[cl-plus-ssl-devel] cl+ssl crashing in hunchentoot, and a possible bug in ffi.lisp

[Anton Vodonosov]

Hello.

I personally can say nothing about the problem, investigation is needed.

About cl+ssl/ffi.lisp. You are looking at two different functions:

SSL_CTX_use_RSAPrivateKey_file
SSL_CTX_use_certificate_file

>  "If you are assigning many SSL sessions to the same CTX structure and all
>   sessions will use the same certificate, issue the SSL_CTX_use_certificate_file
>   function once to assign the certificate to the CTX structure rather than issuing
>   the SSL_use_certificate_file once for each SSL session."
>
> so it is arguable that CL+SSL is not doing what is advised.   But I don't think
> that this is what is causing the crashes, because I tried hacking it load the
> certs into the CTX once, and it still failed (but didn't coredump any more, just
> had some fraction of failed SSL connections - weird).

If your changes affect the crash (prevent it), then it might be the right direction.
The global context accessed simultaneously from many threads.

Can it be that the failed SSL connections after your changes are result of some
unrelated mistake you have in your changes?

Best regards,
- Anton

01.04.2011, 06:39, "JTK" <jetmonk at gmail.com>:
> It seems that hunchentoot  (which uses CL+SSL) is crashing under threaded
> concurrent SSL access [1] and it doesn't seem that it is using CL+SSL
> incorrectly.   Is this a known problem, and is there some way to
> determine if it is CL+SSL or Hunchentoot?
>
> Also, I think that in cl+ssl/ffi.lisp
>
> (cffi:defcfun
>    ("SSL_CTX_use_RSAPrivateKey_file" ssl-ctx-use-rsa-privatekey-file)
>    :int
>  (ctx ssl-ctx)
>  (type :int))
>
> may be incorrect because the C definition is
> int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
>
> hence it seems it should be:
>
> (cffi:defcfun
>    ("SSL_CTX_use_RSAPrivateKey_file" ssl-ctx-use-rsa-privatekey-file)
>    :int
>  (ctx ssl-ctx)
>  (file :string) ;; this is missing
>  (type :int))
>
> This won't change much, because this function does not seem to be used.
>
> I found this out in trying to figure out why concurrent ssl was crashing Hunchentoot.
> I learned that SSL_use_certificate_file  should perhaps be avoided [3] because
>
>  "If you are assigning many SSL sessions to the same CTX structure and all
>   sessions will use the same certificate, issue the SSL_CTX_use_certificate_file
>   function once to assign the certificate to the CTX structure rather than issuing
>   the SSL_use_certificate_file once for each SSL session."
>
> so it is arguable that CL+SSL is not doing what is advised.   But I don't think
> that this is what is causing the crashes, because I tried hacking it load the
> certs into the CTX once, and it still failed (but didn't coredump any more, just
> had some fraction of failed SSL connections - weird).
>
> (Also, it appears that the docs to libssl don't guarantee that parameter
> strings like 'file' are not saved, meaning one would have to call with a malloc'ed
> C-string, not a temporary lisp-to-C string, but in fact it seems that the value
> of file is used then discarded, so it is OK as-is.  Malloc'ing 'file' didn't prevent hunchentoot
> from crashing.)
>
> [1]  http://common-lisp.net/pipermail/tbnl-devel/2011-March/005503.html
>
> [2]  http://www.openssl.org/docs/ssl/SSL_CTX_use_certificate.html
>
> [3]  http://publib.boulder.ibm.com/infocenter/tpfhelp/current/index.jsp?topic=/com.ibm.ztpf-ztpfdf.doc_put.cur/gtpc2/cpp_ssl_ctx_use_rsaprivatekey_file.html
>
> - John Klein
> _______________________________________________
> cl-plus-ssl-devel mailing list
> cl-plus-ssl-devel at common-lisp.net
> http://common-lisp.net/cgi-bin/mailman/listinfo/cl-plus-ssl-devel