[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: race condition in -lldap/openssl??



On Thu, 7 Feb 2002, Howard Chu wrote:

> This is most likely a bug in OpenSSL 0.9.6b, you should try again with
> OpenSSL 0.9.6c before chasing this any further. The CHANGES file for 0.9.6c
> specifically mentions some race conditions that are fixed since the 'b'
> version.
> 
>   -- Howard Chu


I installed OpenSSL 0.9.6c (provides libssl.so.3 and libcrypto.so.3),
rebuilt OpenLDAP and nss/pam_ldap, and OpenSSH, same problem:

# ldd /lib/security/pam_ldap.so | egrep '(libssl|libcrypto)'
        libssl.so.3 => /lib/libssl.so.3 (0x40098000)
        libcrypto.so.3 => /lib/libcrypto.so.3 (0x400c6000)

# ldd /usr/lib/libldap.so.2 | egrep '(libssl|libcrypto)'
        libssl.so.3 => /lib/libssl.so.3 (0x400aa000)
        libcrypto.so.3 => /lib/libcrypto.so.3 (0x400d9000)

I saw the problem, and re-added my debug to tls.c (in openldap).

Not bogged down produces:

Feb  7 10:33:25 mooru sshd[25101]: SSL_connect returned 0
Feb  7 10:33:25 mooru sshd[25101]: SSL_ERROR_SYSCALL
Feb  7 10:33:25 mooru sshd[25101]: TLS: can't connect.
Feb  7 10:33:25 mooru sshd[25101]: pam_ldap: ldap_starttls_s: Connect error

Bogged down I can login:

Feb  7 10:33:33 mooru sshd[25103]: SSL_connect returned 1