On 15/02/16 21:25, Jouni Malinen wrote: > On Mon, Feb 15, 2016 at 10:52:27PM +0200, Jouni Malinen wrote: >> On Mon, Feb 15, 2016 at 07:04:20PM +0000, OpenSSL wrote: >>> OpenSSL version 1.1.0 pre release 3 (alpha) > >> It looks like something in pre release 3 has changed behavior in a way >> that results in SSL_CTX_new(SSLv23_method()) failing in some cases. I've >> never seen this with earlier releases. It looks like the error within >> SSL_CTX_new() is in EVP_get_digestbyname("ssl3-md5") returning NULL >> suddenly after a process has called SSL_CTX_new() and SSL_CTX_free() >> multiple times. > > Found the trigger.. When adding and removing a network interface, > wpa_supplicant ends up going through OpenSSL library init and deinit. > One part of that deinit is a call to EVP_cleanup(). Init on the other > hand is calling SSL_library_init(). The difference between pre release 2 > and 3 is in the SSL_library_init() call after EVP_cleanup() call not > adding back the needed digest registration. > > Is this change in OpenSSL behavior expected? Is it not allowed to call > EVP_cleanup() and then re-initialize OpenSSL digests with > SSL_library_init()?
Correct, you cannot reinit once you have deinit. > > I can "fix" this by removing the EVP_cleanup() call in wpa_supplicant, > but that does not sound like the best thing to do here since it was > needed to avoid leaving allocated memory behind during process deinit > (i.e., getting memory leak reports from valgrind). > > The way the ossl_init_ssl_base() function is "hidden" within > ssl_init.c, the application cannot even call it again, so other than > duplicating the contents of that function after that EVP_cleanup() call, > I don't see how this could be fixed cleanly without an OpenSSL change. > You should not need to explicitly init or deinit at all. Try removing all such calls. If you are getting memory leaks not caused by your application then that is a bug in OpenSSL. Matt -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev