[reSIProcate] Bug in BaseSecurity
- From: "Matthias Moetje - TERASENS GmbH" <moetje@xxxxxxxxxxxx>
- Date: Sat, 21 Jan 2006 17:00:31 +0100
Hi,
I have found a little problem in resiprocate.
Our application has the ability to fire up and shut down the stack and
dum several times during its lifetime.
When firing up the stack a second time using SSL, the following assert
fails:
[security.cxx]
BaseSecurity::BaseSecurity (const CipherList& cipherSuite)...
...
mTlsCtx = SSL_CTX_new( TLSv1_method() );
assert(mTlsCtx); <== assertion fails ...
This is caused because of an error in
BaseSecurity::initialize ()
{
// TODO !cj! - this should only be called once - ues pthread_once
// It is not a huge bug if this runs twice because the calls cause no
harm
static bool done=false;
if (!done)
{
DebugLog( << "Setting up SSL library" );
SSL_library_init();
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
Random::initialize();
Timer::getTimeMs(); // initalize time offsets
// make sure that necessary algorithms exist:
assert(EVP_des_ede3_cbc());
done = true;
}
}
When SSL_library_init(); is not called, SSL_CTX_new will fail and return
NULL. Therefore the assertion fails.
I'd say, the comment is wrong. The code should be executed
always and not be controlled by a static variable. If at
all the "done" should be a member variable. Since "initialize"
is only called from the constructor, this is obsolete anyway.
I would suggest to completely get rid of the "done" variable
checking. Please comment if this is OK and if I can check in
this change.
Best regards,
Matthias Moetje