[openssl-dev] OpenSSL version 1.1.0 pre release 3 published

[Matt Caswell]

On 15/02/16 21:25, Jouni Malinen wrote:
> On Mon, Feb 15, 2016 at 10:52:27PM +0200, Jouni Malinen wrote:
>> On Mon, Feb 15, 2016 at 07:04:20PM +0000, OpenSSL wrote:
>>>    OpenSSL version 1.1.0 pre release 3 (alpha)
> 
>> It looks like something in pre release 3 has changed behavior in a way
>> that results in SSL_CTX_new(SSLv23_method()) failing in some cases. I've
>> never seen this with earlier releases. It looks like the error within
>> SSL_CTX_new() is in EVP_get_digestbyname("ssl3-md5") returning NULL
>> suddenly after a process has called SSL_CTX_new() and SSL_CTX_free()
>> multiple times.
> 
> Found the trigger.. When adding and removing a network interface,
> wpa_supplicant ends up going through OpenSSL library init and deinit.
> One part of that deinit is a call to EVP_cleanup(). Init on the other
> hand is calling SSL_library_init(). The difference between pre release 2
> and 3 is in the SSL_library_init() call after EVP_cleanup() call not
> adding back the needed digest registration.
> 
> Is this change in OpenSSL behavior expected? Is it not allowed to call
> EVP_cleanup() and then re-initialize OpenSSL digests with
> SSL_library_init()?

Correct, you cannot reinit once you have deinit.

> 
> I can "fix" this by removing the EVP_cleanup() call in wpa_supplicant,
> but that does not sound like the best thing to do here since it was
> needed to avoid leaving allocated memory behind during process deinit
> (i.e., getting memory leak reports from valgrind).
> 
> The way the ossl_init_ssl_base() function is "hidden" within
> ssl_init.c, the application cannot even call it again, so other than
> duplicating the contents of that function after that EVP_cleanup() call,
> I don't see how this could be fixed cleanly without an OpenSSL change.
> 

You should not need to explicitly init or deinit at all. Try removing
all such calls. If you are getting memory leaks not caused by your
application then that is a bug in OpenSSL.

Matt