Greetings back,
I have now found in another bug report that there might have been problems
if the CRYPTO***callback functions are not set.
(At first I was looking for "SSL key" reports - Than I was looking for
"thread")
http://www.openssl.org/docs/crypto/threads.html
gSOAP has suggested to set these for WebServices but I think now that I should
use
these also for the requestor side.
I will test this (as far as possible). Maybe that's it.
Thanks,
Christiane Kaempfe
-----Original Message-----
From: The default queue via RT [mailto:[email protected]]
Sent: Tuesday, May 22, 2012 2:01 PM
To: Kämpfe, Christiane
Subject: [openssl.org #2824] AutoReply: Bug ? - Not Thread-safety for SSL Key
usage im requests ?
Greetings,
This message has been automatically generated in response to the
creation of a trouble ticket regarding:
"Bug ? - Not Thread-safety for SSL Key usage im requests ?",
a summary of which appears below.
There is no need to reply to this message right now. Your ticket has been
assigned an ID of [openssl.org #2824].
Please include the string:
[openssl.org #2824]
in the subject line of all future correspondence about this issue. To do so,
you may reply to this message.
Thank you,
[email protected]
-------------------------------------------------------------------------
Hello,
We have here a programm which sends multithreaded requests to a lot of
addresses using SSL Context with ONE SSL-Keyfile for all requests.
The SOAP requests are send via gSOAP 2.7.9 functions which uses OpenSSL calls.
We test on different LINUX OS where OpenSSL from minimumversion 0.9.8
is available.
The more addresses we call the oftener we get now core dumps in OpenSSL.
Sample
Program terminated with signal 6, Aborted.
#0 0xffffe410 in __kernel_vsyscall ()
(gdb) #0 0xffffe410 in __kernel_vsyscall ()
#1 0xf6c98a30 in raise () from /lib/libc.so.6
#2 0xf6c9a153 in abort () from /lib/libc.so.6
#3 0xf6cce08b in __libc_message () from /lib/libc.so.6
#4 0xf6cd3a51 in malloc_printerr () from /lib/libc.so.6
#5 0xf6cd5224 in free () from /lib/libc.so.6
#6 0xf71eb1ad in CRYPTO_free ()
for a 0.9.8a OpenSSL on a SUSE10
The test calls without SSL-Key usage but https://*** do not crash.
Is this a known effect - can something be done (circumvented)
hopefully
--
Christiane Kämpfe
[email protected]<mailto:[email protected]>
FTS PDG SV SW 4 Telephone: +49 (0) 89 3222 2298
FUJITSU TECHNOLOGY SOLUTIONS GMBH
Domagkstr. 28
D-80807 Munic
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
