[Bug 60947] Segfault on startup when using mod_ssl with APR-crypto

[bu...@apache.org]

https://bz.apache.org/bugzilla/show_bug.cgi?id=60947

--- Comment #1 from Jacob Champion <jc...@apache.org> ---
More research:

1) OpenSSL 1.1.0 no longer requires the use of CRYPTO_THREADID_set_callback()
at all, and in fact the CRYPTO_THREADID_* stuff is now a no-op. See rsalz's
post at https://www.openssl.org/blog/blog/2017/02/21/threads/ .

2) OpenSSL 1.0.2 (and possibly prior, but I haven't verified) contains default
implementations for Windows and BeOS. For all other platforms, its fallback
implementation uses the address of errno to tell threads apart.

3) Our current implementation of the threadid callback is possibly incorrect on
some platforms, since we're using CRYPTO_THREADID_set_numeric() and truncating
an apr_os_thread_t into the space of an unsigned long. This opens up the
possibility of collisions. As a concrete example: this makes our implementation
objectively worse than the default implementation on Windows, because we
truncate a HANDLE into a long, whereas the default uses GetCurrentThreadId()
directly.

There is a CRYPTO_THREADID_set_pointer() that allows us to pass in a void*, and
if it turns out we have to set a threadid callback, I think we should prefer
the set_pointer() flavor if the native thread identifier is bigger than a long.

This is all making me feel like we should try to dump the callback entirely on
as many platforms as possible (i.e. those with an addressable, per-thread
errno), and decide what to do with the remaining platforms (if any) on a
case-by-case basis.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org