[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Problem with TLS: threads and OpenSSL (ITS#1823)
Full_Name: Raimo Vuonnala
Version: 2.0.23
OS:
URL:
Submission from: (NULL) (192.100.124.218)
Hi,
While wondering why my multithreaded app in Win2000 did not work
correctly, I discovered the following problems in libraries/libldap/tls.c:
1. tls_init_threads() sets OpenSSL crypto locks although someone else has
already set them. I would recommend to fix this as follows:
static void tls_init_threads( void )
{
int i;
ldap_pvt_thread_mutex_init( &tls_def_ctx_mutex );
if (!CRYPTO_get_locking_callback()) {
for( i=0; i< CRYPTO_NUM_LOCKS ; i++ ) {
ldap_pvt_thread_mutex_init( &tls_mutexes[i] );
}
CRYPTO_set_locking_callback( tls_locking_cb );
/* FIXME: the thread id should be added somehow... */
}
}
2. ldap_pvt_tls_init(): several threads can call tsl_init_thread().
The following fix will prevent this:
int
ldap_pvt_tls_init( void )
{
static volatile int tls_initialized = 0;
#ifdef LDAP_R_COMPILE
if ( tls_initialized == 1) return 0;
while (tls_initialized == -1)
ldap_pvt_thread_yield();
tls_initialized = -1;
tls_init_threads();
#else
if ( tls_initialized ) return 0;
#endif
(void) tls_seed_PRNG( tls_opt_randfile );
SSL_load_error_strings();
SSLeay_add_ssl_algorithms();
/* FIXME: mod_ssl does this */
X509V3_add_standard_extensions();
tls_initialized = 1;
return 0;
}
Best Regards
Raimo Vuonnala