Hello,
With new thread model in some configurations openssl hands on unload of
engine.
Steps to reproduce:
1) after installation add following lines to openssl.cnf before section
[ new_oids ]
#begin
openssl_conf = config
[ config ]
engines = engine_section
[ engine_section ]
engine1 = engine1_config
[ engine1_config ]
#engine_id = dasync
dynamic_path = ${ENV::OPENSSL_ENGINES}/dasync.so
#end
2) check for dasync engine
$ OPENSSL_ENGINES=/usr/local/openssl64/master/lib/engines
/usr/local/openssl64/master/bin/openssl engine -c dasync
(dasync) Dummy Async engine support
[RSA, AES-128-CBC, AES-128-CBC-HMAC-SHA1, SHA1]
Program hang on library cleanup:
(gdb) bt
#0 0x00007f6b6ba7f4bc in __lll_lock_wait () from /lib64/libpthread.so.0
#1 0x00007f6b6ba7c5e1 in pthread_rwlock_wrlock () from
/lib64/libpthread.so.0
#2 0x00007f6b6c03ace9 in CRYPTO_THREAD_write_lock (lock=<optimized
out>) at crypto/threads_pthread.c:79
#3 0x00007f6b6bfbd813 in ENGINE_finish (e=0x1071ba0) at
crypto/engine/eng_init.c:142
#4 0x00007f6b6bfbb9d8 in int_engine_module_finish (md=<optimized out>)
at crypto/engine/eng_cnf.c:232
#5 0x00007f6b6bf627c6 in module_finish (imod=0x1071e80) at
crypto/conf/conf_mod.c:445
#6 CONF_modules_finish () at crypto/conf/conf_mod.c:432
#7 0x00007f6b6bf62a39 in CONF_modules_free () at crypto/conf/conf_mod.c:465
#8 0x00007f6b6bfe047a in OPENSSL_cleanup () at crypto/init.c:477
#9 0x00007f6b6b6e1209 in __run_exit_handlers () from /lib64/libc.so.6
#10 0x00007f6b6b6e1255 in exit () from /lib64/libc.so.6
#11 0x000000000041cf5d in main (argc=<optimized out>, argv=<optimized
out>) at apps/openssl.c:361
(gdb)
My build is based on commit 603358de576217812cb3d752e97c78e476cdc879
-plus remaining modifications from issue "#4207 engine key format in 1.1"
Regards,
Roumen Petrov
Roumen Petrov wrote:
Hello,
I just finish tests with new initialization methods. Memory detection
tool report a number of memory leaks.
Startup code is:
OPENSSL_init_crypto(
OPENSSL_INIT_ENGINE_ALL_BUILTIN |
OPENSSL_INIT_ADD_ALL_CIPHERS |
OPENSSL_INIT_ADD_ALL_DIGESTS |
OPENSSL_INIT_LOAD_CONFIG, NULL);
Default configuration describes a cryptographic module :
------------------
#[ default ]
openssl_conf = config
[ config ]
engines = engine_section
[ engine_section ]
engine1 = engine_conf1
[ engine_conf1 ]
engine_id = foo
...
------------------
At exit OPENSSL_cleanup is not enough.
It seems to me call of ENGINE_cleanup() and CONF_modules_unload(1)
before cleanup suppress memory warnings.
Another point - why OPENSSL_config duplicate name of configuration file?
Regards,
Roumen
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev