classification
Title: SSL socket segfaults during a connect() using a punycode domain containg a umlaut
Type: crash Stage: resolved
Components: Extension Modules Versions: Python 3.5
process
Status: closed Resolution: out of date
Dependencies: Superseder: Refcounting mistake in _ssl.c
View: 30594
Assigned To: Nosy List: christian.heimes, gregory.p.smith, kmille, xtreak
Priority: normal Keywords:

Created on 2019-06-10 20:03 by kmille, last changed 2019-06-11 06:25 by gregory.p.smith. This issue is now closed.

Messages (5)
msg345140 - (view) Author: (kmille) Date: 2019-06-10 20:03
Hey,

chs@gw-sss-nb8:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 16.04.4 LTS
Release:        16.04
Codename:       xenial
chs@gw-sss-nb8:~$ python3 --version
Python 3.5.2
chs@gw-sss-nb8:~$ cat segfault.py 
import ssl
import socket

hostname = "www.xn--b.buchhandlunggründen.de"

ctx = ssl.create_default_context()
s = ctx.wrap_socket(socket.socket(), server_hostname=hostname)
s.check_hostname = True
try:
    s.connect((hostname, 443))
except UnicodeError as incorrect_punycode:
    pass

chs@gw-sss-nb8:~$ python3 segfault.py 
Segmentation fault

The problem does not occur if I remove the ü in www.xn--b.buchhandlunggründen.de

On my Arch the DNS fails (above the name doesn't resolve too but I seems like it doesn't matter):
kmille@linbox timetracking master % python3 omg.py 
Traceback (most recent call last):
  File "omg.py", line 10, in <module>
    s.connect((hostname, 443))
  File "/usr/lib/python3.7/ssl.py", line 1150, in connect
    self._real_connect(addr, False)
  File "/usr/lib/python3.7/ssl.py", line 1137, in _real_connect
    super().connect(addr)
socket.gaierror: [Errno -2] Name or service not known
kmille@linbox timetracking master % python3 --version
Python 3.7.3

If you need further help please ask.

Thank you for python <3

kmille
msg345186 - (view) Author: Gregory P. Smith (gregory.p.smith) * (Python committer) Date: 2019-06-11 05:52
FWIW, I could reproduce this on early 3.5 versions but it appears to have been fixed between 3.5.3 and 3.5.4.

I'm leaving this open in case anyone can tie it back to a particular change.
msg345190 - (view) Author: Karthikeyan Singaravelan (xtreak) * (Python committer) Date: 2019-06-11 06:13
I couldn't get an ssl build with 3.5.4 to verify this but looking at changelog between 3.5.3 and 3.5.4 issue30594 might have fixed it since it reports a similar segfault.
msg345191 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2019-06-11 06:25
Yes, this looks like a duplicate of issue30594. kmille, please contact Ubuntu and ask them to apply the fix to 16.04.

By the way, your hostname is not correct. "xn--b" is an invalid punycode. The correct IDNA encoding for the domain looks like this:

>>> "www.buchhandlunggründen.de".encode('idna')
b'www.xn--buchhandlunggrnden-z6b.de'
msg345192 - (view) Author: Gregory P. Smith (gregory.p.smith) * (Python committer) Date: 2019-06-11 06:25
oh that is likely it, the stacktrace i got in a pydebug build was a gc time refcount != 0 assertion.
History
Date User Action Args
2019-06-11 06:25:50gregory.p.smithsetsuperseder: Refcounting mistake in _ssl.c
messages: + msg345192
2019-06-11 06:25:08christian.heimessetstatus: open -> closed

nosy: + christian.heimes
messages: + msg345191

resolution: out of date
2019-06-11 06:13:36xtreaksetnosy: + xtreak
messages: + msg345190
2019-06-11 05:52:48gregory.p.smithsetnosy: + gregory.p.smith
messages: + msg345186

components: + Extension Modules, - ctypes
type: crash
stage: resolved
2019-06-10 20:03:59kmillecreate