Agreed. However the code in fips-1.0/rand/fips_rand.c does call getpid(2), and our application does have to run on Linux <2.4.20. Also, my understanding is that one can not change the FIPS module code without violating the validation. Does this mean that the current FIPS module implementation is not compatible with the original LinuxThreads?
Thank you for the response. -- Best regards, Dmitriy Khodos -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Darryl Miles Sent: Wednesday, July 19, 2006 10:26 AM To: openssl-users@openssl.org Subject: Re: Issue with FIPS PRNG in multi-threaded program under Linux Dmitriy Khodos wrote: > The function fails if the PID does not match. However, > since PID is obtained by calling getpid(2), under Linux it is going to be > different in different threads. It depends which version of Linux you are running and which thread implementation you have at runtime. The current scheme with Linux 2.6 and NPTL is a 1:1 thread implementation keeps the getpid() the same but pthread_self() is unique. I think all useful version of threads on linux are a pthreads implementation with a working pthread_self() function. There is also gettid() on linux. Darryl ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]