< Previous by Date Date Index Next by Date >
  Thread Index  

[reSIProcate] Bug in BaseSecurity


Hi,

I have found a little problem in resiprocate.

Our application has the ability to fire up and shut down the stack and
dum several times during its lifetime.

When firing up the stack a second time using SSL, the following assert
fails: 

[security.cxx]
BaseSecurity::BaseSecurity (const CipherList& cipherSuite)...
...
   mTlsCtx = SSL_CTX_new( TLSv1_method() );
   assert(mTlsCtx);  <== assertion fails ...


This is caused because of an error in 
 
BaseSecurity::initialize ()
{
   // TODO !cj! - this should only be called once - ues pthread_once
   // It is not a huge bug if this runs twice because the calls cause no
harm 
   static bool done=false;
   if (!done)
   {
      DebugLog( << "Setting up SSL library" );
      
      SSL_library_init();
      SSL_load_error_strings();
      OpenSSL_add_all_algorithms();
      
      Random::initialize();
      Timer::getTimeMs(); // initalize time offsets
      
      // make sure that necessary algorithms exist:
      assert(EVP_des_ede3_cbc());
      
      done = true;
   }
}

When SSL_library_init(); is not called, SSL_CTX_new will fail and return
NULL. Therefore the assertion fails.


I'd say, the comment is wrong. The code should be executed
always and not be controlled by a static variable. If at 
all the "done" should be a member variable. Since "initialize"
is only called from the constructor, this is obsolete anyway.

I would suggest to completely get rid of the "done" variable
checking. Please comment if this is OK and if I can check in 
this change.


Best regards,

Matthias Moetje