Thanks all for responses.
Andy::I will try appending your piece of code in the end of md_rand.c
----------------------------------------------------------------------
>I would like to see a minidump with heap for an instance of an
>application crashing in this circumstance. I will require the source
>code to the test application, the matching binary and symbols.
How do we create a minidump ?
----------------------------------------------------------------------
>The applications that have experienced the problem that I am aware of
>are services that either execute before other dependencies have started
>OR have called OpenSSL from within DllMain().
Yes. Even in our case there is an executable (slbroker.exe) which calls a
function within a DLL (logevent.dll). We are calling SSL_connect() from
within the DLL function.... all SSL related work is done by the DLL only.
The executable is a separate product which is using our DLL.
----------------------------------------------------------------------
>The important question is "where is the crash?" Is the crash occurring
>within the CreateToolhelp32Snapshot function call?
Yes. But to be precise, the DLL doesn't return from the SSL_connect() due to
"snap(TH32CS_SNAPALL,0)".
as a result, the EXE is crashing.
----------------------------------------------------------------------
>Your application can all RAND_add() and provide an alternate source of
>random data. If there is sufficient random data available, RAND_poll()
>will not be called.
Ok. Lets say I call RAND_add() much before calling SSL_connect(), but how do
I make sure there is sufficient amount of random data available ?
I see there is a KERNEL code block in RAND_poll()....
if(kernel)
{
.....
}
Since we will already be having a lot of randomness with the seeding done by
USER EVENTs... Would it not be okay if I totally comment out the KERNEL
code block ?
----------------------------------------------------------------------
One more question...
I am new to OpenSSL. Can someone suggest me what is the recommended way of
debugging (or logging) through OpenSSL ?
I made my own functions to log my debug statements in a file. But is
there anything
already available ?
Thanks again for all the help.
Regards,
Shobhit
On 10/7/07, Andy Polyakov <[EMAIL PROTECTED]> wrote:
>
> > We were using OpenSSL in our product, but lately after testing on Vista,
> > our application was was crashing (only in Vista) in SSL_Connect(). (It
> > worked fine in XP)
> >
> > After debugging through OpenSSL we found that within RAND_poll() it was
> > crashing in a win32 api function snap(TH32CS_SNAPALL,0).
> > ...
> > Has anyone else faced such RAND_poll() related crash before ?
>
> There was another report about RAND_poll in Vista, but trouble is that
> it's irreproducible in simple test applications.
>
> > Is there anyway I can bypass that RAND_poll() call (as described in the
> > last paragraph of
> > http://www.mail-archive.com/openssl-dev@openssl.org/msg18900.html).
>
> Can you test if below code makes your application work by appending it
> to crypto/rand/md_rand.c? Idea here is to call RAND_poll from code which
> is [believed to be] serialized by Windows. A.
>
> #if defined(_WIN32)
> #if defined(__GNUC__) && __GNUC__>=2
> static int premain(void) __attribute__((constructor));
> #endif
> static int premain(void)
> {
> if (!initialized)
> {
> RAND_poll();
> initialized = 1;
> }
> return 0;
> }
> #if defined(_MSC_VER)
> # if defined(_WIN64)
> # pragma section(".CRT$XCU",read)
> __declspec(allocate(".CRT$XCU"))
> # else
> # pragma data_seg(".CRT$XCU")
> # endif
> static int (*p)(void) = premain;
> # pragma data_seg()
> #endif
> #endif
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> Development Mailing List openssl-dev@openssl.org
> Automated List Manager [EMAIL PROTECTED]
>
