[
https://issues.apache.org/jira/browse/THRIFT-5313?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jens Geyer updated THRIFT-5313:
-------------------------------
Component/s: C++ - Library
> Set CRYPTO_set_id_callback for OpenSSL 1.0.X
> --------------------------------------------
>
> Key: THRIFT-5313
> URL: https://issues.apache.org/jira/browse/THRIFT-5313
> Project: Thrift
> Issue Type: Bug
> Components: C++ - Library
> Affects Versions: 0.9, 0.10.0, 0.11.0, 0.12.0, 0.13.0
> Reporter: Pavan Devaraj
> Priority: Major
>
> OpenSSL can generally be used safely in multi-threaded applications provided
> that at least two callback functions are set, the locking_function and
> threadid_func. This applies to [OpenSSL version 1.0.2 and
> earlier|https://www.openssl.org/blog/blog/2017/02/21/threads/].
> However, the thrift server has not set the threadid_func for OpenSSL version
> 1.0.X. So, with OpenSSL 1.0.X, multi-threaded clients fail to connect to the
> Thrift server, when connections are attempted simultaneously, especially with
> FIPS mode ON.
> This needs to be corrected by bumping up the OpenSSL version Check to include
> 1.0.X in the [TSSLSocket class|
> https://github.com/apache/thrift/blob/0.12.0/lib/cpp/src/thrift/transport/TSSLSocket.cpp#L128].
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
