I'm getting a memcpy failure on line 594 of ssl\s3_pkt.c (openssl
0.9.5.a).It seems to only happen when I have several threads (5 +) in the
same application. It always occurs on the write, I have never had any
problems on a read. Further it always happens in the server side. I've
included a snippet of code from my initialization of the server side that
might be helpful in figuring this out - ie, did I make a stupid mistake in
setting things up. If anyone has seen this or has suggestions on how to
figure out why the memcpy fails when it *seems* to have a valid SSL_Record
struct please let me know. Is there an easy way for me to enable more
detailed debugging in the SSL library?
Any help would be appreciated.
Bill Browning
---- CODE SNIP ----
Class variables:
Class CSSLSocket{
*** LOTS OF STUFF SNIPPED OUT ***
static SSL_CTX *m_Ssl_ctx;
SSL *m_Ssl;
BIO *m_Ssl_bio;
BIO *m_Out;
static std::vector< std::pair<BIO *, SOCKET> > m_Open_SSLSockets;
};
Function:
bool CSSLSocket::InitializeSSLServer()
{
//create a new context struct
// we want to use SSL v.3 in server mode with fallback to
// SSL v.2.
if(m_Ssl_ctx == NULL)
{
m_Ssl_ctx = SSL_CTX_new(SSLv23_server_method());
}
if(m_Ssl_ctx == NULL)
{
printf("Failed to create new SSL context!\n");
return false;
}
else
{
if(!
SSL_CTX_use_certificate_file(m_Ssl_ctx,m_CertificateFile.ascii(),
SSL_FILETYPE_PEM))
{
ERR_print_errors_fp(stdout);
}
//set the private key to use.
if(!
SSL_CTX_use_PrivateKey_file(m_Ssl_ctx,m_CertificateFile.ascii(),SSL_FILETYPE
_PEM))
{
ERR_print_errors_fp(stdout);
}
//make sure the private key listed in the the PEM is okay.
if(! SSL_CTX_check_private_key(m_Ssl_ctx))
{
ERR_print_errors_fp(stdout);
}
SSL_CTX_set_cipher_list(m_Ssl_ctx, m_EnabledCiphers.ascii());
//set the statemachine.
m_Ssl = SSL_new(m_Ssl_ctx);
SSL_set_accept_state(m_Ssl);
SSL_set_options(m_Ssl,SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER);
//set up the server BIO
m_Ssl_bio = BIO_new(BIO_f_ssl());
BIO_set_ssl(m_Ssl_bio,m_Ssl, BIO_CLOSE);
//start accepting connections on the desired socket
m_Out = BIO_new_socket(m_hSocket, BIO_NOCLOSE );
if(m_Out == NULL)
{
ERR_print_errors_fp(stdout);
}
BIO_set_close(m_Out,0); //do not close the socket, the underlying
class can do that for us.
m_Out = BIO_push(m_Ssl_bio, m_Out);
}
m_CryptorActive = true;
pair< BIO *, SOCKET> item;
item.first = m_Out;
item.second = SocketHandle();
CSynchro::ESYNCH_ERROR eError = CSynchro::SUCCESS;
eError = m_csSSLSockets.Grab();
assert(eError == CSynchro::SUCCESS);
m_Open_SSLSockets.insert(m_Open_SSLSockets.end(),item);
m_csSSLSockets.Release();
_RPT1(_CRT_WARN, "\n\nCreating m_Out:%lx on socket: %lx\n\n",
m_Out,m_hSocket);
return true;
}
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
