In message <[EMAIL PROTECTED]> on Mon, 09 Dec 2002
11:17:07 +0000, Bertie <[EMAIL PROTECTED]> said:
bertie> The patch fixed the CRYPTO_get_new_dynlockid() bug. Maybe
bertie> CRYPTO_lock could also be made safer when called with an
bertie> invalid lockid, do you think it should assert rather silently
bertie> do nothing ?
That makes sense. OK, I'll add an OPENSSL_assert() just after the
fetch of the pointer in there.
bertie> My mod_ssl callback implementation was also broken because I
bertie> was using a global apr_pool_t variable to pass in to
bertie> apr_thread_mutex_create() in my dyn_create_callback
bertie> function. This doesn't work in a multi-process, multi-threaded
bertie> environment.
bertie> It would be good for CRYPTO_set_dynlock_create_callback() to
bertie> take an app defined structure which gets returned to the
bertie> caller in ssl_util_dyn_create_function(). So something like:
bertie>
bertie> struct CRYPTO_dynlock_value *dyn_create_function(struct
bertie> CRYPTO_dynlock_context *context, const char *file, int line)
bertie> void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_context
bertie> *context,
bertie> struct CRYPTO_dynlock_value *(*dyn_create_function)(struct
bertie> CRYPTO_dynlock_context *context,const char *file, int line))
Could actually just be a void*, since the OpenSSL routines wouldn't
care at all about the value of the pointer. Of course, that would
require some casting, but in this case, I don't see that as a problem
(and we pass void* for user data to most of our callbacks today
anyway).
I'll ponder that. I understand the use, it's just that this close to
a final beta release, I'm quite reluctant to add new functionality...
bertie> BTW: You never replied to the mail with subject "Requiring
bertie> multithreaded apps to provide dynamic locking upcalls" was
bertie> this because you agreed with it :-)
Not really. It's more like "haven't quite had the time to really read
it, have marked it for later processing"... I will respond to one
small part, however: you're suggesting breaking the API for 0.9.7.
However, we're at the end of the release cycle, and making such a
break is a rather large effort, and would basically mean that the
release cycle would start over. Therefore, I must say that it won't
happen for 0.9.7. I'll ponder over this for 0.9.8.
--
Richard Levitte \ Spannv�gen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
\ SWEDEN \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
