Nick Kew wrote:
On Tue, 05 Dec 2006 21:45:48 +0100
Frank <[EMAIL PROTECTED]> wrote:
Hi,
I am developing a module (using OpenSSL) for apache 2.2.3 and wonder
how to make it thread safe.
Is OpenSSL not thread-safe?
Yes and no. http://www.openssl.org/docs/crypto/threads.html says:
"OpenSSL can safely be used in multi-threaded applications provided that
at least two callback functions are set."
... and that are 'CRYPTO_set_locking_callback' and
'CRYPTO_set_id_callback'. (And these are 'global' callbacks! These are
not callbacks I give as a parameter to an individual OpenSSL-function to
make it called only inside the local scope of that particular function!)
If it's not, how does mod_ssl deal with it? And if it is, where's
the problem?
I do not know what might happen if my module is calling the above two
functions to set the callbacks while mod_ssl does so, too. If I tried it
out everything seems to work, but this may be, because that callbacks
are never get called or it happens in an environment where it makes no
difference or it just works coz' I am a lucky guy or whatever....
So my question is:
- Should I call 'ssl_util_thread_setup' too and a (maybe) second call
to that function doesn't create problems?
If that's a library initialisation function, call it at server startup.
But it calls things like 'apr_thread_mutex_create' and the two callbacks
mentioned above... It's not a real library initialisation function!
Especially because it didn't test for being already called... You see I
am an extremely cautious guy. (Or call it coward.)
- Should there be a 'Someone_already_called_me_so_go_home'-Variable
inside the function 'ssl_util_thread_setup' to prevent it from being
called twice?
What happens if it's called twice? What does mod_ssl do?
Everthing seems to work, but maybe this is just luck. (See above.)
- Do I understand something wrong?
- What is the correct approach to solve this dilemma?
My chapter 4 discusses thread-safety and external libraries.
But I know nothing about OpenSSL, and I suspect you might be
seeing a problem where none exists.
When the library opens I will take a look at it, but I suspect that your
book will not help me in this case...
I am still confused about that topic...
Frank
