Hi Juan,
These patches collectively fix bug 18364, which was a crash in OpenSSL in a multithreaded app (utorrent.exe.)
The bug reporter sees long delays between torrents starting up after applying these patches, which makes we wonder if the ssl lock effectively serializes secure https requests?
Would patch 1 and 3 not be sufficient to fix the utorrent crash?
-Hans
Hi Hans,
The bug reporter sees long delays between torrents starting up after applying these patches, which makes we wonder if the ssl lock effectively serializes secure https requests?
There isn't a single SSL lock. There's an interlocked exchange for assigning SSL_CTX, which should only be created once except in a race between threads. There's a critical section to protect against two threads initializing the SSL library at the same time. Finally, there are a number of SSL locks (CRYPTO_num_locks() many, specifically) that OpenSSL uses. When I was debugging it, there are at least 16 of them. So I don't think serialization of locks is the root cause of the slowdown.
Would patch 1 and 3 not be sufficient to fix the utorrent crash?
I don't think so. Other apps have had similar crashes with the equivalent of patch 2 not applied, and the OpenSSL man page warns of random crashes due to failing to implement and set these callbacks. --Juan
-
Hans Leidekker -
Juan Lang