[Botan-devel] Botan library with Netsieben core dump

Jack Lloyd lloyd at randombit.net
Mon Oct 26 18:31:05 EDT 2009


On Mon, Oct 26, 2009 at 03:22:54PM -0700, Neetu Garg wrote:

> My code in multithreaded (boost thread) and I am running on Linux. It creates different channel for all threads as specified in multithreaded example 
> of Netsieben library.Sometimes the code 
> runs just fine without any issue. Sometimes it coredumps. I tried checking all the core dumps 
> using gdb and looks like all the coming from Botan library calls.

As best I could tell, it appears ne7ssh is sharing a single RNG object
across all threads without any locking. This is not something that is
going to work out well.

Depending on performance characteristics it may make more sense to
serialize a single PRNG object or use TLS to maintain an RNG per
thread. I've attached a patch that does the former.

If it works for you, let me know and I'll forward it to the Netsieben
developers.

-Jack
-------------- next part --------------
;; This buffer is for notes you don't want to save, and for Lisp evaluation.
;; If you want to create a file, visit that file with C-x C-f,
;; then enter the text in that file's own buffer.

--- ne7ssh-1.3.1/src/ne7ssh.cpp 2009-05-05 15:24:44.000000000 -0400
+++ ne7ssh-1.3.1-locking/src/ne7ssh.cpp 2009-10-22 13:05:02.000000000 -0400
@@ -16,10 +16,12 @@
 
 #include <signal.h>
 #include <botan/init.h>
+#include <botan/auto_rng.h>
 #include "ne7ssh_string.h"
 #include "ne7ssh_connection.h"
 #include "ne7ssh.h"
 #include "ne7ssh_keys.h"
+#include "ne7ssh_mutex.h"
 
 #if defined(WIN32) || defined(__MINGW32__)
 #      define kill(pid,signo) raise(signo)
@@ -38,7 +40,7 @@
 Ne7sshError* ne7ssh::errs = NULL;
 
 #if !BOTAN_PRE_18 && !BOTAN_PRE_15
-AutoSeeded_RNG* ne7ssh::rng = NULL;
+RandomNumberGenerator* ne7ssh::rng = NULL;
 #endif
 
 #ifdef _DEMO_BUILD
@@ -60,6 +62,53 @@
 bool ne7ssh::running = false;
 bool ne7ssh::selectActive = true;
 
+class Locking_AutoSeeded_RNG : public Botan::RandomNumberGenerator
+   {
+   public:
+      Locking_AutoSeeded_RNG() { rng = new Botan::AutoSeeded_RNG(); }
+      ~Locking_AutoSeeded_RNG() { delete rng; }
+
+      void randomize(byte output[], u32bit length)
+         {
+         mutex.lock();
+         rng->randomize(output, length);
+         mutex.unlock();
+         }
+
+      void clear() throw()
+         {
+         mutex.lock();
+         rng->clear();
+         mutex.unlock();
+         }
+
+      std::string name() const { return rng->name(); }
+
+      void reseed(u32bit bits_to_collect)
+         {
+         mutex.lock();
+         rng->reseed(bits_to_collect);
+         mutex.unlock();
+         }
+
+      void add_entropy_source(EntropySource* source)
+         {
+         mutex.lock();
+         rng->add_entropy_source(source);
+         mutex.unlock();
+         }
+
+      void add_entropy(const byte in[], u32bit length)
+         {
+         mutex.lock();
+         rng->add_entropy(in, length);
+         mutex.unlock();
+         }
+   private:
+      Ne7ssh_Mutex mutex;
+      Botan::RandomNumberGenerator* rng;
+   };
+
 ne7ssh::ne7ssh() : connections(0), conCount(0)
 {
   errs = new Ne7sshError();
@@ -75,7 +124,7 @@
   allConns.count = 0;
 
 #if !BOTAN_PRE_18 && !BOTAN_PRE_15
-  ne7ssh::rng = new AutoSeeded_RNG();
+  ne7ssh::rng = new Locking_AutoSeeded_RNG();
 #endif
 
 #if !defined(WIN32) && !defined(__MINGW32__)
diff -ur ne7ssh-1.3.1/src/ne7ssh.h ne7ssh-1.3.1-locking/src/ne7ssh.h
--- ne7ssh-1.3.1/src/ne7ssh.h   2009-02-25 12:32:35.000000000 -0500
+++ ne7ssh-1.3.1-locking/src/ne7ssh.h   2009-10-22 12:59:11.000000000 -0400
@@ -30,7 +30,7 @@
 #define BOTAN_PRE_18 (BOTAN_VERSION_MINOR < 8)
 
 #if !BOTAN_PRE_18 && !BOTAN_PRE_15
-# include <botan/auto_rng.h>
+# include <botan/rng.h>
 #endif
 
 #include <stdlib.h>
@@ -144,7 +144,7 @@
 
   public:
 #if !BOTAN_PRE_18 && !BOTAN_PRE_15
-    static Botan::AutoSeeded_RNG *rng;
+    static Botan::RandomNumberGenerator *rng;
 #endif
     static const char* SSH_VERSION;
     static const char* KEX_ALGORITHMS;


More information about the botan-devel mailing list