On 30.07.19 04:42, Dr Paul Dale wrote: > Bringing the discussions over to the project list.
That's a very good idea Pauli to bring this subject to a wider audience for discussion. I would like to take the opportunity to re-post a general remark which I made in https://github.com/openssl/openssl/issues/9455#issuecomment-515340391 > I am convinced that issues #9454 and #9455 might be only the tip of an iceberg > and we shouldn't just narrow down our focus and fix them as isolated issues. > Instead, the @openssl/omc should take them as an indication that it might be > necessary to pause and rethink the rules for how and when the low level core > routines are allowed to utilize higer level crypto routines (like RAND_bytes()). > Also, locking rules might be necessary to prevent lock-order inversion (#9454 (comment)). > Or it might be necessary to simplify the design, e.g. by replacing the context lock > and the store lock by a single lock. > > There has been a lot of replumbing going on recently and we need to take care that > the overall structure of OpenSSL remains stable and manageable. The double and > recursive lock issues are an indicator that things have become more complicated > "under the hood" (or should I say more appropriately "under the washing stand"?) > The original OpenSSL 3.0.0 Design document is only a snapshot from the very beginning. > It has not changed recently, and it might be a good time now to explitly write down > all the changes and innovations which have taken place since then. Matthias
