-
-
Notifications
You must be signed in to change notification settings - Fork 10k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OPENSSL_strcasecmp #18069
OPENSSL_strcasecmp #18069
Conversation
Segfault in fipsinstall:
|
You might want to breakpoint on |
It is NULL in FIPS provider. What I want is to pass the global object to provider. |
Some of the code in crypto/ is duplicated inside the FIPS module, so you have two instances of any global state; one inside the normal libcrypto.so and one inside the FIPS module. It's likely that a separate locale object is being instantiated inside the FIPS module but that the initialization function you've defined isn't being called. |
7b78463 provided non-null locale_t but I still get segfault in FIPS module. Probably, the ossl_str[n]casecmp should be converted to upcalls both... |
@levitte is this a relevant check?
|
@beldmit you may want to embedd the locale init function as ca ll into ossl_strcasecmp/ossl_strncasecmp like this: Then change the impl:
This way if you have multiple static loc instantiations you will always be sure loc is autoinitialized at first use. I think the only issue maybe deinitialization, but that should be easy to handle with a library destructor, which should work also when you unload the fips.so module |
@simo5 I don't think so, it may cause races so will require locking. One-time initialization looks much better. |
@beldmit you are right, if you can make sure that the initialization is always run when each module that has a copy of the static variable is loaded |
So. This is out of WIP now. I still have to fix failing tests and writing the documentation, but the code is suitable for review. I'm also going to write 2 tests:
It's worth testing the proposed solution on Windows in Turkish locale, but I don't have it in my disposal. I believe after the fix is provided to master, it should be backported to 3.0. |
In theory on Windows platform |
fbdc7ce
to
720b5c6
Compare
Doing it via upcall is probably not a good idea as that means incompatibility of the provider across libcrypto versions. |
20ab70f
to
fe5ea43
Compare
6ae39ac
to
b5fe0e8
Compare
b5fe0e8
to
0fc3f6b
Compare
Ping for 2nd approve - I think @paulidale 's one needs to be reapproved. |
This pull request is ready to merge |
Merged. Many thanks! |
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #18069)
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #18069)
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #18069)
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #18069)
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#18069)
This is a WIP PR.
It basically consists of 2 parts:
The problem that I met is segfault in FIPS module because the global loc object isn't available in FIPS. What is a proper way to ensure its per-provider initialization and deinitialization?
TBD: tests
Checklist