On 14/06/2019 11:09, Serti Ayoub wrote: > > I can't provide a sample to reproduce the crash, it's totaly random. > > Here example of thread call stack: Yes, this does look like a bug. My guess is most people don't hit this because they don't set SSL_OP_NO_TICKET in TLSv1.3. The default behaviour is to use stateless tickets which aren't shared between threads, so no race condition is possible. However, with SSL_OP_NO_TICKET we use stateful tickets which means the session objects *are* shared. Session objects are supposed to be immutable after the initial handshake is complete so that this sort of thing doesn't happen. Looks like that isn't the case in the handling of supported groups. In reality there is no reason at all to store the supported groups information in the session object since we don't reuse that information from one session resume to another anyway so its just misplaced in the session object. Please try out this patch: https://github.com/openssl/openssl/pull/9162 Matt
