Subject: Re: [libssh2] #229: static const EVP_CIPHER * make_ctr_evp (size_t keylen) in openssl.c not threadsafe

Re: [libssh2] #229: static const EVP_CIPHER * make_ctr_evp (size_t keylen) in openssl.c not threadsafe

From: libssh2 Trac <trac_at_libssh2.stuge.se>
Date: Wed, 28 Sep 2011 19:02:20 -0000

#229: static const EVP_CIPHER * make_ctr_evp (size_t keylen) in openssl.c
not threadsafe
-----------------------+-------------------
  Reporter: engstrom | Owner:
      Type: defect | Status: new
  Priority: normal | Milestone: 1.2.9
 Component: API | Version: 1.3.0
Resolution: | Keywords:
Blocked By: | Blocks:
-----------------------+-------------------

Comment (by engstrom):

 Replying to [comment:1 bagder]:
> Aren't you describing a bug in OpenSSL here? This tracker is only for
 libssh2 bugs...

 [I posted this yesterday and apologize if the moderator hasn't had a
 chance to approve the reply but on the chance that I screwed up the
 response I'm going to post it again]

 Nope, this is a libssh2 problem. Let me try and be more clear -
 make_ctr_evp() is a function in the libssh2 library
 (libssh2/src/openssl.c). The make_ctr_evp() function is modifying a
 static structure variable which then gets passed through to OpenSSL.
 While OpenSSL is using this structure subsequent libssh2 API calls which
 also are calling down into make_ctr_evp() modify the static structure
 variable by calling a memset() at line 322 of libssh2/src/openssl.c.

 One fix I have - that I'm not terribly happy with because it depends on
 the layout of the EVP_CIPHER structure which is part of OpenSSL and can
 change - is to statically initialize the structure so that we aren't
 overwriting an in-use structure with zeros.

 Here's the current 1.3.0 version of _libssh2_EVP_aes_128_ctr() in
 libssh2/src/openssl.c:

 const EVP_CIPHER *
 _libssh2_EVP_aes_128_ctr(void)
 {
     return make_ctr_evp (16);
 }

 Here's a version that statically initializes the structure and so does not
 exhibit the non-threadsafe problem:

 const EVP_CIPHER *
 _libssh2_EVP_aes_128_ctr(void)
 {
     static EVP_CIPHER aes_ctr_cipher16 = {0, 16, 16, 16, 0, aes_ctr_init,
 aes_ctr_do_cipher, aes_ctr_cleanup, 0, NULL, NULL, NULL, NULL};
     EVP_CIPHER test_aes_ctr_cipher;

     return &aes_ctr_cipher16;
 } 

-- 
Ticket URL: <http://trac.libssh2.org/ticket/229#comment:2>
libssh2 <http://trac.libssh2.org/>
C library for writing portable SSH2 clients
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2011-09-28