Re: [openssl.org #2745] Fwd: GOST engine memory problems
Greetings! It seems to be not enough. openssl is built with shared option the config is openssl_conf = openssl_def [openssl_def] engines = engine_section [engine_section] gost = gost_section [gost_section] engine_id = gost default_algorithms = ALL CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet The cmd is $ echo test | ./openssl dgst -md_gost94 -engine gost with OPENSSL_DEBUG_MEMORY=on we get the output === (stdin)= f11da04312cafd27ce157eb685862f70b78e62552d792e57624184a87230de90 [15:48:36] 3231 file=buffer.c, line=194, thread=3082786444, number=9, address=0A02CA88 [15:48:36] 3227 file=buffer.c, line=194, thread=3082786444, number=16, address=0A02C900 [15:48:36] 3237 file=pmeth_lib.c, line=202, thread=3082786444, number=108, address=0A02CD58 [15:48:36] 3232 file=ameth_lib.c, line=290, thread=3082786444, number=96, address=0A02CAD0 [15:48:36] 3233 file=buffer.c, line=194, thread=3082786444, number=18, address=0A02CB70 [15:48:36] 3226 file=ameth_lib.c, line=290, thread=3082786444, number=96, address=0A02C898 [15:48:36] 3229 file=ameth_lib.c, line=290, thread=3082786444, number=96, address=0A02C998 [15:48:36] 3230 file=buffer.c, line=194, thread=3082786444, number=18, address=0A02CA38 [15:48:36] 3236 file=pmeth_lib.c, line=202, thread=3082786444, number=108, address=0A02CCB0 [15:48:36] 3235 file=pmeth_lib.c, line=202, thread=3082786444, number=108, address=0A02CC08 [15:48:36] 3228 file=buffer.c, line=194, thread=3082786444, number=7, address=0A02C950 [15:48:36] 3234 file=buffer.c, line=194, thread=3082786444, number=9, address=0A02CBC0 689 bytes leaked in 12 chunks === Thank you! On Sat, Sep 1, 2012 at 5:06 PM, Stephen Henson via RT r...@openssl.org wrote: I've finally had time to look into this. Please see if this fixes the issue: http://cvs.openssl.org/chngview?cn=22789 Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org -- SY, Dmitry Belyavsky __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2745] Fwd: GOST engine memory problems
Greetings! It seems to be not enough. openssl is built with shared option the config is openssl_conf = openssl_def [openssl_def] engines = engine_section [engine_section] gost = gost_section [gost_section] engine_id = gost default_algorithms = ALL CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet The cmd is $ echo test | ./openssl dgst -md_gost94 -engine gost with OPENSSL_DEBUG_MEMORY=on we get the output === (stdin)= f11da04312cafd27ce157eb685862f70b78e62552d792e57624184a87230de90 [15:48:36] 3231 file=buffer.c, line=194, thread=3082786444, number=9, address=0A02CA88 [15:48:36] 3227 file=buffer.c, line=194, thread=3082786444, number=16, address=0A02C900 [15:48:36] 3237 file=pmeth_lib.c, line=202, thread=3082786444, number=108, address=0A02CD58 [15:48:36] 3232 file=ameth_lib.c, line=290, thread=3082786444, number=96, address=0A02CAD0 [15:48:36] 3233 file=buffer.c, line=194, thread=3082786444, number=18, address=0A02CB70 [15:48:36] 3226 file=ameth_lib.c, line=290, thread=3082786444, number=96, address=0A02C898 [15:48:36] 3229 file=ameth_lib.c, line=290, thread=3082786444, number=96, address=0A02C998 [15:48:36] 3230 file=buffer.c, line=194, thread=3082786444, number=18, address=0A02CA38 [15:48:36] 3236 file=pmeth_lib.c, line=202, thread=3082786444, number=108, address=0A02CCB0 [15:48:36] 3235 file=pmeth_lib.c, line=202, thread=3082786444, number=108, address=0A02CC08 [15:48:36] 3228 file=buffer.c, line=194, thread=3082786444, number=7, address=0A02C950 [15:48:36] 3234 file=buffer.c, line=194, thread=3082786444, number=9, address=0A02CBC0 689 bytes leaked in 12 chunks === Thank you! On Sat, Sep 1, 2012 at 5:06 PM, Stephen Henson via RT r...@openssl.org wrote: I've finally had time to look into this. Please see if this fixes the issue: http://cvs.openssl.org/chngview?cn=22789 Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org -- SY, Dmitry Belyavsky __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2745] Fwd: GOST engine memory problems
Stephen Henson via RT wrote: I've finally had time to look into this. Please see if this fixes the issue: May be is not related, but this engine lack call of ENGINE_register_pkey_asn1_meths . It seems to me without this registration initialization is different . If engine configuration is with init =1 gost_pkey_asn1_meths is not called. http://cvs.openssl.org/chngview?cn=22789 Probably issue is only in static build. After above correction pmeth_GostR3410_94 is used as flag to prevent double initialization. Openssl 1.0.1 versions call internally ENGINE_register_all_complete. Since 1.0.1* is binary compatible to 1.0.0* how to detect that engine initialization is finished ?I would like to avoid extra call to ENGINE_register_all_complete. Steve. Roumen __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2745] Fwd: GOST engine memory problems
Stephen Henson via RT wrote: I've finally had time to look into this. Please see if this fixes the issue: May be is not related, but this engine lack call of ENGINE_register_pkey_asn1_meths . It seems to me without this registration initialization is different . If engine configuration is with init =1 gost_pkey_asn1_meths is not called. http://cvs.openssl.org/chngview?cn=22789 Probably issue is only in static build. After above correction pmeth_GostR3410_94 is used as flag to prevent double initialization. Openssl 1.0.1 versions call internally ENGINE_register_all_complete. Since 1.0.1* is binary compatible to 1.0.0* how to detect that engine initialization is finished ?I would like to avoid extra call to ENGINE_register_all_complete. Steve. Roumen __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2745] Fwd: GOST engine memory problems
Greetings! If I implement the patch you describe would it be accepted? On Wed, Feb 29, 2012 at 10:29 PM, Stephen Henson via RT r...@openssl.org wrote: I think the best way to deal with this is to cope attempts to load the ENGINE multiple times. This could be treated as a hard error or just returning a copy of the already loaded ENGINE. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org -- SY, Dmitry Belyavsky __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2745] Fwd: GOST engine memory problems
Greetings! If I implement the patch you describe would it be accepted? On Wed, Feb 29, 2012 at 10:29 PM, Stephen Henson via RT r...@openssl.org wrote: I think the best way to deal with this is to cope attempts to load the ENGINE multiple times. This could be treated as a hard error or just returning a copy of the already loaded ENGINE. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org -- SY, Dmitry Belyavsky __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2745] Fwd: GOST engine memory problems
Greetings! I see, thank you! What about #2744? On Wed, Feb 29, 2012 at 10:56 PM, Stephen Henson via RT r...@openssl.org wrote: [beld...@gmail.com - Wed Feb 29 19:41:11 2012]: Greetings! If I implement the patch you describe would it be accepted? Yes. One way is to check with ENGINE_by_id to see if the GOST ENGINE already exists. The call to ENGINE_add will also fail but that's rather too late. Alternatively check to see if any of the static structures have already been initialised. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org -- SY, Dmitry Belyavsky __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl.org #2745] Fwd: GOST engine memory problems
Greetings! I see, thank you! What about #2744? On Wed, Feb 29, 2012 at 10:56 PM, Stephen Henson via RT r...@openssl.org wrote: [beld...@gmail.com - Wed Feb 29 19:41:11 2012]: Greetings! If I implement the patch you describe would it be accepted? Yes. One way is to check with ENGINE_by_id to see if the GOST ENGINE already exists. The call to ENGINE_add will also fail but that's rather too late. Alternatively check to see if any of the static structures have already been initialised. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org -- SY, Dmitry Belyavsky __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org