Fix thread safety issue in RSA operations
The race was due to mpi_exp_mod storing a Montgomery coefficient in the context (RM, RP, RQ). The fix was verified with -fsanitize-thread using ssl_pthread_server and two concurrent clients. A more fine-grained fix should be possible, locking just enough time to check if those values are OK and set them if not, rather than locking for the whole mpi_exp_mod() operation, but it will be for later.
Showing with 14 additions and 1 deletion