test3207 - OpenGrok history log for /curl/tests/data/test3207

Revision		Date	Author	Comments
# a2bcec0e		31-Aug-2024	Aki Sakurai <75532970+AkiSakurai@users.noreply.github.com>	openssl: fix the data race when sharing an SSL session between threads The SSL_Session object is mutated during connection inside openssl, and it might not be thread-safe. Besides, accor openssl: fix the data race when sharing an SSL session between threads The SSL_Session object is mutated during connection inside openssl, and it might not be thread-safe. Besides, according to documentation of openssl: ``` SSL_SESSION objects keep internal link information about the session cache list, when being inserted into one SSL_CTX object's session cache. One SSL_SESSION object, regardless of its reference count, must therefore only be used with one SSL_CTX object (and the SSL objects created from this SSL_CTX object). ``` If I understand correctly, it is not safe to share it even in a single thread. Instead, serialize the SSL_SESSION before adding it to the cache, and deserialize it after retrieving it from the cache, so that no concurrent write to the same object is infeasible. Also - add a ci test for thread sanitizer - add a test for sharing ssl sessions concurrently - avoid redefining memory functions when not building libcurl, but including the soruce in libtest - increase the concurrent connections limit in sws Notice that there are fix for a global data race for openssl which is not yet release. The fix is cherry pick for the ci test with thread sanitizer. https://github.com/openssl/openssl/commit/d8def79838cd0d5e7c21d217aa26edb5229f0ab4 Closes #14751 show more ...

Revision

Date

Author

Comments

# a2bcec0e

31-Aug-2024

Aki Sakurai <75532970+AkiSakurai@users.noreply.github.com>

openssl: fix the data race when sharing an SSL session between threads

The SSL_Session object is mutated during connection inside openssl,
and it might not be thread-safe. Besides, accor

openssl: fix the data race when sharing an SSL session between threads

The SSL_Session object is mutated during connection inside openssl,
and it might not be thread-safe. Besides, according to documentation
of openssl:

```
SSL_SESSION objects keep internal link information about the session
cache list, when being inserted into one SSL_CTX object's session
cache. One SSL_SESSION object, regardless of its reference count,
must therefore only be used with one SSL_CTX object (and the SSL
objects created from this SSL_CTX object).
```
If I understand correctly, it is not safe to share it even in a
single thread.

Instead, serialize the SSL_SESSION before adding it to the cache,
and deserialize it after retrieving it from the cache, so that no
concurrent write to the same object is infeasible.

Also
- add a ci test for thread sanitizer
- add a test for sharing ssl sessions concurrently
- avoid redefining memory functions when not building libcurl, but
including the soruce in libtest
- increase the concurrent connections limit in sws

Notice that there are fix for a global data race for openssl which
is not yet release. The fix is cherry pick for the ci test with
thread sanitizer.
https://github.com/openssl/openssl/commit/d8def79838cd0d5e7c21d217aa26edb5229f0ab4

Closes #14751