Hi, Thanks for the response, steve.
So, irrepective of creating the openssl object per thread or globally for all threads, callback functions should be implemented to make the application thread safe? Thanks, Deiva Shanmugam On Wed, Sep 9, 2009 at 8:35 PM, Dr. Stephen Henson <[email protected]>wrote: > On Wed, Sep 09, 2009, deiva shanmugam wrote: > > > Hi, > > > > We are planning to make use of openssl crypto library in multithreaded > > environment. > > > > We call OpenSSL_add_all_algorithms() before creating threads and will > create > > BIO, EVP_KEY, SHA256 , SHA1 and RSA object in each thread and makes use > of > > the following functions: > > > > SHA1_Init BIO_new_mem_buf EVP_PKEY_get1 > > RSA_size > > SHA1_Final BIO_free EVP_PKEY_free > > RSA_PKCS1_PADDING > > SHA1_Update BIO_write EVP_cleanup > > RSA_free > > SHA256_Init BIO_flush > > RSA_verify > > SHA256_Final BIO_new > > SHA256_Update BIO_s_mem > > > > We found in the openssl website that "OpenSSL can safely be used in > > multi-threaded applications provided that at least two callback functions > > are set, locking_function and threadid_func." And from FAQ, its stated > that > > "Openssl is thread safe with limitations [ SSL connections may not be > used > > concurrently in many threads]" . > > > > So, can someone let us know that the functions mentioned above are MT > safe > > without implementing the two callback functions. > > > > Use of SHA* functions directly is not recommended, you should use EVP > instead. > > You need the callbacks for almost any usage because the locks are used to > maintain the error queue which is used by just about every subsection of > OpenSSL. > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [email protected] > Automated List Manager [email protected] >
