| Summary: | C++ client connecting on SSL fails before its closing | ||
|---|---|---|---|
| Product: | Red Hat Enterprise MRG | Reporter: | Petra Svobodová <psvobodo> |
| Component: | qpid-cpp | Assignee: | Chuck Rolke <crolke> |
| Status: | CLOSED DUPLICATE | QA Contact: | MRG Quality Engineering <mrgqe-bugs> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | Development | CC: | crolke, jross, psvobodo |
| Target Milestone: | 3.0 | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Windows | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2013-11-19 18:59:45 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
SSL is not the issue here. This is the same access violation as bz1030219. *** This bug has been marked as a duplicate of bug 1030219 *** After analyzing crash stacks in bz1030219 this crash in NOT the same. However, it is a duplicate of bz1024832 instead. CRYPT32!ReleaseContextElement+0x13 CRYPT32!CertFreeCRLContext+0x17 qpidclientd!qpid::client::windows::SslConnector::~SslConnector+0x6c qpidclientd!qpid::client::windows::SslConnector::`scalar deleting destructor'+0x31 *** This bug has been marked as a duplicate of bug 1024832 *** |
Description of problem: C++ client on Windows connecting via SSL sends or receives all messages and fails before closing. If SSL connection cannot be opened (due missing certificate for example), the client fails sometimes too, but with less frequency. Version-Release number of selected component (if applicable): qpid-cpp-win-3.22.24.1-1 How reproducible: about 1% cases; more often on Windows7-x86 and Windows Server2008-x86, but occurs also on 64bit architectures Steps to Reproduce: 1. Unpack and build C++ examples. 2. On the linux machine create nss database and generate SSL certificates: # mkdir qpid_nss_db # cd qpid_nss_db/ # echo password > ssl_pw_file.txt # certutil -N -d . -f ssl_pw_file.txt # certutil -S -d . -n rootCA -s "CN=rootCA" -t "CT,," -x -m 1000 -v 120 -f ssl_pw_file.txt # certutil -S -n "<server_cert_name>" -s "CN="<hostname> -c rootCA -t ",," -m 1001 -v 120 -d . -f ssl_pw_file.txt # certutil -S -n client -s "CN=client" -t ",," -m 1002 -v 120 -c rootCA -d . -f ssl_pw_file.txt 3. Create a directory, export certificate of authority into .cer format, copy it on the Windows machine and install it into Trusted Root Certification Authorities. 4. Run a broker with configuration: # cat /etc/qpid/qpidd.conf ssl-require-client-authentication=no ssl-sasl-no-dict=no log-to-file=/var/lib/qpidd/qpidd.log ssl-port=5671 truncate=yes log-enable=debug+ ssl-cert-password-file=/var/lib/qpidd/qpid_nss_db/ssl_pw_file.txt ssl-cert-name=<server_cert_name> auth=no ssl-cert-db=/var/lib/qpidd/qpid_nss_db 5. Run spout.exe/drain.exe examples in loop: spout.exe --broker <hostname>:5671 --connection-options {transport:ssl} --content "HELLO" "addr;{create:always}" Actual results: The client application sends/receives messages and before its closing fails (returns exit code -1073741819). Expected results: The application should close cleanly and return exit code 0.