[Date Prev][Date Next] [Chronological] [Thread] [Top]

Problem with TLS: threads and OpenSSL (ITS#1823)



Full_Name: Raimo Vuonnala
Version: 2.0.23
OS: 
URL: 
Submission from: (NULL) (192.100.124.218)


Hi,

While wondering why my multithreaded app in Win2000 did not work
correctly, I discovered the following problems in libraries/libldap/tls.c:


1. tls_init_threads() sets OpenSSL crypto locks although someone else has
   already set them. I would recommend to fix this as follows:
  
   static void tls_init_threads( void )
   {
        int i;

        ldap_pvt_thread_mutex_init( &tls_def_ctx_mutex );

        if (!CRYPTO_get_locking_callback()) {
          for( i=0; i< CRYPTO_NUM_LOCKS ; i++ ) {
                ldap_pvt_thread_mutex_init( &tls_mutexes[i] );
          }
          CRYPTO_set_locking_callback( tls_locking_cb );
          /* FIXME: the thread id should be added somehow... */
        }
  }


2. ldap_pvt_tls_init(): several threads can call tsl_init_thread().
   The following fix will prevent this:

   int
   ldap_pvt_tls_init( void )
   {
        static volatile int tls_initialized = 0;

   #ifdef LDAP_R_COMPILE
        if ( tls_initialized == 1) return 0;
        while (tls_initialized == -1)
          ldap_pvt_thread_yield();
        tls_initialized = -1;
        tls_init_threads();
   #else
        if ( tls_initialized ) return 0;
   #endif

        (void) tls_seed_PRNG( tls_opt_randfile );

        SSL_load_error_strings();
        SSLeay_add_ssl_algorithms();

        /* FIXME: mod_ssl does this */
        X509V3_add_standard_extensions();
        tls_initialized = 1;
        return 0;
  }


Best Regards
Raimo Vuonnala