sipwise
/
kamailio
mirror of https://github.com/sipwise/kamailio.git
1
0
Fork 0
Code Issues Releases Wiki Activity

TT#16684 Cleanup OpenSSL state properly on a threaded program

Browse Source 
With newer OpenSSL versions it seems a threaded application needs to
cleanup properly, otherwise the now automatic atexit() cleanup handler
will segfault when the pthread variables have been deallocated already
by the pthreads library.

Change-Id: I08ac91cf63b1a74c17a0bd70b40202a5baf7771f
changes/87/14687/2
Guillem Jover 9 years ago
parent 2c01279113
commit a7391e56fd
2 changed files with 39 additions and 0 deletions
Show Stats Download Patch File Download Diff File

1
debian/patches/series vendored
Unescape View File

@ -49,3 +49,4 @@ sipwise/tm-deep-cloning-of-the-request-for-fake-environment.patch
sipwise/core-parser-reset_path_vector-remove-check-for-msg-m.patch
sipwise/pv_trans_eval_uri.patch
sipwise/rtpengine-mos-stats.patch
sipwise/openssl-pthreads-cleanup.patch

38
debian/patches/sipwise/openssl-pthreads-cleanup.patch vendored
Unescape View File

@ -0,0 +1,38 @@
Description: Explicitly call OPENSSL_cleanup() on TLS module destruction
Kamailio is a threaded program, and it pulls OpenSSL via a dynamically
linked plugin loaded at run-time via dlopen().
.
Older OpenSSL releases do not perform automatic cleanup on exit, newer ones
do via an atexit() handler.
.
In addition the OpenSSL code leaks (on purpose) a DSO handler for itself so
that it can guarantee that the library is still present when the atexit()
handler is executed.
.
When the handler is called, a pthread variable is still present but the
memory it points to is not allocated anymore, which indicates something else
released those pthread memory pools. Most probably pthreads itself as part
of its deconstructors, pthread_exit() or atexit() handlers while unwinding
or being unloaded.
.
Explicitly calling the OpenSSL cleanup code fixes the issue for newer
OpenSSL releases, where this has been made visible. And the documentation
for OPENSSL_cleanup() mentions that explicit cleanup might be needed in
these conditions anyway.
Origin: other, Sipwise
Author: Guillem Jover <gjover@sipwise.com>
Bug-Debian: https://bugs.debian.org/870018
---
--- a/modules/tls/tls_init.c
+++ b/modules/tls/tls_init.c
@@ -778,4 +778,8 @@ void destroy_tls_h(void)
tls_destroy_cfg();
tls_destroy_locks();
tls_ct_wq_destroy();
+
+#if OPENSSL_VERSION_NUMBER >= 0x010100000L
+ OPENSSL_cleanup();
+#endif
}
Write Preview
Loading…
Cancel
Save