We have hit a deadlock when using openssl 1.0.1e with fips module 2.0.1 on a RHEL 6.1 platform. An inspection of the code shows that ssleay_rand_bytes () tries to get CRYPTO_LOCK_RAND , the same lock which was already acquired in fips_drbg_bytes (). The error happens only when using the FIPS mode.
Below is the backtrace: Thread 6 (Thread 0x7f82f35fe700 (LWP 30204)): #0 0x00007f835aaff1a4 in __lll_lock_wait () from /lib64/libpthread.so.0 #1 0x00007f835aafa410 in _L_lock_863 () from /lib64/libpthread.so.0 #2 0x00007f835aafa2db in pthread_mutex_lock () from /lib64/libpthread.so.0 #3 0x00007f835be65453 in ssleay_rand_bytes () from /usr/lib64/libcrypto.so.10 #4 0x00007f835be66034 in drbg_get_entropy () from /usr/lib64/libcrypto.so.10 #5 0x00007f835bdd4c4b in fips_get_entropy () from /usr/lib64/libcrypto.so.10 #6 0x00007f835bdd5021 in drbg_reseed () from /usr/lib64/libcrypto.so.10 #7 0x00007f835bdd52dc in FIPS_drbg_generate () from /usr/lib64/libcrypto.so.10 #8 0x00007f835bdda8c4 in fips_drbg_bytes () from /usr/lib64/libcrypto.so.10 #9 0x00007f835bdda9a9 in fips_drbg_pseudo () from /usr/lib64/libcrypto.so.10 #10 0x00007f835c19078a in ssl3_send_newsession_ticket () from /usr/lib64/libssl.so.10 #11 0x00007f835c1953c0 in ssl3_accept () from /usr/lib64/libssl.so.10 #12 0x00007f835d3d0d6a in sslHandshake () from /home/[email protected]/workspace_IMA13b/server_ship/lib/libismtransport.so #13 0x00007f835d3d275a in ism_tcp_ioProcessorThreadProc () from /home/[email protected]/workspace_IMA13b/server_ship/lib/libismtransport.so #14 0x00007f835d5f2f93 in ism_run_thread () from /home/[email protected]/workspace_IMA13b/server_ship/lib/libismutil.so #15 0x00007f835aaf8853 in start_thread () from /lib64/libpthread.so.0 #16 0x00007f835a8469cd in clone () from /lib64/libc.so.6 Thread 5 (Thread 0x7f82f2bfd700 (LWP 30205)): #0 0x00007f835aaff1a4 in __lll_lock_wait () from /lib64/libpthread.so.0 #1 0x00007f835aafa410 in _L_lock_863 () from /lib64/libpthread.so.0 #2 0x00007f835aafa2db in pthread_mutex_lock () from /lib64/libpthread.so.0 #3 0x00007f835be64fb4 in ssleay_rand_add () from /usr/lib64/libcrypto.so.10 #4 0x00007f835be65f0e in drbg_rand_add () from /usr/lib64/libcrypto.so.10 #5 0x00007f835c1a39df in ssl23_accept () from /usr/lib64/libssl.so.1 Janani Janakiraman, Linux Technology Center, IBM, Austin ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
