Bug 881711

Summary:	net-misc/curl-7.86.0-r3: Crash with USE="quiche openssl" on http3 connection
Product:	Gentoo Linux	Reporter:	Nicolas Werner <nicolas.werner>
Component:	Current packages	Assignee:	Matt Jolly <kangie>
Status:	RESOLVED FIXED
Severity:	normal	CC:	base-system
Priority:	Normal	Keywords:	PullRequest
Version:	unspecified
Hardware:	All
OS:	Linux
See Also:	https://bugs.gentoo.org/show_bug.cgi?id=847583 https://github.com/curl/curl/issues/10429 https://github.com/cloudflare/quiche/issues/1408 https://github.com/gentoo/gentoo/pull/29511
Whiteboard:
Package list:		Runtime testing required:	---

Description Nicolas Werner 2022-11-18 00:31:20 UTC

When enabling http3 support using quiche, that conflicts with the openssl flag. If both are linked into the binary, the wrong ssl lib seems to get picked up for the SSL_new symbol. This then causes a crash, since the ssl_method field is initialized to an invalid value when trying to do a http3 connection. This is because quiche uses a bundled boringssl library with the same symbol.

Reproducible: Always

Steps to Reproduce:
1. Build curl with openssl and quiche
2. curl --http3 (some http3 host here)
3. Segfault
Actual Results:  
It crashes

gentoo:~ % curl -vvvvv --http3 https://quic.rocks:4433/
*   Trying 216.155.158.183:4433...
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
zsh: segmentation fault  curl -vvvvv --http3 https://quic.rocks:4433/

Expected Results:  
It does the same as with http2, just that curl uses http3

You can work around this by using curl with the gnutls and nghttp3 backends or just not enabling quiche.

net-misc/curl-7.86.0-r3::gentoo was built with the following:
USE="adns alt-svc ftp http2 imap ipv6 openssl pop3 progress-meter quiche smtp ssl tftp websockets zstd -brotli -gnutls -gopher -hsts -idn -kerberos -ldap -mbedtls -nghttp3 -nss -rtmp -samba -ssh -sslv3 -static-libs -telnet -test -verify-sig" ABI_X86="32 (64) (-x32)" CURL_SSL="openssl -gnutls -mbedtls -nss"
FEATURES="usersync buildpkg usersandbox multilib-strict assume-digests parallel-fetch userpriv sandbox unknown-features-warn unmerge-logs pid-sandbox userfetch preserve-libs sfperms binpkg-multi-instance fixlafiles candy distlocks strict ccache config-protect-if-modified buildpkg-live unmerge-orphans qa-unresolved-soname-deps protect-owned ebuild-locks binpkg-dostrip news binpkg-docompress ipc-sandbox binpkg-logs network-sandbox parallel-install merge-sync"

Comment 1 Matt Jolly gentoo-dev

2023-02-07 06:44:24 UTC

Repro'd on 7.87 and reported upstream.

Comment 2 Larry the Git Cow gentoo-dev

2023-02-16 05:08:49 UTC

The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1c6ec8d4579f9fbb2b3fbfb93de2abb7893cb42f

commit 1c6ec8d4579f9fbb2b3fbfb93de2abb7893cb42f
Author:     Matt Jolly <Matt.Jolly@footclan.ninja>
AuthorDate: 2023-02-09 23:37:40 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-02-16 05:08:27 +0000

    net-misc/curl: add 7.88.0
    
    drop ipv6 and quiche USE
    
    Using quiche requires building cURL with the same SSL flavour
    as the quiche library (i.e. BoringSSL). This is currently
    unsupported on Gentoo.
    
    Drop `ipv6` USE; it doesn't require additional deps and `--ipv4`
    can be used at runtime to force connectivity in dual-stack configurations.
    
    Closes: https://bugs.gentoo.org/881711
    Closes: https://bugs.gentoo.org/792234
    Closes: https://bugs.gentoo.org/847451
    Closes: https://bugs.gentoo.org/867985
    Closes: https://bugs.gentoo.org/835851
    
    Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja>
    Closes: https://github.com/gentoo/gentoo/pull/29511
    Signed-off-by: Sam James <sam@gentoo.org>

 net-misc/curl/Manifest                             |   2 +
 net-misc/curl/curl-7.88.0.ebuild                   | 298 +++++++++++++++++++++
 .../files/curl-7.88.0-test-gnuserv-tls-srp.patch   |  39 +++
 .../curl-7.88.0-test-uninitialised-value.patch     |  30 +++
 4 files changed, 369 insertions(+)