From: Richard Levitte - VMS Whacker <[EMAIL PROTECTED]> levitte> From: [EMAIL PROTECTED] levitte> levitte> bodo> /* crypto/ex_data.c */ levitte> bodo> + levitte> bodo> +/* levitte> bodo> + * This is not thread-safe, nor can it be changed to become thread-safe levitte> bodo> + * without changing various function prototypes and using a lot of locking. levitte> bodo> + * Luckily, it's not really used anywhere except in ssl_verify_cert_chain levitte> bodo> + * via SSL_get_ex_data_X509_STORE_CTX_idx (ssl/ssl_cert.c), where levitte> bodo> + * new_func, dup_func, and free_func all are 0. levitte> bodo> + * levitte> bodo> + * Any multi-threaded application crazy enough to use ex_data for its own levitte> bodo> + * purposes had better make sure that SSL_get_ex_data_X509_STORE_CTX_idx levitte> bodo> + * is called once before multiple threads are created. levitte> bodo> + */ levitte> levitte> Not quite right. It's also used in the CHIL/hwcrhk engine as a clever levitte> tool to keep track of the actual "hardware" key that an RSA is levitte> connected to. And then I forgot to mention that application have good use of ex_data. For example, the verification callback takes only an SSL and an integer as arguments. If the application wants to pass down, say, data about an LDAP server where certificates to accept are stored, the only ways are through global variables or through the ex_data in the SSL structure. I wouldn't opt for global variables, especially in a threaded application... -- Richard Levitte \ Spannv�gen 38, II \ [EMAIL PROTECTED] Chairman@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 Redakteur@Stacken \ SWEDEN \ or +46-709-50 36 10 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Software Engineer, Celo Communications: http://www.celocom.com/ Unsolicited commercial email is subject to an archival fee of $400. See <http://www.stacken.kth.se/~levitte/mail/> for more info. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: cvs commit: openssl/ssl ssl_cert.c ssltest.c
Richard Levitte - VMS Whacker Fri, 15 Dec 2000 15:21:46 -0800
- Re: cvs commit: openssl/ssl ssl_cert.c sslte... Richard Levitte - VMS Whacker
- Re: cvs commit: openssl/ssl ssl_cert.c ... Richard Levitte - VMS Whacker
- Re: cvs commit: openssl/ssl ssl_cer... Dr S N Henson
- Re: cvs commit: openssl/ssl ssl_cer... Bodo Moeller
