On Monday 27 February 2012, Dr Stephen Henson wrote: > Hmmm... it looks like there is a race condition in here:
> Consider two threads calling that at once with init == 0. The > static variable ecdh could end up being modified by two threads > simultaneously. > > You could include a lock in there or just call ssl_callback_tmpECDH > before starting any threads. Alternatively if you're just setting > one curve then you might as well call SSL_CTX_set_tmp_ecdh and > avoid the callback altogether. Thanks, this was indeed the problem. I have changed ssl_callback_tmpECDH to work more like the respectiveDH and RSA functions, see r1294306. I noticed that the ssl_callback_tmp* functions may return a different key length than requested. Is this a problem?
