[openssl-dev] OPENSSL_cleanup new issue

Roumen Petrov openssl at roumenpetrov.info
Thu Mar 10 22:21:28 UTC 2016


Hello,

With new thread model in some configurations openssl hands on unload of 
engine.

Steps to reproduce:
1) after installation add following lines to openssl.cnf before section 
[ new_oids ]
#begin
openssl_conf = config

[ config ]
engines = engine_section

[ engine_section ]
engine1 = engine1_config

[ engine1_config ]
#engine_id = dasync
dynamic_path = ${ENV::OPENSSL_ENGINES}/dasync.so
#end

2) check for dasync engine
$ OPENSSL_ENGINES=/usr/local/openssl64/master/lib/engines 
/usr/local/openssl64/master/bin/openssl engine -c  dasync
(dasync) Dummy Async engine support
  [RSA, AES-128-CBC, AES-128-CBC-HMAC-SHA1, SHA1]


Program hang on library cleanup:
(gdb) bt
#0  0x00007f6b6ba7f4bc in __lll_lock_wait () from /lib64/libpthread.so.0
#1  0x00007f6b6ba7c5e1 in pthread_rwlock_wrlock () from 
/lib64/libpthread.so.0
#2  0x00007f6b6c03ace9 in CRYPTO_THREAD_write_lock (lock=<optimized 
out>) at crypto/threads_pthread.c:79
#3  0x00007f6b6bfbd813 in ENGINE_finish (e=0x1071ba0) at 
crypto/engine/eng_init.c:142
#4  0x00007f6b6bfbb9d8 in int_engine_module_finish (md=<optimized out>) 
at crypto/engine/eng_cnf.c:232
#5  0x00007f6b6bf627c6 in module_finish (imod=0x1071e80) at 
crypto/conf/conf_mod.c:445
#6  CONF_modules_finish () at crypto/conf/conf_mod.c:432
#7  0x00007f6b6bf62a39 in CONF_modules_free () at crypto/conf/conf_mod.c:465
#8  0x00007f6b6bfe047a in OPENSSL_cleanup () at crypto/init.c:477
#9  0x00007f6b6b6e1209 in __run_exit_handlers () from /lib64/libc.so.6
#10 0x00007f6b6b6e1255 in exit () from /lib64/libc.so.6
#11 0x000000000041cf5d in main (argc=<optimized out>, argv=<optimized 
out>) at apps/openssl.c:361
(gdb)


My build is based on commit 603358de576217812cb3d752e97c78e476cdc879 
-plus remaining modifications from issue "#4207 engine key format in 1.1"

Regards,
Roumen Petrov



Roumen Petrov wrote:
> Hello,
>
> I just finish tests with new initialization methods. Memory detection 
> tool report a number of memory leaks.
>
> Startup code is:
>     OPENSSL_init_crypto(
>         OPENSSL_INIT_ENGINE_ALL_BUILTIN |
>         OPENSSL_INIT_ADD_ALL_CIPHERS |
>         OPENSSL_INIT_ADD_ALL_DIGESTS |
>         OPENSSL_INIT_LOAD_CONFIG, NULL);
>
> Default configuration describes a cryptographic module :
> ------------------
> #[ default ]
> openssl_conf = config
>
> [ config ]
> engines = engine_section
>
> [ engine_section ]
> engine1 = engine_conf1
>
> [ engine_conf1 ]
> engine_id = foo
> ...
> ------------------
>
> At exit OPENSSL_cleanup is not enough.
> It seems to me call of ENGINE_cleanup() and CONF_modules_unload(1) 
> before cleanup suppress memory warnings.
>
>
> Another point - why OPENSSL_config duplicate name of configuration file?
>
>
> Regards,
> Roumen



More information about the openssl-dev mailing list