Hi, I think that there's a race with OpenSSL-0.9.8 updating the new, post-0.9.7 shared mt_blinding object on a multithreaded (MySQL-4.1 for instance) environment.
The proposed solution is to use an exclusive write lock while invert()ing the blinding process. This guarrantees that the update of the blinding object doesn't affect other concurrent threads, because the inverting factor is being saved with the read lock held on the forward direction. diff -r -u openssl-0.9.8.orig/crypto/rsa/rsa_eay.c openssl-0.9.8.patched/crypto/rsa/rsa_eay.c --- openssl-0.9.8.orig/crypto/rsa/rsa_eay.c 2005-05-28 17:49:09.000000000 -0300 +++ openssl-0.9.8.patched/crypto/rsa/rsa_eay.c 2005-09-21 18:33:20.573120000 -0300 @@ -283,9 +283,9 @@ else { int ret; - CRYPTO_w_lock(CRYPTO_LOCK_RSA_BLINDING); + CRYPTO_r_lock(CRYPTO_LOCK_RSA_BLINDING); ret = BN_BLINDING_convert_ex(f, r, b, ctx); - CRYPTO_w_unlock(CRYPTO_LOCK_RSA_BLINDING); + CRYPTO_r_unlock(CRYPTO_LOCK_RSA_BLINDING); return ret; } } @@ -298,9 +298,9 @@ else { int ret; - CRYPTO_r_lock(CRYPTO_LOCK_RSA_BLINDING); + CRYPTO_w_lock(CRYPTO_LOCK_RSA_BLINDING); ret = BN_BLINDING_invert_ex(f, r, b, ctx); - CRYPTO_r_unlock(CRYPTO_LOCK_RSA_BLINDING); + CRYPTO_w_unlock(CRYPTO_LOCK_RSA_BLINDING); return ret; } } Leandro. ps: tested on Solaris 9 sparc. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]