submiting as a bug .... (read the whole email ...)
Louis Solomon
www.SteelBytes.com
----- Original Message -----
From: "Louis Solomon [SteelBytes]" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, December 01, 2002 2:10 PM
Subject: Re: is SSL_CTX_new() thread safe (on win32) ?
> ok,
> here's the cause I think ...
>
> SSL_CTX_new(...)
> {
> ...
> ssl_create_cipher_list(...)
> ...
> }
>
> static int init_ciphers=1;
>
> ssl_create_cipher_list(...)
> {
> ...
> if (init_ciphers) load_ciphers();
> ...
> ssl_cipher_get_disabled()
> ...
> }
>
> load_ciphers()
> {
> init_ciphers = 0;
> ... // mark_1
> init ssl_cipher_methods[]
> ...
> }
>
> ssl_cipher_get_disabled()
> {
> ...
> use ssl_cipher_methods[] // mark_2
> ...
> }
>
> consider this:
> thread_1 calls SSL_CTX_new() and reaches mark_1
> a context switch happens (thread_1 stalls, and thread_2 becomes
active)
> thread_2 calls SSL_CTX_new() and reaches mark_2
>
> thread_2 will be trying to read from ssl_cipher_methods which is
> uninitialised !!
>
> any one care to fix the 0.9.7 beta ? (or 0.9.6g)
>
> Louis Solomon
> www.SteelBytes.com
>
>
> ----- Original Message -----
> From: "Louis Solomon [SteelBytes]" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Saturday, November 30, 2002 10:30 PM
> Subject: Re: is SSL_CTX_new() thread safe (on win32) ?
>
>
> > I just tested with 0.9.7 beta 4, and it still happens.
> >
> > any ideas ?
> >
> > Louis Solomon
> > www.SteelBytes.com
> >
> >
> > ----- Original Message -----
> > From: "Louis Solomon [SteelBytes]" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Tuesday, November 26, 2002 4:10 PM
> > Subject: Re: is SSL_CTX_new() thread safe (on win32) ?
> >
> >
> > > whoops :-) there was a typo in the url, it should be
> > > http://www.steelbytes.com/temp/openssl_bug_test.zip
> > >
> > > Louis Solomon
> > > www.SteelBytes.com
> > >
> > >
> > > ----- Original Message -----
> > > From: "Louis Solomon [SteelBytes]" <[EMAIL PROTECTED]>
> > > To: <[EMAIL PROTECTED]>
> > > Sent: Monday, November 25, 2002 12:29 PM
> > > Subject: is SSL_CTX_new() thread safe (on win32) ?
> > >
> > >
> > > > When running this test program I wrote, I _sometimes_ get
> > > > an error return by SSL_CTX_new(). The error msg is:
> > > > "SSL routines:SSL_CTX_new:library has no ciphers"
> > > >
> > > > Louis Solomon
> > > > [EMAIL PROTECTED]
> > > >
> > > > source and binaries of test program avail from:
> > > > http://www.steeelbytes.com/temp/openssl_bug_test.zip
> > > >
> > > > openssl versions tested with:
> > > > 0.9.6g compiled by me (src from openssl.org)
> > > > 0.9.6g binaries from bsdftpd-ssl.sc.ru
> > > > 0.9.6d binaries from mod-ssl.org
> > > > test enviroment:
> > > > winxp pro sp1
> > > > dual P3 733Mhz + 768MB ram
> > > > compiler:
> > > > visual studio .net
> > > >
> > > > pseudo code:
> > > > main_thread()
> > > > {
> > > > init ssl (dyanmically linked with LoadLibrary and
> > GetProcAddress)
> > > > success = 0;
> > > > create a heap of worker threads
> > > > wait for work threads
> > > > clean up ssl
> > > > if (success!=num_threads)
> > > > show error
> > > > else
> > > > show success
> > > > }
> > > > worker_thread()
> > > > {
> > > > ssl_meth = SSLv23_method();
> > > > ssl_ctx = SSL_CTX_new(ssl_meth);
> > > > if (ssl_ctx!=NULL)
> > > > {
> > > > SSL_CTX_free(ssl_ctx);
> > > > success++;
> > > > }
> > > > else
> > > > {
> > > > log ssl error to debug output
> > > > }
> > > > }
> > > >
______________________________________________________________________
> > > > OpenSSL Project
http://www.openssl.org
> > > > User Support Mailing List
[EMAIL PROTECTED]
> > > > Automated List Manager
[EMAIL PROTECTED]
> > ______________________________________________________________________
> > OpenSSL Project http://www.openssl.org
> > User Support Mailing List [EMAIL PROTECTED]
> > Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
