[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

Richard Levitte levitte at openssl.org
Tue Nov 15 00:28:45 UTC 2016 

The branch OpenSSL_1_1_0-stable has been updated
       via  20b53c3efedd192c5a4050bfd44d317e5d802d2e (commit)
       via  f56c786769e13bb06e9855cd426e74a1c9eea3a1 (commit)
      from  dd512a93902379364276588deb30ba03bf7f3b2d (commit)


- Log -----------------------------------------------------------------
commit 20b53c3efedd192c5a4050bfd44d317e5d802d2e
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Nov 15 00:58:51 2016 +0100

    Add a warning stipulating how things should be coded in ossl_init_base
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/1922)
    (cherry picked from commit 8aa9cf7e655ae1e41f283fbf16dcc810970058a0)

commit f56c786769e13bb06e9855cd426e74a1c9eea3a1
Author: Richard Levitte <levitte at openssl.org>
Date:   Mon Nov 14 23:53:45 2016 +0100

    Stop init loops
    
    Under certain circumstances, the libcrypto init code would loop,
    causing a deadlock.  This would typically happen if something in
    ossl_init_base() caused an OpenSSL error, and the error stack routines
    would recurse into the init code before the flag that ossl_init_base()
    had been run was checked.
    
    This change makes sure ossl_init_base isn't run once more of the base
    is initiated.
    
    Thanks to Dmitry Kostjuchenko for the idea.
    
    Fixes Github issue #1899
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/1922)
    (cherry picked from commit b7a7f39afeb4748b4c25dbccb8951711b8b70eaf)

-----------------------------------------------------------------------

Summary of changes:
 crypto/init.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/crypto/init.c b/crypto/init.c
index 411e2d8..c730e38 100644
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -79,6 +79,13 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_base)
     if ((init_lock = CRYPTO_THREAD_lock_new()) == NULL)
         return 0;
     OPENSSL_cpuid_setup();
+
+    /*
+     * BIG FAT WARNING!
+     * Everything needed to be initialized in this function before threads
+     * come along MUST happen before base_inited is set to 1, or we will
+     * see race conditions.
+     */
     base_inited = 1;
 
 #if !defined(OPENSSL_NO_DSO) && !defined(OPENSSL_USE_NODELETE)
@@ -503,7 +510,7 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
         return 0;
     }
 
-    if (!RUN_ONCE(&base, ossl_init_base))
+    if (!base_inited && !RUN_ONCE(&base, ossl_init_base))
         return 0;
 
     if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS)

More information about the openssl-commits mailing list