OpenSSL_add_all_digests can be called by multiple threads concurrently #20
Labels
Milestone
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
OpenSSL_add_all_digests is not thread safe, and in fact it only needs to be called once. But if gridsite is being used in a multithreaded situation OpenSSL_add_all_digests() can be called by separate threads concurrently, e.g. via GRSTx509VerifySig() in grst_canl_x509.c
For example this crash is suspected to be caused because of this:
#0 0x00007f0c4fadd625 in raise () from /lib64/libc.so.6
#1 0x00007f0c4fadee05 in abort () from /lib64/libc.so.6
#2 0x00007f0c4fb1b537 in __libc_message () from /lib64/libc.so.6
#3 0x00007f0c4fb20e66 in malloc_printerr () from /lib64/libc.so.6
#4 0x00007f0c46132d5d in CRYPTO_free () from /usr/lib64/libcrypto.so.10
#5 0x00007f0c46135dc2 in OBJ_NAME_add () from /usr/lib64/libcrypto.so.10
#6 0x00007f0c461bd030 in OpenSSL_add_all_digests () from /usr/lib64/libcrypto.so.10
#7 0x00007f0c4291bc35 in ?? () from /usr/lib64/libgridsite.so.2
#8 0x00007f0c4291e3f7 in ?? () from /usr/lib64/libgridsite.so.2
#9 0x00007f0c4291eba9 in GRSTx509ChainLoad () from /usr/lib64/libgridsite.so.2
#10 0x00007f0c416c9b7a in GRST_callback_SSLVerify_wrapper () from /usr/lib64/httpd/modules/mod_gridsite.so
#11 0x00007f0c461e7ef8 in X509_verify_cert () from /usr/lib64/libcrypto.so.10
[...]
(Seen with gridsite 2.2.5).
The text was updated successfully, but these errors were encountered: