On Wed, Dec 06, 2006 at 06:20:55PM +0000, Darryl Miles wrote: > Joe Orton wrote: > >What I do with OpenSSL in neon is to check that the existing callback is > >NULL before registering a new callback; and likewise to check that the > >ID callback is the one neon previously registered before un-registering > >it later. If everybody did that it would be relatively safe. > > Is there an API to get the current value ?
Yes, CRYPTO_get_locking_callback/CRYPTO_get_id_callback. > It shouldn't be too hard to attach a piece of memory to a keyed > namespace which the core module maintains. 3 primitives should do the > trick. data = get(key), set(key, data), set_if_null(key, data) where > the set_if_null() operation is especially thread-safe. Well, you could do this with pool userdata already but I'm not sure there's much point, the co-operation problem still exists with third-party libraries (e.g. PHP + curl). I have no idea if libraries using OpenSSL via APR-util mess with this stuff either; they could well in the future if not already. (OpenLDAP, Postgres, ...?) joe
