Thanks all for responses. Andy::I will try appending your piece of code in the end of md_rand.c
---------------------------------------------------------------------- >I would like to see a minidump with heap for an instance of an >application crashing in this circumstance. I will require the source >code to the test application, the matching binary and symbols. How do we create a minidump ? ---------------------------------------------------------------------- >The applications that have experienced the problem that I am aware of >are services that either execute before other dependencies have started >OR have called OpenSSL from within DllMain(). Yes. Even in our case there is an executable (slbroker.exe) which calls a function within a DLL (logevent.dll). We are calling SSL_connect() from within the DLL function.... all SSL related work is done by the DLL only. The executable is a separate product which is using our DLL. ---------------------------------------------------------------------- >The important question is "where is the crash?" Is the crash occurring >within the CreateToolhelp32Snapshot function call? Yes. But to be precise, the DLL doesn't return from the SSL_connect() due to "snap(TH32CS_SNAPALL,0)". as a result, the EXE is crashing. ---------------------------------------------------------------------- >Your application can all RAND_add() and provide an alternate source of >random data. If there is sufficient random data available, RAND_poll() >will not be called. Ok. Lets say I call RAND_add() much before calling SSL_connect(), but how do I make sure there is sufficient amount of random data available ? I see there is a KERNEL code block in RAND_poll().... if(kernel) { ..... } Since we will already be having a lot of randomness with the seeding done by USER EVENTs... Would it not be okay if I totally comment out the KERNEL code block ? ---------------------------------------------------------------------- One more question... I am new to OpenSSL. Can someone suggest me what is the recommended way of debugging (or logging) through OpenSSL ? I made my own functions to log my debug statements in a file. But is there anything already available ? Thanks again for all the help. Regards, Shobhit On 10/7/07, Andy Polyakov <[EMAIL PROTECTED]> wrote: > > > We were using OpenSSL in our product, but lately after testing on Vista, > > our application was was crashing (only in Vista) in SSL_Connect(). (It > > worked fine in XP) > > > > After debugging through OpenSSL we found that within RAND_poll() it was > > crashing in a win32 api function snap(TH32CS_SNAPALL,0). > > ... > > Has anyone else faced such RAND_poll() related crash before ? > > There was another report about RAND_poll in Vista, but trouble is that > it's irreproducible in simple test applications. > > > Is there anyway I can bypass that RAND_poll() call (as described in the > > last paragraph of > > http://www.mail-archive.com/openssl-dev@openssl.org/msg18900.html). > > Can you test if below code makes your application work by appending it > to crypto/rand/md_rand.c? Idea here is to call RAND_poll from code which > is [believed to be] serialized by Windows. A. > > #if defined(_WIN32) > #if defined(__GNUC__) && __GNUC__>=2 > static int premain(void) __attribute__((constructor)); > #endif > static int premain(void) > { > if (!initialized) > { > RAND_poll(); > initialized = 1; > } > return 0; > } > #if defined(_MSC_VER) > # if defined(_WIN64) > # pragma section(".CRT$XCU",read) > __declspec(allocate(".CRT$XCU")) > # else > # pragma data_seg(".CRT$XCU") > # endif > static int (*p)(void) = premain; > # pragma data_seg() > #endif > #endif > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List openssl-dev@openssl.org > Automated List Manager [EMAIL PROTECTED] >