Ubuntu
openssl package

Bug #1951943
Comment #0

Comment 0 for bug 1951943

Revision history for this message

Dimitri John Ledkov (xnox) wrote on 2021-11-23:

[Impact]

* Engine crashes when loading the configuration more than once

* Upstream started to avoid loading engines twice by using dynamic ids to track the loaded engines correctly

* OpenSSL 3 merge https://github.com/openssl/openssl/pull/17073 (bugfix & testcase)

* OpenSSL 1.1.1 backports:
https://github.com/openssl/openssl/commit/9b06ebb1edfddffea083ba36090af7eb7cad207b (bugfix)
https://github.com/openssl/openssl/pull/17083 (test case)

[Test Plan]

* https://github.com/openssl/openssl/issues/17023 lists multiple ways how one can trigger the issue at hand, but also test case implements this issue too by explicitly attempting to load an engine multiple times and checking that it is operational.

[Where problems could occur]

* Separately we have started to fix userspace packages that needlessly load configuration files multiple times, which used to trigger this issue. The codepaths changed are with engine use, how they are loaded/unloaded/used. It is possible that this fix will make some engines to start working and be used resulting in new behaviour. But also exposing bugs in the engines that previously were installed & configured but not actually used.

[Other Info]

* Previous bug reports about this issues are:
https://bugs.launchpad.net/ubuntu/+source/wget/+bug/1921518
https://bugs.launchpad.net/ubuntu/+source/curl/+bug/1940528

Ubuntuopenssl package

Comment 0 for bug 1951943

Ubuntu
openssl package