Re: SSL Hangs

Sun, 12 Mar 2000 13:56:32 -0800 

Hmmm....

I wonder if it be better then to try an earlier version of OpenSSL? I will
do the code hack but... if I comment out that code what ripple effect is
possible?  

I tried the various apache builds from 1.3.6 and up and still had the same
effect. I had been thinking it was the OpenSSL afterall, even tho I could
make certs. This kinda cinches it. I am using OpenSSL 0.9.5

I'll crosspost this to the openssl list tomorrow when I get to work. See if
anyone else has come across this issue.

My thanks.

-Rob

>Earlier this week I tracked down this problem with the browsers hanging
>(on Win32). It turns out to be something with locking. The problem
>occurs
>in ssl_engine_rand.c, in  function ssl_rand_seed(). At one point or
>another, that function calls RAND_seed() in the OpenSSL library. It in
>its turn locks a critical section, calling CRYPTO_lock(), which in it's
>turn calls the win32_locking_callback() function in ssl_util.c. The
>WaitForSingleObject(lock_cs[type], INFINITE) call in that function never
>return. That's why the browsers hang. The call to CRYPTO_lock that gives
>the problem is the one on line 202 in md_rand.c. Commenting out the
>WaitForSingleObject and it't release counterpart makes mod_ssl work just
>fine again.
>But don't ask me why the WaitForSingleObject doesn't return.
>WaitForSingleObject waits until it can lock the mutex. The only reason
>why it wouldn't be able to lock it, is because someone else has a lock
>on it. But in that case someone must have locked the mutex without the
>win32_locking_callback(), otherwise it would have shown up in my trace.
>The win32_locking_callback() acquires and properly releases the lock
>many times prior to the moment when it no longer returns. 
>Another possibility, although I don't really see how, is that it would
>be a threading problem.
>
>Regards,
>Jan Dries
>______________________________________________________________________
>Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
>User Support Mailing List                      [EMAIL PROTECTED]
>Automated List Manager                            [EMAIL PROTECTED]
>
>

______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to