Mark Phalan wrote: > Because it fixes the race when libraries are correctly checking to see > if the callbacks are already set before setting their own. It's a one > or > two line change to modify the mis-behaving libraries and new libraries > can take advantage of the new locking.
Two questions: 1) Are you suggesting that OpenSSL would report the callbacks *set* on startup? 2) Is there a significant amount of existing code that checks if CRYTPO_get_locking_callback returns NULL and calls CRYPTO_set_locking_callback only if it does? If the answer to both of these questions is "yes", then your suggested fix would work for that code. Then your suggested fix along with a new API for new code to use might be the best solution. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
