So my understanding from #34 and #35 is that this is an upstream OpenSSL
issue, that should be discussed with the OpenSSL people.
The feedback in #34 suggests that this problem can be solved by not
parsing the configuration file twice, I have not investigated that as of
yet.
The feedback in #35 suggests a solution for duplicate destruction
handling that requires an API change which is again a discussion best
had with OpenSSL upstream, and something that won't be applicable to
existing releases, only a future OpenSSL version that breaks API.
With regards to possible workarounds with the OpenSSL API as is:
1. I don't fully understand if we get two different ENGINE* pointers, if
that is the case, the PKA engine could work around this by avoid static
singletons and instead store all globals in a struct and do something
like
struct engine_private {
ENGINE *engine;
EVP_PKEY_METHOD *engine_pka_pmeth_X25519;
EVP_PKEY_METHOD *engine_pka_pmeth_X448;
EVP_PKEY_ASN1_METHOD *engine_pka_ameth_X25519;
EVP_PKEY_ASN1_METHOD *engine_pka_ameth_X448;
}
keeping a dynamic array or linked list of that, and then looking up the
one for the correct engine when we get asked to return by OpenSSL in
engine_pka_pkey_meths and engine_pka_X25519_keygen().
2. It might also be worth to see if those methods could be allocated
statically instead of using _new, from what I see, the deletion then
becomes a no-op, leaving only the variables in destroy() to worry about.
Since they are not really linked to the ENGINE AFAICT, it seems one
could implement a reference count for them.
3. There certainly are ways we could "hack" around the issue by setting
an external setting somewhere when retrieving the pmeth and ameth to say
that the value returned will be invalidated, currently openssl loops
over all pkey meths and does
if (e->pkey_meths(e, &pkm, NULL, pknids[i]))
{
EVP_PKEY_meth_free(pkm);
}
It could be hacked into something like
setenv("UBUNTU_PKEY_METH_TO_BE_INVALIDATED", "1");
if (e->pkey_meths(e, &pkm, NULL, pknids[i]))
{
unsetenv("UBUNTU_PKEY_METH_TO_BE_INVALIDATED");
EVP_PKEY_meth_free(pkm);
}
But this is arguably the worst of all possible workarounds.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1921518
Title:
OpenSSL "double free" error
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1921518/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
