Kyle R. Rose <[EMAIL PROTECTED]>:
> In the course of using OpenSSL for a client application, I would
> regularly get a SEGV in the client session caching code under high
> load. After some examination, I traced it to SSL_CTX_add_session,
> where two data structures (a hash and a list) are not being kept in
> sync: when a session is deleted from the hash, it is not
> correspondingly deleted from the list, causing that memory to be freed
> twice (once as a dangling pointer, of course) when it is finally taken
> off the list.
If you are writing a *client*, then why is SSL_CTX_add_session used at
all? Usually it is only used for servers unless you set the
SSL_SESS_CACHE_CLIENT bit in the SSL_CTX's session_cache_mode.
Assuming that you're actually writing a server -- does your
application set SSL_SESS_CACHE_NO_INTERNAL_LOOKUP? While examining
ssl_sess.c I found that it cannot work because it can violate some
invariants that other functions rely on (there may not be multiple
SSL_SESSIONs with the same session ID). Also a multi-threaded server
with external cache can run into problems for similar reasons.
And applications that directly call SSL_CTX_add_session can run into
the same kind of problems. Does anything of this apply to your
application? If so, the next OpenSSL snapshot should solve the
problem; otherwise I haven't yet found the real cause of your problem.
> I submit the following patch, which has solved our SEGV problems:
The patch should work, but the list will be reordered each time a
session is reused.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
