libssl: multi-process session id cache does not work on mac os x 5.10.8(darwin) and linux

Assigned to


9 years ago
8 years ago


(Reporter: Alexei Volkov, Assigned: Alexei Volkov)


(Blocks: 1 bug)

Firefox Tracking Flags

(Not tracked)




9 years ago
Have not looked at the problem on linux, but when selfserv starts with args:

dopushups$ selfserv -D -p 10443 -d ../server -n -B -s           -w nss -r -r -u -z -i ../tests_pid.30862 -M 2

It returns two lines:
Child 2 exited with exit code 1
Child 1 exited with exit code 1


On Mac OS X function sslmutex.c:500: rv = sem_init(&pMutex->u.sem, shared, 1); get called with stack:

0  sslMutex_Init (pMutex=0x10000a4, shared=1) at sslmutex.c:551
#1  0x00080b4a in InitCache (cache=0x93f40, maxCacheEntries=1024, maxCertCacheEntries=1024, maxSrvNameCacheEntries=-1, ssl2_timeout=0, ssl3_timeout=0, directory=0xbffff72b "/export/ws/nss-3.12-sni/mozilla/tests_results/security/alexei-volkovs-macbook-pro.1/pkix/server/tmp", shared=1) at sslsnce.c:1278
#2  0x00080c77 in ssl_ConfigServerSessionIDCacheInstanceWithOpt (cache=0x93f40, ssl2_timeout=0, ssl3_timeout=0, directory=0xbffff72b "/export/ws/nss-3.12-sni/mozilla/tests_results/security/alexei-volkovs-macbook-pro.1/pkix/server/tmp", shared=1, maxCacheEntries=1024, maxCertCacheEntries=1024, maxSrvNameCacheEntries=-1) at sslsnce.c:1339
#3  0x00080e0f in ssl_ConfigMPServerSIDCacheWithOpt (ssl2_timeout=0, ssl3_timeout=0, directory=0xbffff72b "/export/ws/nss-3.12-sni/mozilla/tests_results/security/alexei-volkovs-macbook-pro.1/pkix/server/tmp", maxCacheEntries=1024, maxCertCacheEntries=-1, maxSrvNameCacheEntries=-1) at sslsnce.c:1420
#4  0x00080fa4 in SSL_ConfigMPServerSIDCache (maxCacheEntries=1024, ssl2_timeout=0, ssl3_timeout=0, directory=0xbffff72b "/export/ws/nss-3.12-sni/mozilla/tests_results/security/alexei-volkovs-macbook-pro.1/pkix/server/tmp") at sslsnce.c:1471
#5  0x000067b1 in main (argc=20, argv=0xbffff060) at selfserv.c:2155

The function returns error code -1. errno is set to 78.

More info to come...


9 years ago
Blocks: 360421

Comment 1

9 years ago
The sem_init() call is an optional feature of Posix.  See:

where it mentions ENOSYS.  Last time I checked, MacOS returns ENOSYS to sem_init (there's no man page for sem_init, only sem_open on MacOS).

I notice NSPR has PR_NewSem (possibly obsolete), but it looks like it's implemented using PR_Lock so it loses the async-signal-safe property of sem_post.

I wrote code to emulate sem_init/sem_post/etc on MacOS using a pthread mutex and a pipe where the sem_post replacement only writes to the pipe so it's async-signal-safe.
You need to log in before you can comment on or make changes to this bug.