ameihm0912
commented
6 years ago See also https://github.com/mozilla-services/lua_sandbox_extensions/pull/380
@trink any thoughts on this appreciated, or suggestions on a better approach to fix this
Closed ameihm0912 closed 6 years ago
ameihm0912
commented
6 years ago See also https://github.com/mozilla-services/lua_sandbox_extensions/pull/380
@trink any thoughts on this appreciated, or suggestions on a better approach to fix this
ameihm0912
commented
6 years ago @trink makes sense, updated
Various sandboxes and modules hindsight makes use of require OpenSSL, including modules such as the lua_sandbox_extensions aws, ssl, and openssl modules.
For OpenSSL to execute correctly within a threaded process callbacks need to be installed to support platform specific locking and thread identification.
Prior to this change it was highly dependent on the modules to decide to implement the callbacks, e.g., some would (aws, openssl) some would not (ssl). In cases where the modules implemented the callback, the function pointer would typically be set to a function within the mapped shared object of a given module.
This causes strange behavior if a module is unmapped from hindsight, as a configured callback function pointer may no longer be valid anymore.
This change links OpenSSL with hindsight and configures callbacks in main to ensure they are configured and will point to code that will be available for the lifetime of the process.