This is a preliminary report, I've not yet completed the research into why this issue is occurring....
I appear to have found a pretty significant regression between OpenSSL 0.9.7l and OpenSSL 0.9.7m, at least on win32. Within an SSL_connect(), I'm getting a crash, but it tends to be after an hour or so of constant connects and disconnects to ssl2.vitalps.net:5003 ... Most likely an unhandled negotiation issue, some glitch on ssl2.vitalps.net ... Looking at the backtrace, it's crashing within X509_verify(), which is a very simple function, which just calls ASN1_item_verify(). Looking at the disassembly, it's actually crashing while restoring the stack pointer after the call to ASN1_item_verify(), so that seems to indicate something within ASN1_item_verify is smashing the stack.. Again, this is very preliminary, but I wanted to see if anyone else was having stability issues with 0.9.7m on windows. Looking at the diff between l and m, there doesn't appear to be any win32 specific changes, but I cannot reproduce any issues on Linux. The only real change that stands out between l and m is some of the DSA verify/sign reworking, I haven't yet reviewed that for potential issues though. Originally, I had upgraded to Visual Studio 2005 SP1 and OpenSSL 0.9.7m, but first backed off the SP1 patch for VS2005 thinking that it had caused the regression. It wasn't until after I backing off OpenSSL to 0.9.7l, that the issue went away. I'm much more comfortable debugging things in linux as I'm more familiar with the tools there (valgrind is great, along with gdb). I'm going to try to work on a test case to reproduce these issues so I can forward it on for evaluation, but would like some insight. My program which is crashing uses 10 threads which all connect to that address above simultaneously, both the ssl static locks are initialized as well as the dynamic ones (though dynamic seems to not be used in OpenSSL 0.9.7). Each SSL connection has it's own private SSL_CTX initialized at thread startup, no SSL structures are shared between them other than any underlying OpenSSL globals. I'm not sure if threading has anything to do with the crash or not, I'll try to evaluate from both standpoints. I'd much appreciate any insight you all can provide. Thanks. -Brad ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
