Artifact [3361d36e77]
Bounty program for improvements to Tcl and certain Tcl packages.

Artifact 3361d36e774a6d6fabab5f50e921b4c5d2fddbd1:

Ticket change [3361d36e77] - New ticket [90be78af8b50e255|90be78af8b] <i>Crashes due to OpenSSL threading callbacks if interpreter is deleted</i>. by anonymous on 2017-01-19 18:54:42.
D 2017-01-19T18:54:42.928
J foundin 1.7.11
J icomment Hi.\sI\soriginally\sposted\sthis\shere:\shttps://sourceforge.net/p/tls/bugs/65/\r\n\r\nI'll\scopy\sthe\soriginal\sreport.\sAt\sthe\send\sI\sinclude\snew\sinformation.\r\n\r\n\r\nOriginal\sreport:\r\n\r\nI\srecently\sran\sinto\sa\scase\swhere\smy\sapplication\swould\scrash\swhen\susing\sthis\slibrary\s(1.6.7).\sI\sdetermined\sit\sto\sbe\srelated\sto\sthe\saddition\sof\sCRYPTO_set_locking_callback()\sand\sCRYPTO_set_id_callback().\sSpecifically,\swhen\sI\sdeleted\sthe\sTcl\sinterpreter\s(but\smy\sapplication\sremained\srunning),\sOpenSSL\sstill\scalled\sthe\scallback\sfunctions,\sbut\sthey\swere\sno\slonger\savailable.\r\n\r\nHere\sare\sthe\sgeneral\ssteps\sto\sreproduce\sthis\sbehaviour:\r\n\r\n\s\s\s\sHave\san\sapplication\swith\san\sOpenSSL\sSSL/TLS\sconnection\r\n\s\s\s\sCreate\sa\sTcl\sinterpreter\r\n\s\s\s\sLoad\sthis\spackage\r\n\s\s\s\sDelete\sthe\sTcl\sinterpreter\r\n\s\s\s\sTry\sto\sinteract\swith\sthe\sSSL/TLS\sconnection\r\n\r\nI\shave\sattached\sa\spatch\sthat\sresolves\sthe\sproblem.\sIt\sworks\sby\sregistering\sanother\scallback\sfor\swhen\sthe\sTcl\sinterpreter\sis\sdeleted.\sAt\sthat\spoint,\swe\sset\sthe\sOpenSSL\scallbacks\sto\swhat\sthey\swere\sprior\sto\sthis\slibrary\schanging\sthem.\r\n\r\nI\swrote\sa\spost\sabout\sthis\sissue\sand\smy\sinvestigation\sif\syou\swould\slike\sadditional\sbackground:\r\n\r\nhttps://blog.summercat.com/tcl-tls-openssl-threads-and-irssi-crashing.html\r\n\r\nI\sam\snot\scertain\sthat\sthe\spatch\sresolves\sall\spossible\sissues\swith\susing\sthese\sOpenSSL\scallbacks\showever.\sFor\sexample,\sconsider\sthe\scase\swhere\swe\shave\san\sapplication\sthat\sdoes\sthe\sfollowing:\r\n\r\n\s\s\s\sLoads\sthis\slibrary\s(leading\sto\sus\ssetting\sthe\scallbacks)\r\n\s\s\s\sApplication\sthen\ssets\sits\sown\sOpenSSL\scallbacks\s(unaware\sthey\swere\sset)\r\n\r\nAt\sthat\spoint,\scan\swe\sguarantee\sthe\snew\scallbacks\sare\ssufficient?\sAlso,\sif\swe\sthen\sthrow\sinto\sthe\smix\sunloading\sthis\slibrary,\swe're\sin\sthe\ssituation\swhere\sthere\sare\sno\scallbacks\sset\sat\sall.\r\n\r\nPerhaps\sthis\sis\sa\sfar\sout\spossibility.\sIt\smakes\sme\swonder\swhether\sit\sis\sappropriate\sfor\sthis\slibrary\sto\sbe\ssetting\sthese\sat\sall\sthough.\sI\swould\sbe\svery\sinterested\sin\syour\sthoughts\son\sthe\smatter\sas\sI\sam\sby\sno\smeans\san\sexpert\shere.\r\n\r\nOriginal\spatch\s(1.6.7):\shttps://sourceforge.net/p/tls/bugs/65/attachment/tcl-tls-openssl-callbacks.diff\r\n\r\n\r\nNew\sinformation:\r\n\r\nI\sre-tested\sthis\swith\s1.7.11.\sI\sfound\sthe\scrash\sstill\soccurs.\sI\supdated\smy\spatch\sagainst\s1.7.11:\r\n\r\nhttps://sourceforge.net/p/tls/bugs/_discuss/thread/60039baf/3703/attachment/tcl-tls-openssl-callbacks-1.7.11.diff\r\n\r\nOne\sthing\sI\shave\snot\sfigured\sout\syet\sis\sthis:\sThe\scrash\shappens\swhen\sI\stest\son\sDebian\sJessie\s(both\s1.6.7\sand\s1.7.11),\sbut\snot\swhen\sI\stest\sin\sDebian\sStretch.\sI\sbelieve\sthis\smay\sbe\sdue\sto\sthe\sdifferent\sopenssl\sversion.\s(Jessie\sis\son\s1.0.1\sand\sStretch\son\s1.1.0).\r\n\r\nI\snoticed\sthere\sis\snow\sa\sparameter\sto\sdeinitialize\sthe\sinterpreter\s(to\sTclLibInit).\sI\swonder\sif\smy\sstrategy\scould\sbe\scombined\sbetter\swith\sthat\sapproach.\r\n\r\nIf\sI\scan\sprovide\sany\smore\sinformation,\splease\slet\sme\sknow.\r\n\r\nThanks\sfor\syour\stime.
J login anonymous
J mimetype text/x-fossil-plain
J private_contact 04c1862265e2a8b43d5fea3ea2054987c3e1d7de
J severity Important
J status Open
J title Crashes\sdue\sto\sOpenSSL\sthreading\scallbacks\sif\sinterpreter\sis\sdeleted
J type Code\sDefect
K 90be78af8b50e255e82ae9218fe170c9d50f21aa
U anonymous
Z 9e88215d32584a8ee0c83d89f4977cd8