Ensure that password hash generation from OpenSSL is atomic

This is supposed to solve a problem with segfaults caused by
race conditions withing the random byte generation of OpenSSL.

fixes #6279

diff --git a/lib/base/tlsutility.cpp b/lib/base/tlsutility.cpp
index 895582c628ed032346f6e9ccd344e0f31ed3f510..9b3c33fb2a89bd7af6000f3ab0f6fe0260d752b0 100644 (file)
--- a/lib/base/tlsutility.cpp
+++ b/lib/base/tlsutility.cpp
@@ -31,6 +31,7 @@ namespace icinga
 
 static bool l_SSLInitialized = false;
 static boost::mutex *l_Mutexes;
+static boost::mutex l_RandomMutex;
 
 #ifdef CRYPTO_LOCK
 static void OpenSSLLockingCallback(int mode, int type, const char *, int)
@@ -718,6 +719,11 @@ String RandomString(int length)
 {
        auto *bytes = new unsigned char[length];
 
+       /* Ensure that password generation is atomic. RAND_bytes is not thread-safe
+        * in OpenSSL < 1.1.0.
+        */
+       boost::mutex::scoped_lock lock(l_RandomMutex);
+
        if (!RAND_bytes(bytes, length)) {
                delete [] bytes;
 
@@ -730,6 +736,8 @@ String RandomString(int length)
                        << errinfo_openssl_error(ERR_peek_error()));
        }
 
+       lock.unlock();
+
        auto *output = new char[length * 2 + 1];
        for (int i = 0; i < length; i++)
                sprintf(output + 2 * i, "%02x", bytes[i]);