[openssl.org #381] [PATCH] for openssl-0.9.7-beta4 to fix some bugs in the chil engine code (hw_ncipher.c)

Wed, 04 Dec 2002 16:19:28 -0800 

[[EMAIL PROTECTED] - Wed Dec  4 12:08:18 2002]:

> Whilst conducting some testing with OpenSSL 0.9.7beta4 and the nCipher
> chil plugin, I observed the following issues:
> 
> 1. Lack of threadsafety if app fails to support new OpenSSL dynamic
>    locks
> 
> At the moment hw_ncipher.c uses the new OpenSSL dynamic lock code
>    inorder
> to implement the hwcrhk locking upcalls. However if the OpenSSL
>    application
> fails to implement the dynamic upcalls, i.e.
> CRYPTO_get_dynlock_create_callback() returns NULL, then the hwcrhk
>    engine
> code becomes non threadsafe.

Hmm, that's a good point.  However, your solution is not the way to go. 
If you take a look at 0.9.8-dev, you'll see that the engines
increasingly become some kind of external module.  Therefore, it's not a
good idea to fool the programmers into thinking they can rely on OpenSSL
having the proper static lock for the available engines.

However, if we can do a good enough assertion (which will not abort(),
just make the engine not load), I can see us doing that.  Care to help
in that direction?  It'll probably involve using
CRYPTO_get_locking_callback() to see if the application provided any
threading support.  If it does that, but hasn't provided any support for
dynamic locks, it's bye-bye engine...  Sounds reasonable enough?

> 2. Missing emsg in call to p_hwcrhk_ModExpCRT() in hw_ncipher.c

Applied and committed.  Thanks.

> 3. hwcrhk_log_message() in hw_ncipher.c
> 
> This fails to write a newline character to the logstream after each
> log message. So for instance setting debug in s_client produces:

I applied and committed a patch that uses BIO_printf().

> 4. hwcrhk_insert_card() in hw_ncipher.c
[...]
> int UI_dup_info_string(UI *ui, const char *text)
>       {
>       char *text_copy=NULL;
> 
>       if (text)
>               {
>               text_copy=BUF_strdup(text);
>               if (text_copy == NULL)
>                       {
>                       UIerr(UI_F_UI_DUP_INFO_STRING,ERR_R_MALLOC_FAILURE);
>                       return -1;
>                       }
>               }
> 
>       return general_allocate_string(ui, text_copy, 1, UIT_INFO, 0, NULL,
>               0, 0, NULL);
>       }

Actually, the error was deep down in general_allocate_prompt(), which
should have checked type.  Patched and committed...

> I hope that this mail is helpful,

Very much so.  Thanks!

-- 
Richard Levitte
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to