On Thu, Jul 25, 2013, David Wilcox wrote: > Hi, > > We're dealing with PEM_read_PrivateKey crashing intermittently when we use it > in a multi-threaded environment. We have tried both PEM_read_PrivateKey and > PEM_bio_read_PrivateKey. Two environments that are exhibiting the behavior > are Mac OSX 10.7 and CentOs 4.4. Two environments that are NOT exhibiting the > problem are Ubuntu 12.04 and CentOs 6.2. We compiled on CentOs 4.4 and moved > the binary to CentOs 6.2 and the problem still happens. > > PEM_read_PrivateKey only crashes when we send it an invalid key. If the key > is valid, it will not crash on these environments. We attached the source > code we used to exhibit the problem here. > > Here are the libraries being linked in for the two different binaries: > > $ ldd ./crypto-broken > linux-vdso.so.1 => (0x00007fffcc461000) > libpthread.so.0 => /lib64/libpthread.so.0 (0x00000034e3200000) > libc.so.6 => /lib64/libc.so.6 (0x00000034e2e00000) > /lib64/ld-linux-x86-64.so.2 (0x00000034e2600000) > $ ldd ./crypto-works > linux-vdso.so.1 => (0x00007fff4d9df000) > libpthread.so.0 => /lib64/libpthread.so.0 (0x00000034e3200000) > libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00000034e4e00000) > libc.so.6 => /lib64/libc.so.6 (0x00000034e2e00000) > /lib64/ld-linux-x86-64.so.2 (0x00000034e2600000) > libdl.so.2 => /lib64/libdl.so.2 (0x00000034e2a00000) > libz.so.1 => /lib64/libz.so.1 (0x00000034e3a00000) > > On the Mac OSX 10.7 (doesn't work) > dawilcox-MacBookPro1:we dawilcox$ otool -L crypto > crypto: > /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version > 169.3.0) > /usr/lib/libcrypto.0.9.8.dylib (compatibility version 0.9.8, current version > 47.0.0) > > Are we doing something off-hand wrong? Is there a place where we can file a > bug? >
Well when the key is invalid an error is placed on the error queue. For multiple threads the locking callbacks must be set up correctly or it will cause problems. Did you set up the locking callbacks? Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
