openSSL read/write thread safety

Question

We have service using openSSL version 1.0.2h in multi threaded environment.

First thread runs blocking read, the other one is doing periodical writes.

It crashes from time to time somewhere inside libssl.so in SSL_write function. Code calling SSL_write looks absolutely legal, it operates with buffer allocated on stack of the calling function. Also crash is very rare which suggests it might be race condition.

I found the following article saying that using a single SSL object in two threads, one each for reading and writing is not safe, though CRYPTO_set_locking_callback is set. Is that correct? If yes, than what is the suggested way to resolve this? If I block mutex on a blocking read, I will not able to write.

1

Use two SSL objects? – Martin James Apr 08 '19 at 19:14

score 0 · Answer 1 · answered Apr 08 '19 at 23:10

0

We suggest modifying the timeout thresholds.

Tracing and debugging race condition is difficult and eventually you will have to change timeout and/or buffer parameters. Better study these parameters right now.

answered Apr 08 '19 at 23:10

Dudi Boy

4,551
1
15
30

I didn't really get how this will help to resolve race condition if it really exists? I tried to do simultaneous reads and writes in infinite loop and application worked perfectly fine for a whole day. I guess it's something else. – incognito Apr 11 '19 at 09:47

openSSL read/write thread safety

1 Answers1