openssl_init in multithreaded programs

[Greg Hudson]

On 06/10/2015 12:05 PM, sorin.manolache at orange.com wrote:
> I'm getting segfaults when krb5 calls 
> pkinit_init_plg_crypto->openssl_init->OPENSSL_add_all_algorithms_noconf.
> 
> openssl_init in pkinit_crypto_openssl.c has the following code:
[...]

In 1.13 we switched to doing this in a library initializer, which gets
run only once as long as the PKINIT module isn't unloaded.  We also
switched to loading modules with RTLD_NODELETE on platforms which have it.

We could, of course, still race with another thread calling another
library which happens to initialize OpenSSL.

It's also worth noting that we never tear down OpenSSL (because we have
no way of knowing whether the application or another library is still
using it), so all of the heap memory it allocates could get lost if the
PKINIT module and OpenSSL library are unloaded.  This shouldn't happen
with 1.13 on platforms with RTLD_NODELETE.

> Is this a bug in krb5? Or should I use the exclusion mechanisms of 
> OpenSSL (https://www.openssl.org/docs/crypto/threads.html) before 
> calling any krb5 function?

It's kind of a bug in krb5 (even with the 1.13 changes), but it's not a
bug we can currently fix.  OpenSSL can't be used safely from a library
in a multithreaded application without help from the calling
application, or without special considerations in the library API (such
as a function the calling application is required to invoke before
spawning any threads).

So, while you'd be less likely to have issues with 1.13, it's probably
better to use the exclusion mechanisms in your application.