOpenSSL 1.1.1f 31 Mar 2020
I get:However, with version 1.1.1k the connector builds and then the code works as expected. Just wondering if this there's a way I can get this to work across any 1.1.1x versions?