I tried openssl 1.0.1h where it checks for fips_mode() and prevents deadlock.
However without fips_mode still we are hitting deadlock. When can we expect
ssleay_rand_bytes() which doesn't use a CRYPTO_LOCK_RAND lock?
--
View this message in context:
http://openssl.6102.n7.nabble.com/Deadlock-in
On Wed, Aug 22, 2012, Seiichi Tatsukawa wrote:
> We are seeing the deadlock in FIPS 2.0. (1.0.1c + fips-2.0 and using
> AES256-SHA256 if that matters.) DRBG's auto reseeding (after 2^24 operations)
> causes it. Here is the simplified backtrace.
>
> fips_drbg_bytes()
> CRYPTO_w_lock(CRYPTO_LOCK
